+ RHSA-2014:1956 Moderate: wpa_supplicant security updat
https://access.redhat.com/errata/RHSA-2014:1956
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3686
+ Opera 26 released
http://www.opera.com/docs/changelogs/unified/2600/
+ phpMyAdmin 4.0.10.7, 4.1.14.8, 4.2.13.1 and 4.3.0-rc2 have been released
http://sourceforge.net/p/phpmyadmin/news/2014/12/phpmyadmin-40107-41148-42131-and-430-rc2-have-been-released/
+ PMASA-2014-18 XSS vulnerability in redirection mechanism
http://www.phpmyadmin.net/home_page/security/PMASA-2014-18.php
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9219
+ PMASA-2014-17 DoS vulnerability with long passwords
http://www.phpmyadmin.net/home_page/security/PMASA-2014-17.php
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9218
+ Citrix XenServer Multiple Security Updates
http://support.citrix.com/article/CTX200288
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8595
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8866
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8867
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1666
+ Linux Kernel XFS Hash Collision Lets Local Users Deny Service
http://www.securitytracker.com/id/1031281
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7283
+ Linux Kernel ftrace Subsystem Memory Access Flaw Lets Local Users Deny Service
http://www.securitytracker.com/id/1031280
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7826
+ Linux Kernel Perf Subsystem Memory Access Flaw Lets Local Users Deny Service
http://www.securitytracker.com/id/1031279
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-7825
+ SA60037 Linux Kernel Capabilities Manipulation Security Issue
http://secunia.com/advisories/60037/
+ SA60925 Opera Multiple Vulnerabilities
http://secunia.com/advisories/60925/
+ SA62240 Hitachi Multiple Products USB Storage Device Write Access Security Bypass Vulnerability
http://secunia.com/advisories/62240/
+ Google Document Embedder 2.5.16 mysql_real_escpae_string bypass SQL Injection
http://cxsecurity.com/issue/WLB-2014120022
+ phpMyAdmin CVE-2014-9219 Cross Site Scripting Vulnerability
http://www.securityfocus.com/bid/71435
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9219
+ phpMyAdmin Long Password Handling Denial of Service Vulnerability
http://www.securityfocus.com/bid/71434
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9218
JVNDB-2014-000142 DBD::PgPP における SQL インジェクションの脆弱性
http://jvndb.jvn.jp/ja/contents/2014/JVNDB-2014-000142.html
UPDATE: VNVU#98283300 SSLv3 プロトコルに暗号化データを解読される脆弱性(POODLE 攻撃)
http://jvn.jp/vu/JVNVU98283300/
マカフィー、詐欺・迷惑電話を防ぐAndroidスマホアプリを発表
http://itpro.nikkeibp.co.jp/atcl/news/14/120302112/?ST=security
0 件のコメント:
コメントを投稿