Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service, unauthorised
information disclosure or unauthorised information modification.
Monthly Archives: October 2015
CESA-2015:1889 Important CentOS 6 spice-serverSecurity Update
CentOS Errata and Security Advisory 2015:1889 Important Upstream details at : https://rhn.redhat.com/errata/RHSA-2015-1889.html The following updated files have been uploaded and are currently syncing to the mirrors: ( sha256sum Filename ) x86_64: 48643f342673588b60585bde6ee2f6267c7efb4aca58f5d22d8dafcfee2dc77f spice-server-0.12.4-12.el6_7.3.x86_64.rpm be05fbaa5cab61394106aafe500f342fc0ec2164807c8e46d9f59d31520738a3 spice-server-devel-0.12.4-12.el6_7.3.x86_64.rpm Source: 085674b2a16790d3debe759958f2a430ff3aaa18b01088c5bc1e7b29b56d9b26 spice-server-0.12.4-12.el6_7.3.src.rpm
libsndfile 1.0.25 Heap Overflow
libsndfile versions 1.0.25 and below suffer from a heap overflow vulnerability.
WordPress Font 7.5 Path Traversal
WordPress Font plugin version 7.5 suffers from a path traversal vulnerability.
WordPress Pie Register 2.0.18 SQL Injection
WordPress Pie Register plugin version 2.0.18 suffers from multiple remote blind SQL injection vulnerabilities.
ZHONE Remote Code Execution
ZHONE ZNID GPON 2426A versions prior to S3.0.501 suffer from buffer overflow vulnerabilities.
WordPress Pie Register 2.0.18 Cross Site Scripting
WordPress Pie Register plugin version 2.0.18 suffers from a cross site scripting vulnerability.
Password Safe And Repository Enterprise 7.4.4 Build 2247 SQL Injection
Password Safe and Repository Enterprise version 7.4.4 Build 2247 suffers from remote SQL injection and authentication bypass vulnerabilities.
GetSimple CMS 3.3.7 Cross Site Scripting
GetSimple CMS version 3.3.7 suffers from a cross site scripting vulnerability.
Password Safe And Repository Enterprise 7.4.4 Build 2247 Crypto Issues
Password Safe and Repository Enterprise version 7.4.4 Build 2247 suffers from insufficiently protecting credentials by using an unsalted MD5 hash for protection.