CVE-2016-5080: Memory corruption in code generated by Objective Systems Inc. ASN1C compiler for C/C++ [STIC-2016-0603]

Fundación Dr. Manuel Sadosky - Programa STIC Advisory www.fundacionsadosky.org.ar Heap memory corruption in ASN.1 parsing code generated by Objective Systems Inc. ASN1C compiler for C/C++ 1. *Advisory Information* Title: Heap memory corruption in ASN.1

Multiple SQL injection vulnerabilities in WordPress Video Player

Multiple SQL injection vulnerabilities in WordPress Video Player David Vaartjes & Yorick Koster, July 2016

Cross-Site Request Forgery in Icegram WordPress Plugin

Cross-Site Request Forgery in Icegram WordPress Plugin Yorick Koster, July 2016

Multiple Cross-Site Scripting vulnerabilities in Ninja Forms WordPress Plugin

Multiple Cross-Site Scripting vulnerabilities in Ninja Forms WordPress Plugin Han Sahin, July 2016

Executable installers are vulnerable^WEVIL (case 35): eclipse-inst-win*.exe vulnerable to DLL and EXE hijacking

Hi @ll, eclipse-inst-win32.exe (and of course eclipse-inst-win64.exe too) loads and executes multiple DLLs (in version 4.5 also CMD.EXE) from its "application directory". * version 4.5 ("Mars") on Windows 7: UXTheme.dll, WindowsCodecs.dll, AppHelp.dll, SrvCli.dll, Slc.dll, NTMarta.dll,

Django CMS v3.3.0 - (Editor Snippet) Persistent Web Vulnerability (CVE-2016-6186)

Document Title: === Django CMS v3.3.0 - (Editor Snippet) Persistent Web Vulnerability (CVE-2016-6186) References (Source): http://www.vulnerability-lab.com/get_content.php?id=1869 Security Release:

APPLE-SA-2016-07-18-6 iTunes 12.4.2

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 APPLE-SA-2016-07-18-6 iTunes 12.4.2 iTunes 12.4.2 for Windows is now available and addresses the following: libxml2 Impact: Multiple vulnerabilities in libxml2 Description: Multiple memory corruption issues were addressed through improved memory

APPLE-SA-2016-07-18-5 Safari 9.1.2

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 APPLE-SA-2016-07-18-5 Safari 9.1.2 Safari 9.1.2 is now available and addresses the following: WebKit Available for: OS X El Capitan v10.11.6 Impact: Visiting a malicious website may disclose image data from another website Description: A timing

APPLE-SA-2016-07-18-4 tvOS 9.2.2

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 APPLE-SA-2016-07-18-4 tvOS 9.2.2 tvOS 9.2.2 is now available and addresses the following: CoreGraphics Available for: Apple TV (4th generation) Impact: A remote attacker may be able to execute arbitrary code Description: A memory corruption

APPLE-SA-2016-07-18-3 watchOS 2.2.2

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 APPLE-SA-2016-07-18-3 watchOS 2.2.2 watchOS 2.2.2 is now available and addresses the following: CoreGraphics Available for: Apple Watch Sport, Apple Watch, Apple Watch Edition, and Apple Watch Hermes Impact: A remote attacker may be able to

APPLE-SA-2016-07-18-2 iOS 9.3.3

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 APPLE-SA-2016-07-18-2 iOS 9.3.3 iOS 9.3.3 is now available and addresses the following: Calendar Available for: iPhone 4s and later, iPod touch (5th generation) and later, iPad 2 and later Impact: A maliciously crafted calendar invite may cause

APPLE-SA-2016-07-18-1 OS X El Capitan v10.11.6 and Security Update 2016-004

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 APPLE-SA-2016-07-18-1 OS X El Capitan v10.11.6 and Security Update 2016-004 OS X El Capitan v10.11.6 and Security Update 2016-004 is now available and addresses the following: apache_mod_php Available for: OS X Yosemite v10.10.5 and OS X El

[SECURITY] [DSA 3622-1] python-django security update

-BEGIN PGP SIGNED MESSAGE- Hash: SHA512 - - Debian Security Advisory DSA-3622-1 secur...@debian.org https://www.debian.org/security/ Salvatore Bonaccorso July 18, 2016