JVN#14313132 Cisco Router and Security Device Manager におけるクロスサイトスクリプティングの脆弱性
http://jvn.jp/jp/JVN14313132/index.html
JVN#46669729 MODx におけるクロスサイトスクリプティングの脆弱性
http://jvn.jp/jp/JVN46669729/index.html
JVN#19774883 MODx における SQL インジェクションの脆弱性
http://jvn.jp/jp/JVN19774883/index.html
JVNDB-2010-000014 Cisco Router and Security Device Manager におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000014.html
JVNDB-2010-000013 MODx におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000013.html
JVNDB-2010-000012 MODx における SQL インジェクションの脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-000012.html
JVNDB-2010-001226 Cisco IOS および Cisco ルータにおける IKE パケットの処理に関するサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001226.html
JVNDB-2010-001225 Cisco IOS における SCCP パケットの処理に関するサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001225.html
JVNDB-2010-001224 Cisco IOS における LDP パケットの処理に関するサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001224.html
JVNDB-2010-001223 Cisco IOS の H.323 実装におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001223.html
JVNDB-2010-001222 Cisco IOS における H.323 パケットの処理に関するサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001222.html
JVNDB-2010-001221 Cisco IOS の SIP 実装におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001221.html
JVNDB-2010-001220 Cisco IOS の SIP 実装における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001220.html
JVNDB-2010-001219 Cisco IOS の SIP 実装における任意のコードを実行される脆弱性
http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-001219.html
RHBA-2010:0074-1: strace bug fix update
http://rhn.redhat.com/errata/RHBA-2010-0074.html
Apple QuickTime FLC Encoded '.fli' Movie File Remote Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/39152
Apple QuickTime CoreMedia H.263 Encoded '.3g2' Movie Files Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/39167
TUGZip 3.5 ZIP File Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/39180
RETIRED: Apple Mac OS X APPLE-SA-2010-03-29-1 Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/39020
Linux Kernel 'nameidata' Null Pointer Dereference Vulnerability
http://www.securityfocus.com/bid/39186
Multiple Vendor TLS Protocol Session Renegotiation Security Vulnerability
http://www.securityfocus.com/bid/36935
Apple Mac OS X FreeRADIUS Component EAP-TLS Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/39234
RETIRED: Oracle Java SE and Java For Business March 2010 Advanced Notification
http://www.securityfocus.com/bid/38973
gnome-screensaver Unlock Dialog Race Condition Lock Bypass Vulnerability
http://www.securityfocus.com/bid/38211
Oracle Java SE and Java for Business CVE-2010-0088 Remote Java Runtime Environme Vulnerability
http://www.securityfocus.com/bid/39081
Oracle Java SE and Java for Business CVE-2010-0848 Remote Java 2D Vulnerability
http://www.securityfocus.com/bid/39078
+ PSN-2010-04-712: Multiple routers can generate duplicate SSH private keys due to missing entropy
https://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2010-04-712&viewMode=view
+ PSN-2010-04-711: Updated: NTP Mode 7 Denial-of-Service Vulnerability (VU#568372)
https://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2010-04-711&viewMode=view
+ PSN-2010-04-710: JUNOS J-Web allows creation of superuser account without requiring authentication
https://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2010-04-710&viewMode=view
+ PSN-2010-04-709: JUNOS too sensitive to fragmented packets which are addressed to the router.
https://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2010-04-709&viewMode=view
+ PSN-2010-04-708: Certain ICMPv6 Multicast Listener (MLDv2) Report Messages can cause the routing process to terminate unexpectedly.
https://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2010-04-708&viewMode=view
+ PSN-2010-04-707: Certain IPv6 RSVP operations can cause the JUNOS routing process to terminate unexpectedly.
