Monthly Archives: January 2016
Debian Security Advisory 3432-1
Debian Linux Security Advisory 3432-1 – Multiple security issues have been found in Icedove, Debian’s version of integer overflows, buffer overflows and other implementation errors may lead to the execution of arbitrary code or denial of service.
Debian Security Advisory 3431-1
Debian Linux Security Advisory 3431-1 – Pierre Kim discovered two vulnerabilities in the restful API of Ganeti, a virtual server cluster management tool. SSL parameter negotiation could result in denial of service and the DRBD secret could leak.
Packet Storm New Exploits For 2015
Complete comprehensive archive of all 2,311 exploits added to Packet Storm in 2015.
Packet Storm New Exploits For December, 2015
This archive contains 283 exploits that were added to Packet Storm in December, 2015.
CVE-2015-7409
Cross-site scripting (XSS) vulnerability in IBM Security QRadar SIEM 7.2.x before 7.2.6 allows remote authenticated users to inject arbitrary web script or HTML via an unspecified field.
CVE-2015-7456
IBM Spectrum Scale 4.1.1 before 4.1.1.4, and 4.2.0.0, allows remote authenticated users to discover object-storage admin passwords via unspecified vectors.
CVE-2015-4941
IBM WebSphere MQ Light 1.x before 1.0.2 mishandles abbreviated TLS handshakes, which allows remote attackers to cause a denial of service (MQXR service crash) via unspecified vectors.
CVE-2015-4943
IBM WebSphere MQ Light 1.x before 1.0.2 allows remote attackers to cause a denial of service (MQXR service crash) via a series of connect and disconnect actions.
CVE-2015-5049
SQL injection vulnerability in the API in IBM OpenPages GRC Platform 7.0 before 7.0.0.4 IF3 and 7.1 before 7.1.0.1 IF6 allows remote authenticated users to execute arbitrary SQL commands via unspecified vectors.