+ RHSA-2014:0790 Moderate: dovecot security update
https://rhn.redhat.com/errata/RHSA-2014-0790.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3430
+ RHSA-2014:0788 Important: mod_wsgi security update
https://rhn.redhat.com/errata/RHSA-2014-0788.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0240
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0242
+ UPDATE: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20140605-openssl
+ HPSBMU03054 rev.1 - HP Server Automation running OpenSSL, Remote Unauthorized Access, Disclosure of Information
https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04348873-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224
+ HPSBMU03053 rev.1 - HP Software Database and Middleware Automation, OpenSSL Vulnerability, Remote Unauthorized Access or Disclosure of Information
https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04347711-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0224
+ UPDATE: HPSBUX02960 SSRT101419改訂版2 - NTP を実行する HP-UX、リモート サービス拒否 (DoS)
https://h20566.www2.hp.com/portal/site/hpsc/template.PAGE/public/kb/docDisplay/?spf_p.tpst=kbDocDisplay&spf_p.prp_kbDocDisplay=wsrp-navigationalState%3DdocId%253Demr_na-c04093819-1%257CdocLocale%253Dja_JP%257CcalledBy%253D&javax.portlet.begCacheTok=com.vignette.cachetoken&javax.portlet.endCacheTok=com.vignette.cachetoken
+ Linux kernel 3.12.23 released
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.23
+ SYM14-012 Security Advisories Relating to Symantec Products - Symantec Data Insight Management Console HTML Injection and Cross-Site Scripting
http://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20140625_00
+ VMSA-2014-0007 VMware product updates address security vulnerabilities in Apache Struts library
http://www.vmware.com/security/advisories/VMSA-2014-0007.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0094
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0112
+ Sophos Anti-Virus Input Validation Flaw in Configuration Console Permits Cross-Site Scripting Attacks
http://www.securitytracker.com/id/1030467
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2385
+ DoS/PoC: Internet Explorer 8, 9 & 10 - CInput Use-After-Free (MS14-035) - Crash PoC
http://www.exploit-db.com/exploits/33860/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0282
+ SA59492 VMware vCenter Orchestrator (vCO) Denial of Service Vulnerability
http://secunia.com/advisories/59492/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050
+ SA59500 VMware vCenter Operations Manager (vCOps) Two Vulnerabilities
http://secunia.com/advisories/59500/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0050
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0112
+ phpMyAdmin 4.2.3 XSS
http://cxsecurity.com/issue/WLB-2014060139
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4348
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4349
+ Linux kernel 3.15.1 sensitive information leak
http://cxsecurity.com/issue/WLB-2014060138
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0206
+ Samba 4.1.8 remote Denial of Service
http://cxsecurity.com/issue/WLB-2014060137
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0244
+ FreeBSD 'iconv_open' Function Remote Multiple Denial of Service Vulnerabilities
http://www.securityfocus.com/bid/68178
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3951
+ Symantec Data Insight Management Console CVE-2014-3433 HTML Injection Vulnerability
http://www.securityfocus.com/bid/68161
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3433
+ Symantec Data Insight Management Console CVE-2014-3432 Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/68160
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3432
JVNDB-2014-000064 Web給金帳におけるクロスサイトリクエストフォージェリの脆弱性
http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000064.html
JVNDB-2014-000063 Web給金帳におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000063.html
【企業内のネット接続機器、不適切な情報公開とその対策】
第4回 オフィス機器のセキュリティ対策、3つのポイント
http://itpro.nikkeibp.co.jp/article/COLUMN/20140610/562889/?ST=security
3週間で50万件超の不正ログイン、「リスト型攻撃」が止まらない
http://itpro.nikkeibp.co.jp/article/COLUMN/20140624/566362/?ST=security
夏季休暇中のシステム障害を電話で人が伝えてくれるサービス
http://itpro.nikkeibp.co.jp/article/NEWS/20140625/566664/?ST=security
企業が社員の個人ソーシャルメディアアカウントを監視する時代が来るか
http://itpro.nikkeibp.co.jp/article/COLUMN/20140625/566563/?ST=security
LINEやmixiの乗っ取りで被害者続出、友達関係までが突然終了
http://itpro.nikkeibp.co.jp/article/COLUMN/20140620/565702/?ST=security
REMOTE: Cogent DataHub Command Injection
http://www.exploit-db.com/exploits/33880
0 件のコメント:
コメントを投稿