Red Hat Security Advisory 2017-0455-01 – Red Hat JBoss Web Server is a fully integrated and certified set of components for hosting Java web applications. It is comprised of the Apache HTTP Server, the Apache Tomcat Servlet container, Apache Tomcat Connector, JBoss HTTP Connector, Hibernate, and the Tomcat Native library. This release of Red Hat JBoss Web Server 3.1.0 serves as a replacement for Red Hat JBoss Web Server 3.0.3, and includes enhancements. Multiple security issues have been addressed.
Monthly Archives: March 2017
Huawei HG658 V2 Cross Site Scripting
Huawei HG658 V2 suffers from a cross site scripting vulnerability.
Agora-Project 3.2.2 Cross Site Scripting
Agora-Project version 3.2.2 suffers from a cross site scripting vulnerability.
Job Portal Script 3.0 Cross Site Scripting / SQL Injection
Job Portal Script version 3.0 suffers from cross site scripting and remote SQL injection vulnerabilities.
DSA-3805 firefox-esr – security update
Multiple security issues have been found in the Mozilla Firefox web
browser: Multiple memory safety errors, use-after-frees and other
implementation errors may lead to the execution of arbitrary code, ASLR
bypass, information disclosure or denial of service.
DSA-3803 texlive-base – security update
It was discovered that texlive-base, the TeX Live package which provides
the essential TeX programs and files, whitelists mpost as an external
program to be run from within the TeX source code (called write18).
Since mpost allows to specify other programs to be run, an attacker can
take advantage of this flaw for arbitrary code execution when compiling
a TeX document.
DSA-3804 linux – security update
Several vulnerabilities have been discovered in the Linux kernel that
may lead to a privilege escalation, denial of service or have other
impacts.
Vuln: Multiple I-O DATA Network Camera Products Multiple Security Vulnerabilities
Multiple I-O DATA Network Camera Products Multiple Security Vulnerabilities
Vuln: IBM WebSphere Commerce CVE-2016-5894 Local Information Disclosure Vulnerability
IBM WebSphere Commerce CVE-2016-5894 Local Information Disclosure Vulnerability
Vuln: BlackBerry Good Control Server CVE-2016-3127 Information Disclosure Vulnerability
BlackBerry Good Control Server CVE-2016-3127 Information Disclosure Vulnerability