+ CESA-2014:0448 Critical CentOS 6 firefox Update
http://lwn.net/Alerts/596780/
+ CESA-2014:0448 Critical CentOS 5 firefox Update
http://lwn.net/Alerts/596781/
+ CESA-2014:0449 Important CentOS 6 thunderbird Update
http://lwn.net/Alerts/596782/
+ CESA-2014:0449 Important CentOS 5 thunderbird Update
http://lwn.net/Alerts/596783/
+ UPDATE: OpenSSL Heartbeat Extension Vulnerability in Multiple Cisco Products
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140409-heartbleed
+ Multiple Vulnerabilities in Cisco TelePresence System MXP Series
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140430-mxp
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2158
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2159
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2160
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2161
+ Multiple Vulnerabilities in Cisco TelePresence TC and TE Software
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140430-tcte
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2162
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2163
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2164
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2165
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2166
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2167
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2168
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2169
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2170
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2171
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2172
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2173
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2175
+ UPDATE: HPSBGN03010 rev.3 - HP Software Server Automation running OpenSSL, Remote Disclosure of Information
https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04250814-3%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
+ HPSBMU03033 rev.1 - HP Insight Control Software Components running OpenSSL, Remote Disclosure of Information
https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04272892-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160
+ HPSBMU03030 rev.1 - HP Service Pack for ProLiant (SPP) Bundled Software running OpenSSL, Remote Disclosure of Information
https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04271396-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160
+ HPSBMU03028 rev.1 - HP Matrix Operating Environment and CloudSystem Matrix Software Components running OpenSSL, Remote Disclosure of Information
https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04268239-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160
+ HPSBMU03024 rev.1 - HP Insight Control Server Deployment on Linux and Windows running OpenSSL with System Management Homepage and Systems Insight Manager, Remote Disclosure of Information
https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04267749-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0160
+ UPDATE: HPSBST03016 rev.2 - HP P2000 G3 MSA Array Systems, HP MSA 2040 Storage, and HP MSA 1040 Storage running OpenSSL, Remote Disclosure of Information
https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04263038-2%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
+ UPDATE: HPSBUX02963 SSRT101297 rev.2 - HP-UX m4(1), Local Unauthorized Access
https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04103553-2%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
+ Linux kernel 3.2.58 released
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.2.58
+ Cross-Site Scripting Vulnerability in Citrix NetScaler Gateway, formerly Citrix Access Gateway Enterprise Edition
http://support.citrix.com/article/CTX140291
+ FreeBSD-SA-14:09.openssl OpenSSL use-after-free vulnerability
http://www.freebsd.org/security/advisories/FreeBSD-SA-14:09.openssl.asc
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-5298
+ FreeBSD-SA-14:08.tcp TCP reassembly vulnerability
http://www.freebsd.org/security/advisories/FreeBSD-SA-14:08.tcp.asc
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3000
+ FreeBSD-SA-14:07.devfs devfs rules not applied by default for jails
http://www.freebsd.org/security/advisories/FreeBSD-SA-14:07.devfs.asc
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3001
+ Struts 1 ClassLoader Manipulation
http://cxsecurity.com/issue/WLB-2014040197
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0114
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0112
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0094
+ RHSA-2014:0448 Critical: firefox security update
https://rhn.redhat.com/errata/RHSA-2014-0448.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1518
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1523
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1524
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1529
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1530
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1531
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1532
Microsoft Internet Explorer の脆弱性(CVE-2014-1776)に関して
http://app.trendmicro.co.jp/support/news.asp?id=2120
「ITパスポート試験」が緊急中止、システムで「Struts 1」を利用
http://itpro.nikkeibp.co.jp/article/NEWS/20140430/553866/?ST=security
Adobe Flash Player の脆弱性 (APSB14-13) に関する注意喚起
http://www.jpcert.or.jp/at/2014/at140019.html
JVNVU#93342829 Ignite Realtime Smack API に複数の脆弱性
http://jvn.jp/vu/JVNVU93342829/
JVN#31230946 サイボウズ ガルーンの API におけるアクセス制限回避の脆弱性
http://jvn.jp/jp/JVN31230946/
JVN#90519014 サイボウズ ガルーンの電話メモ機能におけるサービス運用妨害 (DoS) の脆弱性
http://jvn.jp/jp/JVN90519014/
JVN#19294237 Apache Struts において ClassLoader が操作可能な脆弱性
http://jvn.jp/jp/JVN19294237/
JVNVU#92280347 Internet Explorer に解放済みメモリ使用 (use-after-free) の脆弱性
http://jvn.jp/vu/JVNVU92280347/index.html
0 件のコメント:
コメントを投稿