Red Hat has released fixes to JBoss Operations Network (JBoss ON), a middleware management solution that provides a single point of control to deploy, manage, and monitor JBoss Enterprise Middleware, applications, and services. The Red Hat...
Oracle has released a security advisory about a denial of service vulnerability in Oracle WebLogic Server, Oracle Application Server (OC4J) and Oracle iPlanet Web Server due to hashing collisions. No authentication is required to exploit this...
Red Hat has released fixes to JBoss Communications Platform and JBoss Web, the web container of JBoss Enterprise Application Platform. These vulnerabilities can allow remote attackers to access sensitive information or cause a denial of service.
The Apache Software Foundation has released a new version the Apache HTTP server that fixes multiple vulnerabilities. These vulnerabilities can allow remote attackers to access sensitive information, cause a denial of service or allow local users...
VMware ESXi and ESX updates to third party library and ESX Service Console address several security issues
A flaw exists in the debugging code in sudo versions 1.8.0 through 1.8.3p1 that can be used to crash sudo or potentially allow an unauthorized user to elevate privileges to root.
Cisco IronPort Email Security Appliances (ESA) and Cisco IronPort Security Management Appliances (SMA) contain a vulnerability that may allow a remote, unauthenticated attacker to execute arbitrary code with elevated privileges
OpenSSL 0.9.8s and 1.0.0f does not properly support DTLS applications, which allows remote attackers to cause a denial of service via unspecified vectors. NOTE: this vulnerability exists because of an incorrect fix for CVE-2011-4108.
Adobe Acrobat and Reader are prone to a remote memory corruption vulnerability.
Microsoft has released an out-of-band security update [1] that resolves one publicly disclosed vulnerability [2] and three privately reported vulnerabilities in Microsoft .NET Framework.
Cisco IP Video Phone E20 Default Root Account Cisco TelePresence Software version TE 4.1.0 contains a default account vulnerability that could allow an unauthenticated, remote attacker to take complete control of the affected device.
Oracle Sun Solaris is prone to a remote security vulnerability. Fixes are available.
The Apache Tomcat security team disclosed two vulnerabilities in their product. Fixes are available. The vulnerabilities allow unauthorized disclosure of information and disruption of service.
The OpenSSL project disclosed various vulnerabilities in their product.
These updates address critical vulnerabilities (CVE-2011-2462, CVE-2011-4369, CVE-2011-4370, CVE-2011-4371, CVE-2011-4372, CVE-2011-4373) in Adobe Reader X (10.1.1) and earlier versions for Windows and Macintosh, and Adobe Acrobat X (10.1.1) and...
Multiple vulnerabilities have been found in Mozilla Firefox / Thunderbird. A fix is available.
Multiple vulnerabilities have been found in JBoss Enterprise Portal Platform. A patch is available.
RSA SecurID Software Token is prone to a vulnerability that lets attackers execute arbitrary code. This vulnerability may be exploited to load arbitrary libraries by tricking a user into opening a Software Token file located on a compromised or...
Mozilla Firefox before 4.0, Thunderbird before 3.3, and SeaMonkey before 2.1 are prone to an information disclosure vulnerability, exploitable by a remote attacker to obtain information from the browser history.[1] Updated versions are available.[3]
Adobe Flash Player 11.1.102.55 on Windows and Mac OS X is prone to remote attacks by execution of arbitrary code via a crafted SWF file.
JBoss Application Server console is prone to a cross-site scripting vulnerability while handling DOM objects; fixes are available.
JBoss AS is prone to a cross-site request-forgery vulnerability; fixes are available.
HP Printers and Digital Senders are prone to a security-bypass vulnerability leading to the installation of a malicious firmware
Apache HTTP Server 'mod_proxy' Reverse Proxy Security Bypass Vulnerability Apache HTTP Server is prone to a security-bypass vulnerability.
Linux kernel is prone to multiple 'hardlink' stack-based buffer-overflow vulnerabilities and multiple integer-overflow vulnerabilities because of a failure to properly bounds check user-supplied input. Specifically, hardlink fails to properly...