https://www.juniper.net/alerts/viewalert.jsp?actionBtn=Search&txtAlertNumber=PSN-2010-04-707&viewMode=view
+ Samba 3.5.2 Available for Download
http://samba.org/samba/history/samba-3.5.2.html
+? Local Glibc shared library (.so) <= 2.11.1 exploit
http://www.exploit-db.com/exploits/12103
- RHSA-2010:0342-1: Important: kernel security and bug fix update
https://rhn.redhat.com/errata/RHSA-2010-0342.html
[ANN] Apache Continuum 1.3.6 (GA) Released
http://continuum.apache.org/docs/1.3.6/release-notes.html
[ANNOUNCE] Apache Commons JEXL 2.0.1 released
http://commons.apache.org/jexl/
Mandriva : Security Announce nss
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32240
Ubuntu Security Notice : OpenJDK vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32241
Ubuntu Security Notice : Kerberos vulnerabilities
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32242
Core Security Technologies : XSS Vulnerability in NextGEN Gallery Wordpress Plugin
http://www.criticalwatch.com/support/security-advisories.aspx?AID=32251
[USN-924-1] Kerberos vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00064.html
[USN-923-1] OpenJDK vulnerabilities
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00063.html
[ MDVSA-2010:069 ] nss
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00065.html
CORE-2010-0323: XSS Vulnerability in NextGEN Gallery Wordpress Plugin
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2010-04/msg00062.html
富士通エフサス、OfficeとPDFの機密文書を保護するソフトを発売
http://itpro.nikkeibp.co.jp/article/NEWS/20100407/346781/?ST=security
SafeSHOP Cross-Site Scripting and Cross-Site Request Forgery
http://secunia.com/advisories/39330/
CA XOsoft Products Multiple Vulnerabilities
http://secunia.com/advisories/39337/
EASY Enterprise DMS Multiple Vulnerabilities
http://secunia.com/advisories/39134/
abcm2ps Multiple Unspecified Vulnerabilities
http://secunia.com/advisories/39345/
UnixWare update for bind
http://secunia.com/advisories/39334/
Joomla! VJDEO Component "controller" Local File Inclusion Vulnerability
http://secunia.com/advisories/39296/
Joomla! Datafeeds Component "controller" Local File Inclusion Vulnerability
http://secunia.com/advisories/39360/
Joomla! Highslide JS Component "controller" Local File Inclusion Vulnerability
http://secunia.com/advisories/39359/
Joomla Flickr "controller" Local File Inclusion Vulnerability
http://secunia.com/advisories/39358/
Joomla! Jukebox Component "controller" Local File Inclusion Vulnerability
http://secunia.com/advisories/39357/
Joomla! J!WHMCS Integrator Component "controller" Local File Inclusion Vulnerability
http://secunia.com/advisories/39356/
Joomla! Seber Cart Component "view" Local File Inclusion Vulnerability
http://secunia.com/advisories/39355/
WordPress NextGEN Gallery Plugin "mode" Cross-Site Scripting
http://secunia.com/advisories/39341/
Red Hat update for krb5
http://secunia.com/advisories/39324/
Joomla! XOBBIX Component "prodid" SQL Injection Vulnerability
http://secunia.com/advisories/39312/
iJoomla News Portal "controller" Local File Inclusion Vulnerability
http://secunia.com/advisories/39289/
Ubuntu update for krb5
http://secunia.com/advisories/39290/
ClamAV Scanning Bypass and Memory Corruption
http://secunia.com/advisories/39329/
udisks Encryption Keys Information Leak
http://secunia.com/advisories/39332/
Debian update for mahara
http://secunia.com/advisories/39322/
Mahara Multiple Vulnerabilities
http://secunia.com/advisories/39318/
MediaWiki Login Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/39333/
Kerberos kadmind Denial of Service Vulnerability
http://secunia.com/advisories/39315/
McAfee Email Gateway Multiple Vulnerabilities
http://secunia.com/advisories/39307/
Ubuntu update for openjdk-6
http://secunia.com/advisories/39292/
SUSE update for openssl
http://secunia.com/advisories/39294/
Red Hat update for kernel
http://secunia.com/advisories/39295/
Clam AntiVirus May Fail to Detect Malware in Various Archive Format Files
http://securitytracker.com/alerts/2010/Apr/1023829.html
Adobe Reader and Acrobat '/launch' Command Warning Dialog Message Can Be Modified By Remote Users
http://securitytracker.com/alerts/2010/Apr/1023828.html
Anyzip (.zip) v1.1 0day Poc (SEH)
http://www.exploit-db.com/exploits/12104
Local Glibc shared library (.so) <= 2.11.1 exploit http://www.exploit-db.com/exploits/12103
RHBA-2010:0345-1: shadow-utils bug fix update
http://rhn.redhat.com/errata/RHBA-2010-0345.html
Oracle Java SE and Java for Business CVE-2010-0837 Remote Vulnerability
http://www.securityfocus.com/bid/39072
Oracle Java SE and Java for Business CVE-2010-0847 Remote Java 2D Vulnerability
http://www.securityfocus.com/bid/39071
Oracle Java SE and Java for Business CVE-2010-0089 Remote Java Web Start Vulnerability
http://www.securityfocus.com/bid/39095
Oracle Java SE and Java for Business CVE-2010-0090 Remote Java Web Start Vulnerability
http://www.securityfocus.com/bid/39091
Oracle Java SE and Java for Business 'XNewPtr()' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39083
Oracle Java SE and Java for Business CVE-2010-0839 Remote Sound Vulnerability
http://www.securityfocus.com/bid/39070
Oracle Java SE and Java for Business CVE-2010-0087 Remote Vulnerability
http://www.securityfocus.com/bid/39068
Apache Tomcat Host Working Directory WAR File Directory Traversal Vulnerability
http://www.securityfocus.com/bid/37945
Apache Tomcat WAR File Directory Traversal Vulnerability
http://www.securityfocus.com/bid/37944
Apache Tomcat Directory Host Appbase Authentication Bypass Vulnerability
http://www.securityfocus.com/bid/37942
Oracle Java SE and Java for Business CVE-2010-0091 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/39096
Mozilla Firefox and SeaMonkey Theora Video Library Remote Integer Overflow Vulnerability
http://www.securityfocus.com/bid/37368
Oracle Java SE and Java for Business CVE-2010-0085 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/39094
Oracle Java SE and Java for Business CVE-2010-0084 Remote Vulnerability
http://www.securityfocus.com/bid/39093
Oracle Java SE and Java for Business CVE-2010-0845 Remote HotSpot Server Vulnerability
http://www.securityfocus.com/bid/39089
Oracle Java SE and Java for Business CVE-2010-0092 Remote Vulnerability
http://www.securityfocus.com/bid/39090
Oracle Java SE and Java for Business Sound Component MIDI Stream Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39084
Oracle Java SE and Java for Business 'MixerSequencer' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39077
Oracle Java SE and Java for Business CVE-2010-0850 Remote Java 2D Vulnerability
http://www.securityfocus.com/bid/39082
Oracle Java SE and Java for Business CVE-2010-0094 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/39075
Oracle Java SE and Java for Business CVE-2010-0849 Remote Java 2D Vulnerability
http://www.securityfocus.com/bid/39073
Oracle Java SE and Java for Business JRE Trusted Method Chaining Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39065
Oracle Java SE and Java for Business 'readMabCurveData()' Remote Stack Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/39069
Oracle Java SE and Java for Business ImageIO 'JPEGImageReader' Remote Code Execution Vulnerability
http://www.securityfocus.com/bid/39067
Oracle Java Runtime Environment 'JPEGImageEncoderImpl' Remote Heap Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/39062
Oracle Java SE and Java for Business CVE-2010-0093 Remote Vulnerability
http://www.securityfocus.com/bid/39088
Samba 'client/mount.cifs.c' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/38326
Samba Symlink Directory Traversal Vulnerability
http://www.securityfocus.com/bid/38111
Oracle Java SE and Java for Business CVE-2010-0095 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/39086
Intel Active Management Technology SDK Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/39043
Oracle Java SE and Java for Business CVE-2010-0082 HotSpot Server Remote Vulnerability
http://www.securityfocus.com/bid/39085
Apple Mac OS X Preferences System Login Restrictions Authentication Bypass Security Vulnerability
http://www.securityfocus.com/bid/39153
ISC BIND 9 DNSSEC Query Response Additional Section Remote Cache Poisoning Vulnerability
http://www.securityfocus.com/bid/37118
ISC BIND 9 DNSSEC Bogus NXDOMAIN Response Remote Cache Poisoning Vulnerability
http://www.securityfocus.com/bid/37865
Stack Ideas 'com_sectionex' Component for Joomla! Local File Include Vulnerability
http://www.securityfocus.com/bid/38751
CUPS 'lppasswd' Tool Localized Message String Security Weakness
http://www.securityfocus.com/bid/38524
Linux Kernel 'nameidata' Null Pointer Dereference Vulnerability
http://www.securityfocus.com/bid/39186
ISC BIND 9 Remote Dynamic Update Message Denial of Service Vulnerability
http://www.securityfocus.com/bid/35848
Mahara Username Generation SQL Injection Vulnerability
http://www.securityfocus.com/bid/39253
Smarty Template Engine 'function.math.php' Security Bypass Vulnerability
http://www.securityfocus.com/bid/34918
Smarty Template Engine 'Smarty_Compiler.class.php' Security Bypass Vulnerability
http://www.securityfocus.com/bid/31862
Multiple Vendor TLS Protocol Session Renegotiation Security Vulnerability
http://www.securityfocus.com/bid/36935
Oracle Java SE and Java for Business CVE-2010-0088 Remote Java Runtime Environme Vulnerability
http://www.securityfocus.com/bid/39081
Oracle Java SE and Java for Business CVE-2010-0848 Remote Java 2D Vulnerability
http://www.securityfocus.com/bid/39078
MIT Kerberos kadmind 'server_stubs.c' Remote Denial Of Service Vulnerability
http://www.securityfocus.com/bid/39247
MIT Kerberos Multiple Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/26750
Linux Kernel 'sctp_rcv_ootb()' Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/38857
FreePHPWebsiteSoftware 'default_theme.php' Remote File Include Vulnerability
http://www.securityfocus.com/bid/39280
PotatoNews 'nid' Parameter Multiple Local File Include Vulnerabilities
http://www.securityfocus.com/bid/39276
MediaWiki Cross Site Request Forgery Vulnerability
http://www.securityfocus.com/bid/39270
aWiki Component for Joomla! 'controller' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/39267
VJDEO Component for Joomla! 'controller' Parameter Local File Include Vulnerability
http://www.securityfocus.com/bid/39266
ClamAV Security Bypass And Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/39262
0 件のコメント:
コメントを投稿