>> TAG: #0day

HP Data Protector 8.x – Remote Command Execution

Symantec Encryption Management Server < 3.2.0 MP6 – Remote Command Injection

Exim ESMTP 4.80 glibc gethostbyname – Denial of Service

WordPress Photo Gallery Plugin 1.2.5 – Unrestricted File Upload

NPDS CMS Revolution-13 – SQL Injection Vulnerability

Hewlett-Packard UCMDB – JMX-Console Authentication Bypass

Sefrengo CMS 1.6.1 – Multiple SQL Injection Vulnerabilities

McAfee Data Loss Prevention Endpoint – Arbitrary Write Privilege Escalation

Ghost Vulnerability CVE-2015-0235 White Paper

ManageEngine Firewall Analyzer 8.0 – Directory Traversal/XSS Vulnerabilities