Cisco Security Advisory: Cisco IOS Software TFTP Server Denial of Service Vulnerability

software updates that address this vulnerability. Workarounds that mitigate this vulnerability are available. This advisory is available at the following link: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150722-tftp -BEGIN PGP SIGNATURE- Comment: GPGTools

Cisco Security Advisory: Cisco Unified MeetingPlace Unauthorized Password Change Vulnerability

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Cisco Unified MeetingPlace Unauthorized Password Change Vulnerability Advisory ID: cisco-sa-20150722-mp Revision 1.0 For Public Release 2015 July 22 16:00 UTC (GMT

Cisco Security Advisory: Cisco Application Policy Infrastructure Controller Access Control Vulnerability

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 Cisco Security Advisory: Cisco Application Policy Infrastructure Controller Access Control Vulnerability Advisory ID: cisco-sa-20150722-apic Revision 1.0 For Public Release 2015 July 22 16:00 UTC (GMT

ESA-2015-118: EMC Avamar Directory Traversal Vulnerability

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 ESA-2015-118: EMC Avamar Directory Traversal Vulnerability EMC Identifier: ESA-2015-118 CVE Identifier: CVE-2015-4527 Severity Rating: CVSS v2 Base Score: 7.8 (AV:N/AC:L/Au:N/C:C/I:N/A:N) Affected products: • EMC Avamar Server all version

Multiple (remote and local) Vulnerabilities in Xceedium Xsuite [MZ-15-02]

See also: http://www.modzero.ch/advisories/MZ-15-02-Xceedium-Xsuite.txt - modzero Security Advisory: Multiple Vulnerabilities in Xceedium Xsuite [MZ-15-02] -

Multiple XSS Vulnerabilities in Paid Memberships Pro WordPress Plugin

Advisory ID: HTB23264 Product: Paid Memberships Pro WordPress plugin Vendor: Stranger Studios Vulnerable Version(s): 1.8.4.2 and probably prior Tested Version: 1.8.4.2 Advisory Publication: July 1, 2015 [without technical details] Vendor Notification: July 1, 2015 Vendor Patch: July 8, 2015 Pu

SQL Injection in Count Per Day WordPress Plugin

Advisory ID: HTB23267 Product: Count Per Day WordPress plugin Vendor: Tom Braider Vulnerable Version(s): 3.4 and probably prior Tested Version: 3.4 Advisory Publication: July 1, 2015 [without technical details] Vendor Notification: July 1, 2015 Vendor Patch: July 1, 2015 Public Disclosure: Jul

[SECURITY] [DSA 3312-1] cacti security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-3312-1 secur...@debian.org https://www.debian.org/security/ Alessandro Ghedini July 22, 2015

NetCracker Resource Management 8.0 - SQL Injection Vulnerability

# Vulnerability type: SQL Injection # Vendor: http://www.netcracker.com/ # Product: NetCracker Resource Management System # Affected version: =< 8.0 # Patched version: 8.2 # Credit: Foo Jong Meng, Chia Junyuan, Benjamin Tan # CVE ID: CVE-2015-3423 # PROOF OF CONCEPT (SQLi) SQL Injection (SQLi) vu

NetCracker Resource Management 8.0 - XSS Vulnerability

# Vulnerability type: Cross-site Scripting # Vendor: http://www.netcracker.com/ # Product: NetCracker Resource Management System # Affected version: =< 8.0 # Patched version: 8.2 # Credit: Foo Jong Meng, Chia Junyuan, Benjamin Tan # CVE ID: CVE-2015-2207 # PROOF OF CONCEPT (XSS) Cross-site scrip

Open-Web-Analytics-1.5.7 Cryptographic, Password Disclosure & XSS Vulnerabilities

[+] Credits: John Page ( hyp3rlinx ) [+] Domains: hyp3rlinx.altervista.org [+] Source: http://hyp3rlinx.altervista.org/advisories/AS-OPENWEBANALYTICS0721.txt Vendor: www.openwebanalytics.com Product: Open-Web-Analytics-1.5.

FreeBSD Security Advisory FreeBSD-SA-15:13.tcp

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 = FreeBSD-SA-15:13.tcpSecurity Advisory The FreeBSD Project Topic:

Logstash vulnerability CVE-2015-5378

Summary: Logstash 1.5.2 and prior versions are vulnerable to a SSL/TLS security issue called the FREAK attack. If you are using the Lumberjack input, FREAK allows an attacker to successfully implement a man in the middle attack, intercepting communication between the Logstash Forwarder agent an