[webapps] – Vtiger CRM 5.4.0 (index.php, onlyforuser param) – SQL Injection
Vtiger CRM 5.4.0 (index.php, onlyforuser param) - SQL Injection
Apple Security Advisory 2013-09-18-3
Apple Security Advisory 2013-09-18-3 - Xcode 5.0 is now available and addresses a security issue in Git. When using the imap-send command, git did not verify that the server hostname matched a domain name in the X.509 certificate, which allowed a man-in-the-middle attacker to spoof SSL servers via an arbitrary valid certificate. This issue was addressed by updating git to version 1.8.3.1.
Apple Security Advisory 2013-09-18-2
Apple Security Advisory 2013-09-18-2 - iOS 7 is now available and addresses Certificate Trust Policy, Core Graphics, Core Media, Data Protection, and various other issues and vulnerabilities.
[remote] – McKesson ActiveX File/Environmental Variable Enumeration
McKesson ActiveX File/Environmental Variable Enumeration
[webapps] – WordPress Plugin Complete Gallery Manager 3.3.3 – Arbitrary File Upload Vulnerability
Wordpress Plugin Complete Gallery Manager 3.3.3 - Arbitrary File Upload Vulnerability
[remote] – HP ProCurve Manager SNAC UpdateCertificatesServlet File Upload
HP ProCurve Manager SNAC UpdateCertificatesServlet File Upload
[remote] – HP ProCurve Manager SNAC UpdateDomainControllerServlet File Upload
HP ProCurve Manager SNAC UpdateDomainControllerServlet File Upload
[local] – Agnitum Outpost Internet Security Local Privilege Escalation
Agnitum Outpost Internet Security Local Privilege Escalation
[remote] – Mitsubishi MC-WorkX 8.02 ActiveX Control (IcoLaunch) File Execution
Mitsubishi MC-WorkX 8.02 ActiveX Control (IcoLaunch) File Execution
[webapps] – Router ONO Hitron CDE-30364 – CSRF Vulnerability
Router ONO Hitron CDE-30364 - CSRF Vulnerability