[security bulletin] HPSBHF03136 rev.1 - HP TippingPoint NGFW running OpenSSL, Remote Disclosure of Information

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04475466 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04475466 Version: 1 HPSBHF03136

[security bulletin] HPSBMU03110 rev.1 - HP Sprinter, Remote Execution of Code

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04454636 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04454636 Version: 1 HPSBMU03110 r

[security bulletin] HPSBMU03127 rev.1 - HP Operations Manager for UNIX, Remote Code Execution

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hp.com/portal/site/hpsc/public/kb/ docDisplay?docId=emr_na-c04472866 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c04472866 Version: 1 HPSBMU03127

[SECURITY] [DSA 3048-1] apt security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 - - Debian Security Advisory DSA-3048-1 secur...@debian.org http://www.debian.org/security/ Thijs Kinkhorst October 08, 2014

Cisco Security Advisory: Multiple Vulnerabilities in Cisco ASA Software

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Multiple Vulnerabilities in Cisco ASA Software Advisory ID: cisco-sa-20141008-asa Revision 1.0 For Public Release 2014 October 8 16:00 UTC (GMT) Summary +== Cisco Adaptive Security Appliance (ASA) Software is affected by the following vulner

[Onapsis Security Advisory 2014-032] SAP BusinessObjects Persistent Cross Site Scripting

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Onapsis Security Advisory 2014-032: SAP BusinessObjects Persistent Cross Site Scripting 1. Impact on Business = By exploiting this vulnerability a remote unauthenticated attacker would be able to attack other users o

[Onapsis Security Advisory 2014-031] SAP Business Objects Information Disclosure via CORBA

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Onapsis Security Advisory 2014-031: SAP Business Objects Information Disclosure via CORBA 1. Impact on Business = By exploiting this vulnerability a remote unauthenticated attacker would be able to obtain informatio

[Onapsis Security Advisory 2014-029] SAP Business Objects Information Disclosure

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Onapsis Security Advisory 2014-020: SAP Business Objects Information Disclosure 1. Impact on Business = A malicious user can discover information relating to valid users using a vulnerable Business Objects Enterpri

[Onapsis Security Advisory 2014-030] SAP Business Objects Denial of Service via CORBA

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Onapsis Security Advisory 2014-020: SAP Business Objects Denial of Service via CORBA 1. Impact on Business = By exploiting this vulnerability a remote unauthenticated attacker would be able to completely shut down

[Onapsis Security Advisory 2014-033] SAP Business Warehouse Missing Authorization Check

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Onapsis Security Advisory 2014-033: SAP Business Warehouse Missing Authorization Check 1. Impact on Business = By exploiting this vulnerability an authenticated attacker will be able to abuse of functionality that sh

[Onapsis Security Advisory 2014-027] SAP HANA Multiple Reflected Cross Site Scripting Vulnerabilities

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Onapsis Security Advisory 2014-027: SAP HANA Multiple Reflected Cross Site Scripting Vulnerabilities 1. Impact on Business = By exploiting this vulnerability a remote unauthenticated attacker would be able to attack

[Onapsis Security Advisory 2014-028] SAP HANA Web-based Development Workbench Code Injection

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Onapsis Security Advisory 2014-028: SAP HANA Web-based Development Workbench Code Injection 1. Impact on Business = By exploiting this vulnerability a remote unauthenticated attacker would be able to completely comp

Two XSS in Contact Form DB WordPress plugin

Advisory ID: HTB23233 Product: Contact Form DB WordPress plugin Vendor: Michael Simpson Vulnerable Version(s): 2.8.13 and probably prior Tested Version: 2.8.13 Advisory Publication: September 17, 2014 [without technical details] Vendor Notification: September 17, 2014 Vendor Patch: September 25,

Reflected Cross-Site Scripting (XSS) in EWWW Image Optimizer WordPress Plugin

Advisory ID: HTB23234 Product: EWWW Image Optimizer WordPress plugin Vendor: Shane Bishop Vulnerable Version(s): 2.0.1 and probably prior Tested Version: 2.0.1 Advisory Publication: September 17, 2014 [without technical details] Vendor Notification: September 17, 2014 Vendor Patch: September 24,

Reflected Cross-Site Scripting (XSS) in Google Calendar Events WordPress Plugin

Advisory ID: HTB23235 Product: Google Calendar Events WordPress plugin Vendor: Phil Derksen Vulnerable Version(s): 2.0.1 and probably prior Tested Version: 2.0.1 Advisory Publication: September 17, 2014 [without technical details] Vendor Notification: September 17, 2014 Vendor Patch: October 7,

[SECURITY] [DSA 3047-1] rsyslog security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 - - Debian Security Advisory DSA-3047-1 secur...@debian.org http://www.debian.org/security/ Luciano Bello October 08, 2014