HP Security Bulletin HPSBMU03152 - A potential security vulnerability has been identified with HP Operations Orchestration running SSL. This is the SSLv3 vulnerability known as "POODLE" which could be exploited remotely resulting in disclosure of information. Revision 1 of this advisory.
FireHOL a simple yet powerful way to configure stateful iptables firewalls. It can be used for almost any purpose, including control of any number of internal/external/virtual interfaces, control of any combination of routed traffic, setting up DMZ routers and servers, and all kinds of NAT. It provides strong protection (flooding, spoofing, etc.), transparent caches, source MAC verification, blacklists, whitelists, and more. Its goal is to be completely abstracted and powerful but also easy to use, audit, and understand.
Debian Linux Security Advisory 3057-1 - Sogeti found a denial of service flaw in libxml2, a library providing support to read, modify and write XML and HTML files. A remote attacker could provide a specially crafted XML file that, when processed by an application using libxml2, would lead to excessive CPU consumption (denial of service) based on excessive entity substitutions, even if entity substitution was disabled, which is the parser default behavior.
Debian Linux Security Advisory 3056-1 - Several vulnerabilities were discovered in libtasn1-3, a library that manages ASN1 (Abstract Syntax Notation One) structures. An attacker could use those to cause a denial-of-service via out-of-bounds access or NULL pointer dereference.
Ubuntu Security Notice 2389-1 - It was discovered that libxml2 would incorrectly perform entity substitution even when requested not to. If a user or automated system were tricked into opening a specially crafted document, an attacker could possibly cause resource consumption, resulting in a denial of service.
Google Youtube suffered from filter bypass and persistent cross site scripting vulnerabilities.
Folder Plus version 2.5.1 suffers from a persistent script insertion vulnerability.
Apple iOS version 8.0.2 suffers from a contact handling denial of service vulnerability.
WebDisk+ version 2.1 suffers from a code execution vulnerability.
iFileExplorer version 6.51 suffers from a local file inclusion vulnerability.
Zalewski has noted that binaries which have dependencies on libbfd may be leveraged for attacks due to libbfd having a large range of possibly exploitable out-of-bounds crashes.
Tapatalk for vBulletin version 4.x suffers from multiple remote blind SQL injection vulnerabilities.
Filemaker Pro version 13.0v3 and Filemaker Pro Advanced version 12.0v4 suffers from login bypass and privilege escalation vulnerabilities.