+ TortoiseSVN 1.8.6 released
http://tortoisesvn.net/tsvn_1.8_releasenotes.html
+ UPDATE: OpenSSL Heartbeat Extension Vulnerability in Multiple Cisco Products
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed
+ HPSBUX03001 SSRT101382 rev.1 - HP-UX Whitelisting (WLI), Local Unauthorized Access
https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04227671-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6219
+ Linux kernel 3.14.1, 3.13.10, 3.10.37, 3.4.87 released
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.1
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.13.10
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.37
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.4.87
+ UltraMonkey-L7 3.1.1-1 released
http://sourceforge.jp/projects/ultramonkey-l7/releases/
+ LOCAL: Internet Explorer 10 & Adobe Flash Player (12.0.0.70, 12.0.0.77) - CMarkup Use-After-Free
http://www.exploit-db.com/exploits/32851
+ SA57770 VMware Multiple Products OpenSSL TLS/DTLS Heartbeat Two Information Disclosure Vulnerabilities
http://secunia.com/advisories/57770/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160
+ SA57910 NetScreen ScreenOS SSL/TLS Protocol Packet Handling Denial of Service Vulnerability
http://secunia.com/advisories/57910/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2842
+ SA57738 McAfee Email Gateway OpenSSL Multiple Vulnerabilities
http://secunia.com/advisories/57738/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-4353
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6449
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-6450
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0076
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160
+ Juniper Networks ScreenOS SSL/TLS Protocol Packet Handling Denial of Service Vulnerability
http://www.securityfocus.com/bid/66802
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2842
+ OpenSSL 'ssl3_release_read_buffer()' Use-After-Free Memory Corruption Vulnerability
http://www.securityfocus.com/bid/66801
+ VMware Player and Workstation CVE-2014-2384 Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/66784
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2384
Barman 1.3.1 released
http://www.postgresql.org/about/news/1514/
JVNDB-2014-000036 Android 版 CamiApp における Content Provider のアクセス制限不備の脆弱性
http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000036.html
JVNDB-2014-000035 SD Card Manager におけるディレクトリトラバーサルの脆弱性
http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000035.html
サポート終了後もWindows Server2003を保護、日立ソリューションズが開始
http://itpro.nikkeibp.co.jp/article/NEWS/20140414/550482/?ST=security
マカフィー、マルウエア断片化対策を備えた次世代ファイアウォール
http://itpro.nikkeibp.co.jp/article/NEWS/20140414/550442/?ST=security
米政府、「Heartbleedを情報収集活動に利用」との報道を否定
http://itpro.nikkeibp.co.jp/article/NEWS/20140414/550283/?ST=security
JVNVU#98943832 PivotX に複数の脆弱性
http://jvn.jp/vu/JVNVU98943832/index.html
JVNVU#97596800 Amtelco miSecureMessages に認証不備の脆弱性
http://jvn.jp/vu/JVNVU97596800/index.html
JVNVU#98858887 Fortinet FortiADC にクロスサイトスクリプティングの脆弱性
http://jvn.jp/vu/JVNVU98858887/index.html
JVNVU#94935747 ZyXEL Wireless N300 NetUSB Router に複数の脆弱性
http://jvn.jp/vu/JVNVU94935747/index.html
JVN#55438786 Android 版 CamiApp における Content Provider のアクセス制限不備の脆弱性
http://jvn.jp/jp/JVN55438786/index.html
VU#657622 Xangati software release contains relative path traversal and command injection vulnerabilities
http://www.kb.cert.org/vuls/id/657622
VU#215284 Artiva Agency Single Sign-On (SSO) feature vulnerability
http://www.kb.cert.org/vuls/id/215284
VU#437385 PaperThin CommonSpot CMS contains multiple vulnerabilities
http://www.kb.cert.org/vuls/id/437385
DoS/PoC: WhatsApp < v2.11.7 - Remote Crash
http://www.exploit-db.com/exploits/32865
0 件のコメント:
コメントを投稿