[remote] – OpenEMR 4.1.1 Patch 14 SQLi Privilege Escalation Remote Code Execution
OpenEMR 4.1.1 Patch 14 SQLi Privilege Escalation Remote Code Execution
[webapps] – Vtiger CRM 5.4.0 (index.php, onlyforuser param) – SQL Injection
Vtiger CRM 5.4.0 (index.php, onlyforuser param) - SQL Injection
Apple Security Advisory 2013-09-18-3
Apple Security Advisory 2013-09-18-3 - Xcode 5.0 is now available and addresses a security issue in Git. When using the imap-send command, git did not verify that the server hostname matched a domain name in the X.509 certificate, which allowed a man-in-the-middle attacker to spoof SSL servers via an arbitrary valid certificate. This issue was addressed by updating git to version 1.8.3.1.
Apple Security Advisory 2013-09-18-2
Apple Security Advisory 2013-09-18-2 - iOS 7 is now available and addresses Certificate Trust Policy, Core Graphics, Core Media, Data Protection, and various other issues and vulnerabilities.
[webapps] – WordPress Plugin Complete Gallery Manager 3.3.3 – Arbitrary File Upload Vulnerability
Wordpress Plugin Complete Gallery Manager 3.3.3 - Arbitrary File Upload Vulnerability
[dos] – TeraCopy 2.3 (default.mo) Language File Integer Overflow Vulnerability
TeraCopy 2.3 (default.mo) Language File Integer Overflow Vulnerability
Apple Security Advisory 2013-09-17-1
Apple Security Advisory 2013-09-17-1 - OS X Server v2.2.2 is now available and addresses issues in ClamAV, PostgreSQL, and Wiki Server.
[dos] – Vino VNC Server 3.7.3 – Persistent Denial of Service
Vino VNC Server 3.7.3 - Persistent Denial of Service
[remote] – HP ProCurve Manager SNAC UpdateCertificatesServlet File Upload
HP ProCurve Manager SNAC UpdateCertificatesServlet File Upload