webEdition version 6.3.8.0 suffers from a path traversal vulnerability.

DA-WIN, a wireless IDS, provides an organization a continuous wireless scanning capability that is light touch and simple. It utilizes compact and discreet sensors that can easily be deployed reducing the total cost of protection and simplifying the effort required for absolute, categoric regulatory compliance. This archive includes a dd image to be used on a Raspberry Pi and a user manual.

Apple Security Advisory 2014-09-17-2 – Apple TV 7 is now available and addresses wifi credential interception, information disclosure, code execution, and various other vulnerabilities.

Apple Security Advisory 2014-09-17-1 – iOS 8 is now available and addresses wifi credential interception, identifier disclosure, path traversal, and various other vulnerabilities.

Red Hat Security Advisory 2014-1256-01 – An update for the openssl component for Red Hat JBoss Web Server 2.1.0 that fixes multiple security issues is now available from the Red Hat Customer Portal.

ClassApps SelectSurvey.net version 4.124.004 suffers from multiple remote SQL injection vulnerabilities.

The Nokia Asha platform suffers from a lock code bypass vulnerability that allows for access to call records.

Livefyre LiveComments version 3.0 suffers from a persistent cross site scripting vulnerability.

WordPress WP-Ban plugin version 1.62 suffers from a bypass vulnerability when a properly minted X-Forwarded-For header is used.