Webgrind XSS vulnerability

Credits: John Page ( hyp3rlinx ) Domains: hyp3rlinx.altervista.org Source: http://hyp3rlinx.altervista.org/advisories/AS-WEBGRIND0520.txt Vendor: https://github.com/jokkedk/webgrind Product: Webgrind is a Xdebug Profiling Web Frontend in PHP. Advisory Information:

[SECURITY] [DSA 3266-1] fuse security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-3266-1 secur...@debian.org http://www.debian.org/security/ Salvatore Bonaccorso May 21, 2015

CVE-2015-1833 (Jackrabbit WebDAV XXE vulnerability)

Dear readers, we just fixed a recently reported vulnerability in Apache Jackrabbit's WebDAV module; see - the attached CVE report - patches for all currently maintained Jackrabbit branches We just released Jackrabbit 2.10.1 (see below) and we'll get to the other branches shortly. Check the

CVE for Apple's ECDHE-ECDSA SecureTransport bug?

Does anyone know if Apple's ECDHE-ECDSA SecureTransport bug was assigned a CVE? It affected OS X and iOS. Effectively, the bug was an implementation error that cause interoperability failures. To mostly counter it, the cipher suites had to be disabled, which resulted in a loss of security. If the

[SECURITY] [DSA 3261-2] libmodule-signature-perl regression update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-3261-2 secur...@debian.org http://www.debian.org/security/ Salvatore Bonaccorso May 20, 2015