Cross-site scripting (XSS) vulnerability in IBM Maximo Asset Management 7.5 before 7.5.0.9 IF2 and 7.6 before 7.6.0.3 FP3 and Maximo Asset Management 7.5 before 7.5.0.9 IF2, 7.5.1, and 7.6 before 7.6.0.3 FP3 for SmartCloud Control Desk allows remote authenticated users to inject arbitrary web script or HTML via a crafted URL.
Monthly Archives: January 2016
Bugtraq: OSS-2016-02: Weak authentication in NXP Hitag S transponder allows an attacker to read, write and clone any tag
OSS-2016-02: Weak authentication in NXP Hitag S transponder allows an attacker to read, write and clone any tag
Bugtraq: OSS-2016-03: Insufficient Integrity Protection in Winkhaus Bluesmart locking systems using Hitag S
OSS-2016-03: Insufficient Integrity Protection in Winkhaus Bluesmart locking systems using Hitag S
Bugtraq: [SECURITY] [DSA 3431-1] ganeti security update
[SECURITY] [DSA 3431-1] ganeti security update
Bugtraq: [SECURITY] [DSA 3432-1] icedove security update
[SECURITY] [DSA 3432-1] icedove security update
CVE-2015-7430
The Hadoop connector 1.1.1, 2.4, 2.5, and 2.7.0-0 before 2.7.0-3 for IBM Spectrum Scale and General Parallel File System (GPFS) allows local users to read or write to arbitrary GPFS data via unspecified vectors. (CVSS:4.6) (Last Update:2016-01-07)
DSA-3433 samba – security update
Several vulnerabilities have been discovered in Samba, a SMB/CIFS file,
print, and login server for Unix. The Common Vulnerabilities and
Exposures project identifies the following issues: