+ Linux kernel 2.6.34.12 released
http://www.kernel.org/pub/linux/kernel/v2.6/longterm/v2.6.34/ChangeLog-2.6.34.12
+ MySQL 5.5.25 (Not yet released)
http://dev.mysql.com/doc/refman/5.5/en/news-5-5-25.html
+ Linux Kernel NFS Client 'decode_getacl()' Incomplete Fix Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/53615
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2375
+ Linux Kernel CVE-2012-2373 Race Condition Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/53614
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2373
「www.facebook.com」ファイルにご用心、Facebook経由で広がるウイルス
http://itpro.nikkeibp.co.jp/article/NEWS/20120521/397582/?ST=security
JVNDB-2012-002458 Linux Kernel の HFS Plus ファイルシステムの実装におけるバッファオーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002458.html
JVNDB-2012-002457 Linux kernel の cap_bprm_set_creds 関数におけるパーソナリティ (personality) の制限を回避される脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002457.html
JVNDB-2012-002456 Linux kernel の KVM の実装におけるサービス運用妨害 (ホスト OS クラッシュ) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002456.html
JVNDB-2012-002455 Linux Kernel の KVM の実装におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002455.html
JVNDB-2012-002454 Linux Kernel におけるサービス運用妨害 (ホスト OS クラッシュ) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002454.html
JVNDB-2012-002453 Linux Kernel の mem_cgroup_usage_unregister_event 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002453.html
JVNDB-2012-002452 Linux Kernel の regset 関数におけるサービス運用妨害 (NULL ポインタデリファレンス) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002452.html
JVNDB-2012-002451 Linux Kernel の cifs_lookup 関数におけるサービス運用妨害 (OOPS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002451.html
JVNDB-2012-002450 Linux Kernel のブロックデバイスの I/O 実装におけるサービス運用妨害 (I/O 不安定) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002450.html
JVNDB-2012-002449 Linux Kernel の igmp_heard_query 関数におけるサービス運用妨害 (DoS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002449.html
JVNDB-2012-002448 Linux Kernel の kiocb_batch_free 関数におけるサービス運用妨害 (OOPS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002448.html
JVNDB-2012-002447 Linux Kernel の drm_mode_dirtyfb_ioctl 関数における整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002447.html
JVNDB-2012-002446 Linux Kernel の xfs_acl_from_disk 関数における整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002446.html
JVNDB-2012-002445 Linux Kernel におけるサービス運用妨害 (システムハング) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002445.html
JVNDB-2012-002444 PowerPC プラットフォーム上で稼働する Linux Kernel における整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002444.html
JVNDB-2012-002443 Linux Kernel の __sys_sendmsg 関数におけるサービス運用妨害 (システムクラッシュ) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002443.html
JVNDB-2012-002442 Linux Kernel の udp6_ufo_fragment 関数におけるサービス運用妨害 (システムクラッシュ) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002442.html
JVNDB-2012-002441 Linux Kernel の NFSv4 実装におけるサービス運用妨害 (OOPS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002441.html
JVNDB-2012-002440 Linux Kernel のネットサブシステムにおけるサービス運用妨害 (パニック) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002440.html
JVNDB-2012-002439 Linux Kernel の oom_badness 関数における整数オーバーフローの脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002439.html
JVNDB-2012-002438 Linux Kernel の m_stop 関数におけるサービス運用妨害 (OOPS) の脆弱性
http://jvndb.jvn.jp/ja/contents/2012/JVNDB-2012-002438.html
H2HC Brazil 9th Edition - Call for Papers
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-05/msg00106.html
SEC Consult SA-20120518 :: Memory overwrite vulnerability in libwpd (OpenOffice.org) - CVE&#
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-05/msg00107.html
[SECURITY] [DSA 2475-1] openssl security update
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-05/msg00103.html
[security bulletin] HPSBOV02780 SSRT100766 rev.1 - HP OpenVMS ACMELOGIN, Local Unauthorized
http://www.derkeiler.com/Mailing-Lists/securityfocus/bugtraq/2012-05/msg00102.html
Drupal Access Bypass Vulnerability
http://www.securiteam.com/securitynews/5UP372A75A.html
VMware vCenter Chargeback Manager Information Disclosure and Denial of Service Vulnerabilities
http://www.securiteam.com/securitynews/5TP362A75A.html
PHP 5.4 Remote Exploit PoC in the wild
http://isc.sans.edu/diary.html?storyid=13255
ZTE Score M Android Phone backdoor
http://isc.sans.edu/diary.html?storyid=13252
Do Firewalls make sense?
http://isc.sans.edu/diary.html?storyid=13240
Symantec Web Gateway Bugs Let Remote Users View/Upload/Delete Files, Execute Arbitrary Commands, and Conduct Cross-Site Scripting Attacks
http://www.securitytracker.com/id/1027078
Sudo Netmask Error Lets Remote Authenticated Users Bypass Host Access Controls
http://www.securitytracker.com/id/1027077
RealPlayer Bugs Let Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1027076
Liferay Portal Multiple Vulnerabilities
http://secunia.com/advisories/49205/
Liferay Portal Two Security Bypass Vulnerabilities
http://secunia.com/advisories/49154/
Tornado HTTP Header Injection Vulnerability
http://secunia.com/advisories/49185/
PolarSSL Diffie-Hellman and RSA Weak Key Generation Weakness
http://secunia.com/advisories/49220/
Symantec Web Gateway Multiple Vulnerabilities
http://secunia.com/advisories/49216/
Ubuntu update for backuppc
http://secunia.com/advisories/49213/
Belkin N150 Wireless Router Password MD5 Hash Disclosure Weakness
http://secunia.com/advisories/49145/
NetGear WNDRMAC Password Recovery Information Disclosure Weakness
http://secunia.com/advisories/49099/
Ubuntu update for update-manager
http://secunia.com/advisories/49230/
IBM Rational Change Unspecified Cross-Site Scripting Vulnerability
http://secunia.com/advisories/49202/
Debian update for ikiwiki
http://secunia.com/advisories/49199/
Debian update for openssl
http://secunia.com/advisories/49208/
WordPress WassUp Plugin "User-Agent" HTTP Header Script Insertion Vulnerability
http://secunia.com/advisories/49225/
OpenVMS Privilege Escalation Vulnerability
http://secunia.com/advisories/49228/
HP-UX update for OpenSSL
http://secunia.com/advisories/49229/
ikiwiki "author" and "authorurl" Meta Directives Script Insertion Vulnerabilities
http://secunia.com/advisories/49232/
REMOTE: Active Collab "chat module" <= 2.3.8 Remote PHP Code Injection Exploit
http://www.exploit-db.com/exploits/18898
REMOTE: Squiggle 1.7 SVG Browser Java Code Execution
http://www.exploit-db.com/exploits/18896
REMOTE: Oracle Weblogic Apache Connector POST Request Buffer Overflow
http://www.exploit-db.com/exploits/18897
REMOTE: HP VSA Remote Command Execution Exploit
http://www.exploit-db.com/exploits/18893
LOCAL: SkinCrafter ActiveX Control version 3.0 Buffer Overflow
http://www.exploit-db.com/exploits/18892
Acuity CMS 2.6.x (ASP-based) Arbitrary File Upload
http://cxsecurity.com/issue/WLB-2012050154
Acuity CMS 2.6.x (ASP-based) Path Traversal
http://cxsecurity.com/issue/WLB-2012050153
erniecosta Cms Sql Injection Vulnerabilities
http://cxsecurity.com/issue/WLB-2012050152
Concrete CMS 5.5.21 Multiple Vulns
http://cxsecurity.com/issue/WLB-2012050151
results-unlimited Cms Sql Injection Vulnerabilities
http://cxsecurity.com/issue/WLB-2012050150
stmarysnuneaton Cms Sql Injection Vulnerabilities
http://cxsecurity.com/issue/WLB-2012050149
attractweb Cms Sql Injection Vulnerabilities
http://cxsecurity.com/issue/WLB-2012050148
PHP 5.4.3 Win32 Code Execution
http://cxsecurity.com/issue/WLB-2012050147
Oracle Weblogic Apache Connector POST Request Buffer Overflow
http://cxsecurity.com/issue/WLB-2012050146
Vertrigoserv 2.27 Local Privilege Escalation Exploit
http://cxsecurity.com/issue/WLB-2012050145
libwpd WPXContentListener::_closeTableRow() Memory Overwrite
http://cxsecurity.com/issue/WLB-2012050144
EMC IRM License Server Multiple Denial of Service
http://cxsecurity.com/issue/WLB-2012050143
SkinCrafter 3.0 Buffer Overflow
http://cxsecurity.com/issue/WLB-2012050142
Squiggle 1.7 SVG Browser Java Code Execution
http://cxsecurity.com/issue/WLB-2012050141
Epicor Returns Management SOAP-Based Blind SQL Injection
http://cxsecurity.com/issue/WLB-2012050140
HP VSA Command Execution
http://cxsecurity.com/issue/WLB-2012050139
Cryptographp Local File Inclusion / HTTP Response Splitting
http://cxsecurity.com/issue/WLB-2012050138
Division 6 IT SQL Injection / Cross Site Scripting
http://cxsecurity.com/issue/WLB-2012050137
Vanilla 2.0.18.4 Cross Site Scripting
http://cxsecurity.com/issue/WLB-2012050136
Vanilla Latest Comment 1.1 Cross Site Scripting
http://cxsecurity.com/issue/WLB-2012050135
Vanilla About Me 1.1.1 Cross Site Scripting
http://cxsecurity.com/issue/WLB-2012050134
Oracle Java SE CVE-2012-0502 Remote Information Disclosure Vulnerability
http://www.securityfocus.com/bid/52011
FFmpeg libavcodec 'vmd decode()' Heap Based Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/50880
pidgin-otr 'log_message_cb()' Function Format String Vulnerability
http://www.securityfocus.com/bid/53557
HP OpenVMS Integrity Server Unspecified Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/45416
Hewlett-Packard Virtual SAN Appliance 'hydra.exe' Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/47005
Oracle mod_wl HTTP POST Request Remote Buffer Overflow Vulnerability
http://www.securityfocus.com/bid/30273
OpenOffice Prior to 3.4 Multiple Memory Corruption Vulnerabilities
http://www.securityfocus.com/bid/53570
PolarSSL Diffie Hellman Key Exchange Security Bypass Vulnerability
http://www.securityfocus.com/bid/46670
Liferay Portal Multiple Security Vulnerabilities
http://www.securityfocus.com/bid/53546
Liferay Portal 'updateOrganizations()' Method Security Bypass Vulnerability
http://www.securityfocus.com/bid/53509
ikiwiki CVE-2012-0220 Multiple Cross Site Scripting Vulnerabilities
http://www.securityfocus.com/bid/53599
OpenSSL DTLS CVE-2012-2333 Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/53476
Oracle Java SE and Java for Business CVE-2011-0814 Remote Java Runtime Environment Vulnerability
http://www.securityfocus.com/bid/48145
Linux Kernel KVM 'kvm_apic_accept_pic_intr()' Function Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/53488
Linux kernel fcaps Local Security Bypass Vulnerability
http://www.securityfocus.com/bid/53166
Linux Kernel 'journal_unmap_buffer()' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/51945
Linux Kernel NFS Client 'decode_getacl()' Incomplete Fix Remote Denial of Service Vulnerability
http://www.securityfocus.com/bid/53615
Linux Kernel CVE-2012-2373 Race Condition Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/53614
HP OpenVMS ACMELOGIN CVE-2012-2010 Unspecified Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/53613
Tornado 'tornado.web.RequestHandler.set_header()' HTTP Response Splitting Vulnerability
http://www.securityfocus.com/bid/53612
0 件のコメント:
コメントを投稿