Webservice-DIC yoyaku_v41 allows remote attackers to execute arbitrary OS commands via unspecified vectors.
Monthly Archives: July 2015
CVE-2015-4286 (unified_computing_system_central_software)
The web framework in Cisco UCS Central Software 1.3(0.99) allows remote attackers to read arbitrary files via a crafted HTTP request, aka Bug ID CSCuu41377.
CVE-2015-4290 (anyconnect_secure_mobility_client)
The kernel extension in Cisco AnyConnect Secure Mobility Client 4.0(2049) on OS X allows local users to cause a denial of service (panic) via vectors involving contiguous memory locations, aka Bug ID CSCut12255.
CVE-2015-5477 (bind)
named in ISC BIND 9.x before 9.9.7-P2 and 9.10.x before 9.10.2-P3 allows remote attackers to cause a denial of service (REQUIRE assertion failure and daemon exit) via TKEY queries.
Bugtraq: FreeBSD Security Advisory FreeBSD-SA-15:15.tcp
FreeBSD Security Advisory FreeBSD-SA-15:15.tcp
Bugtraq: FreeBSD Security Advisory FreeBSD-SA-15:16.openssh
FreeBSD Security Advisory FreeBSD-SA-15:16.openssh
Bugtraq: FreeBSD Security Advisory FreeBSD-SA-15:17.bind
FreeBSD Security Advisory FreeBSD-SA-15:17.bind
Bugtraq: phpFileManager 0.9.8 CSRF Backdoor Shell Vulnerability
phpFileManager 0.9.8 CSRF Backdoor Shell Vulnerability
WordPress 1-Click Retweet/Share/Like 5.2 Cross Site Scripting
WordPress 1-click Retweet / Share / Like plugin version 5.2 suffers from a cross site scripting vulnerability.