Energy.gov

A vulnerability was reported in EMC Celerra/VNX/VNXe. A remote authenticated user can access files and directories on the target file system.

Microsoft Security Bulletin Advance Notification for July 2012. Microsoft has posted 3 Critical Bulletins and 6 Important Bulletins. Bulletins with the Maximum Severity Rating and Vulnerability Impact of "Critical" may allow remote execution of code. Microsoft is hosting a webcast to address customer questions on these bulletins on July 11, 2012, at 11:00 AM Pacific Time (US & Canada).

Two vulnerabilities were reported in HP Operations Agent. A remote user can execute arbitrary code on the target system

A vulnerability was reported in HP Photosmart. A remote user can cause denial of service conditions.

The vulnerability is caused due to the sites/all/modules/dragdrop_gallery/upload.php script improperly validating uploaded files, which can be exploited to execute arbitrary PHP code by uploading a PHP file with e.g. an appended ".gif" file extension.

The vulnerabilities can be exploited by malicious people to conduct cross-site scripting attacks, disclose potentially sensitive information, bypass certain security restrictions, and compromise a user's system..

The vulnerability is caused due to an unspecified error when handling IPv6 transit traffic and can be exploited to cause a reload of the affected device.

Two vulnerabilities have been reported in Cisco AnyConnect VPN Client, which can be exploited by malicious people to compromise a user's system.

On Intel CPUs, the sysret instruction can be manipulated into returning to specific non-canonical addresses, which may yield a CPU reset. We cannot currently rule out with utter confidence that this vulnerability could not also be used to execute code with kernel privilege instead of crashing the system.

A local or remote user can cause denial of service conditions on the target virtual system.