Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs).

EMC Avamar server contains a vulnerability that may allow remote Avamar client user to retrieve sensitive account credentials from affected Avamar server using Java API calls. No authentication to Avamar server is required for this potential attack. Exposed information includes MCUser and GSAN account passwords of all grid systems that are being monitored in EMC Avamar Enterprise Manager. EMC Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) 6.x and 7.0.x up to and including 7.0.2-43 are affected.

EMC ADS/AVE Password hardening package uses the DES-based traditional Unix crypt scheme that may be susceptible to brute force and dictionary attacks if the hashes are obtained by an adversary. The hardening package is an optional package and installed separately. Affected includes EMC Avamar Data Store (ADS) GEN4(S) and Avamar Virtual Edition (AVE) running Avamar 6.0.x, 6.1.x, and 7.0.x running with optional Password hardening package earlier than version 2.0.0.4.

A vulnerability exists in the EMC NetWorker Module for MEDITECH when used with EMC RecoverPoint that could potentially allow exposure of sensitive information. EMC NetWorker Module for MEDITECH (NMMEDI) version 3.0 builds 87-90 are affected.

Apple Security Advisory 2014-10-22-1 – QuickTime 7.7.6 is now available and addresses memory corruption and buffer overflow vulnerabilities.