+ nginx-1.7.2 mainline version has been released
http://nginx.org/en/CHANGES
http://lwn.net/Alerts/602532/
+ CESA-2014:X009 Important: Xen4CentOS kernel Security Update
http://lwn.net/Alerts/602531/
+ HPSBMU03048 rev.1 - HP Software Executive Scorecard, Remote Execution of Code, Directory Traversal
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04341295-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2609
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2610
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2611
+ UPDATE: HPSBUX03046 SSRT101590 rev.2 - HP-UX Running OpenSSL, Remote Denial of Service (DoS), Code Execution, Security Restriction Bypass, Disclosure of Information, or Unauthorized Access
https://h20565.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04336637-2%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
+ CVE-2014-0224 Cryptographic Issues vulnerability in OpenSSL
https://blogs.oracle.com/sunsecurity/entry/cve_2014_0224_cryptographic_issues1
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224
+ CVE-2014-0224 Cryptographic Issues vulnerability in WAN Boot
https://blogs.oracle.com/sunsecurity/entry/cve_2014_0224_cryptographic_issues
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224
+ CVE-2014-0591 Buffer Errors vulnerability in Bind
https://blogs.oracle.com/sunsecurity/entry/cve_2014_0591_buffer_errors1
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0591
+ CVE-2012-5581 Denial of Service vulnerability in LibTIFF
https://blogs.oracle.com/sunsecurity/entry/cve_2012_5581_denial_of
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5581
+ CVE-2014-0397 Buffer Errors vulnerability in libXtsol
https://blogs.oracle.com/sunsecurity/entry/cve_2014_0397_buffer_errors
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0397
+ Sysstat 11.0.0 released
http://sebastien.godard.pagesperso-orange.fr/changelog.html
+ Microsoft Malware Protection Engine Scanning Bug Lets Remote and Local Users Deny Service
http://www.securitytracker.com/id/1030438
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2779
+ VMware vCenter Server Appliance RVC Bug Lets Remote Authenticated Users Gain Elevated Privileges
http://www.securitytracker.com/id/1030436
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3790
+ VU#719172 Symantec Web Gateway contains SQL injection and cross-site scripting vulnerabilities
http://www.kb.cert.org/vuls/id/719172
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1652
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1651
+ REMOTE: Java Debug Wire Protocol Remote Code Execution
http://www.exploit-db.com/exploits/33789
+ LOCAL: Adobe Reader for Android addJavascriptInterface Exploit
http://www.exploit-db.com/exploits/33791/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0514
+ Java Debug Wire Protocol Remote Code Execution
http://cxsecurity.com/issue/WLB-2014060093
+ Adobe Reader for Android addJavascriptInterface Exploit
http://cxsecurity.com/issue/WLB-2014060092
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0514
+ 050 plus for Android CVE-2014-2000 Information Disclosure Vulnerability
http://www.securityfocus.com/bid/68074
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2000
+ Xen CVE-2014-4021 Information Disclosure Vulnerability
http://www.securityfocus.com/bid/68070
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4021
JVNDB-2014-000056 TERASOLUNA Server Framework for Java において ClassLoader が操作可能な脆弱性
http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000056.html
JVNDB-2014-000049 Android 版アプリ「050 plus」における情報管理不備の脆弱性
http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000049.html
大騒動を呼ぶ「犯罪予告」、承認欲求の発現か自暴自棄か
http://itpro.nikkeibp.co.jp/article/COLUMN/20140614/564082/?ST=security
巧妙化する標的型攻撃メール、事例で知るその手口ITpro
第3回 痕跡を消し巧妙化するウイルスを見抜くには
http://itpro.nikkeibp.co.jp/article/COLUMN/20140605/561869/?ST=security
丸紅が7000人利用の仮想化基盤を導入
Webメールからの情報漏えい防ぐ
http://itpro.nikkeibp.co.jp/article/COLUMN/20140606/562163/?ST=security
脆弱性を突かれて、実家と自宅の250kmを一晩で往復した話
http://itpro.nikkeibp.co.jp/article/Watcher/20140617/564502/?ST=security
ミクシィに不正ログイン攻撃、430万回超の試行が現在も継続
http://itpro.nikkeibp.co.jp/article/NEWS/20140617/564787/?ST=security
VU#210884 F5 ARX Data Manager contains a SQL injection vulnerability
http://www.kb.cert.org/vuls/id/210884
REMOTE: Easy File Management Web Server Stack Buffer Overflow
http://www.exploit-db.com/exploits/33790
0 件のコメント:
コメントを投稿