It was discovered that missing input saniting in Snoopy, a PHP class that
simulates a web browser may result in the execution of arbitrary
commands.
Monthly Archives: May 2015
DSA-3246 ruby1.9.1 – security update
It was discovered that the Ruby OpenSSL extension, part of the interpreter
for the Ruby language, did not properly implement hostname matching, in
violation of RFC 6125. This could allow remote attackers to perform a
man-in-the-middle attack via crafted SSL certificates.
DSA-3244 owncloud – security update
Multiple vulnerabilities were discovered in ownCloud, a cloud storage
web service for files, music, contacts, calendars and many more.
How to Avoid Getting Hacked Next Time You Leave Home – TIME Magazine
These 5 Companies Are Growing as Large as the Online Security Threat – Entrepreneur
Kaspersky Lab Launches Small Office Security – eWeek
Why We Need Close Ties With International Organizations – Forbes
Mozilla Moving Toward Full HTTPS Enforcement in Firefox
The Mozilla Foundation announced yesterday that it is in the process making HTTP connections incompatible with its popular Firefox Web browser.
CVE-2014-3598
The Jpeg2KImagePlugin plugin in Pillow before 2.5.3 allows remote attackers to cause a denial of service via a crafted image.
CVE-2014-8361
The miniigd SOAP service in Realtek SDK allows remote attackers to execute arbitrary code via a crafted NewInternalClient request.