[security bulletin] HPSBGN03564 rev.1 - HPE Release Control using Java Deserialization, Remote Code Execution

-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Note: the current version of the following document is available here: https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_n a-c05063986 SUPPORT COMMUNICATION - SECURITY BULLETIN Document ID: c05063986 Version: 1 HPSBGN03564

[SECURITY] [DSA 3584-1] librsvg security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-3584-1 secur...@debian.org https://www.debian.org/security/ Salvatore Bonaccorso May 19, 2016

[SEARCH-LAB advisory] LG NAS N1A1 multiple vulnerabilities in Familycast

its --- This vulnerability was discovered and researched by Gergely Eberhardt from SEARCH-LAB Ltd. (www.search-lab.hu) References -- [1] http://www.search-lab.hu/advisories/113-secadv-20160519 [2] https://youtu.be/ppMOj-eK81Y [3] https://github.com/ebux/LG-NAS-N1A1-vulnerabilities

[ERPSCAN-16-011] SAP NetWeaver AS JAVA – SQL injection vulnerability

Application: SAP NetWeaver AS JAVA Versions Affected: SAP NetWeaver AS JAVA 7.1 - 7.5 Vendor URL:http://SAP.com Bugs:SQL injection Send: 04.12.2015 Reported: 04.12.2015 Vendor response: 05.12.2015 Date of Public Advisory: 09.02.2016 Reference: SAP Security Note 2101079

[ERPSCAN-16-010] SAP NetWeaver AS JAVA – information disclosure vulnerability

Application:SAP NetWeaver AS JAVA Versions Affected: SAP NetWeaver AS JAVA 7.1 - 7.5 Vendor URL: http://SAP.com Bugs: information disclosure Sent: 15.09.2015 Reported: 15.09.2015 Vendor response: 16.09.2015 Date of Public Advisory: 09.02.2016 Reference: SAP Security Note 2256846 Author

TYPO3 RemoveXSS.php vulnerability versions 6.2.19 and 7.6.4

Madison Gurkha Security Advisory Advisory: TYPO3 circumvent RemoveXSS.php cross site scripting using BASE64 encoding 1. DETAILS -- Product: Typo3 CMS Vendor URL: typo3.org Type: Cross-site Scripting[CWE-79] Date found: 2016-03-09 Date published: 2016-05-19 2. AFFECTED VERSIONS -