+ RHSA-2015:0766 Critical: firefox security update
https://rhn.redhat.com/errata/RHSA-2015-0766.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0801
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0807
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0813
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0815
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0816
+ RHSA-2015:0767 Important: flac security update
https://rhn.redhat.com/errata/RHSA-2015-0767.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-8962
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9028
+ TortoiseSVN 1.8.11 released
http://tortoisesvn.net/downloads.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0202
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0248
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0251
+ Mozilla Firefox 37.0 released
https://www.mozilla.org/en-US/firefox/37.0/releasenotes/
+ MFSA 2015-42 Windows can retain access to privileged content on navigation to unprivileged pages
https://www.mozilla.org/en-US/security/advisories/mfsa2015-42/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0802
+ MFSA 2015-41 PRNG weakness allows for DNS poisoning on Android
https://www.mozilla.org/en-US/security/advisories/mfsa2015-41/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0800
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-2808
+ MFSA 2015-40 Same-origin bypass through anchor navigation
https://www.mozilla.org/en-US/security/advisories/mfsa2015-40/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0801
+ MFSA 2015-39 Use-after-free due to type confusion flaws
https://www.mozilla.org/en-US/security/advisories/mfsa2015-39/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0803
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0804
+ MFSA 2015-38 Memory corruption crashes in Off Main Thread Compositing
https://www.mozilla.org/en-US/security/advisories/mfsa2015-38/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0805
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0806
+ MFSA 2015-37 CORS requests should not follow 30x redirections after preflight
https://www.mozilla.org/en-US/security/advisories/mfsa2015-37/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0807
+ MFSA 2015-36 Incorrect memory management for simple-type arrays in WebRTC
https://www.mozilla.org/en-US/security/advisories/mfsa2015-36/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0808
+ MFSA 2015-35 Cursor clickjacking with flash and images
https://www.mozilla.org/en-US/security/advisories/mfsa2015-35/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0810
+ MFSA 2015-34 Out of bounds read in QCMS library
https://www.mozilla.org/en-US/security/advisories/mfsa2015-34/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0811
+ MFSA 2015-33 resource:// documents can load privileged pages
https://www.mozilla.org/en-US/security/advisories/mfsa2015-33/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0816
+ MFSA 2015-32 Add-on lightweight theme installation approval bypassed through MITM attack
https://www.mozilla.org/en-US/security/advisories/mfsa2015-32/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0812
+ MFSA 2015-31 Use-after-free when using the Fluendo MP3 GStreamer plugin
https://www.mozilla.org/en-US/security/advisories/mfsa2015-31/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0813
+ MFSA 2015-30 Miscellaneous memory safety hazards (rv:37.0 / rv:31.6)
https://www.mozilla.org/en-US/security/advisories/mfsa2015-30/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0815
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0814
+ Mozilla Thunderbird 31.6 released
https://www.mozilla.org/en-US/thunderbird/31.6.0/releasenotes/
+ UPDATE: GNU glibc gethostbyname Function Buffer Overflow Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150128-ghost
+ UPDATE: Multiple Vulnerabilities in ntpd Affecting Cisco Products
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141222-ntpd
+ HPSBGN03270 rev.1 - HP Operations Analytics, Remote Execution of Code
https://h20565.www2.hp.com/hpsc/doc/public/display?calledBy=&docId=emr_na-c04577814&docLocale=ja_JP
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0235
+ CentOS-7 (1503) is released
http://seven.centos.org/?p=312
+ Mozilla Firefox Bugs Let Remote Users Execute Arbitrary Code, Bypass Security Restrictions, and Obtain Potentially Sensitive Information
http://www.securitytracker.com/id/1031996
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0800
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0801
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0802
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0803
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0804
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0805
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0806
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0807
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0808
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0810
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0811
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0812
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0813
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0814
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0815
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0816
+ REMOTE: Adobe Flash Player ByteArray With Workers Use After Free
http://www.exploit-db.com/exploits/36579/
+ Windows Run Command As User
http://cxsecurity.com/issue/WLB-2015030207
+ SA63705 Mozilla Firefox ESR / Thunderbird Multiple Vulnerabilities
http://secunia.com/advisories/63705/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0801
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0807
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0813
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0815
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0816
+ SA63406 Mozilla Firefox Multiple Vulnerabilities
http://secunia.com/advisories/63406/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0801
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0802
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0803
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0804
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0805
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0806
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0807
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0810
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0811
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0812
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0813
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0814
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0815
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0816
JVNDB-2015-000046 WordPress 用プラグイン All in One SEO Pack における情報管理不備の脆弱性
http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-000046.html
青天井のセキュリティ対策、どこまでするか
PART3 巧妙化する攻撃手口
http://itpro.nikkeibp.co.jp/atcl/column/15/032600052/032600003/?ST=security
要件定義・基本設計で役立つ、安全なWebアプリ&インフラ構築術
第4回 狙われる「パスワード管理」と「認証」の不備
http://itpro.nikkeibp.co.jp/atcl/column/15/021900028/032600006/?ST=security
世界のセキュリティ・ラボから
韓国原発に対するサイバー攻撃、情報の身代金を要求
http://itpro.nikkeibp.co.jp/atcl/column/14/264220/033000039/?ST=security
原子力規制庁の内部文書が流出、翻訳委託先がクラウドソーシングで“再委託”か
http://itpro.nikkeibp.co.jp/atcl/news/15/033101142/?ST=security
JVN#75615300 WordPress 用プラグイン All in One SEO Pack における情報管理不備の脆弱性
http://jvn.jp/jp/JVN75615300/
JVNVU#92002857 複数の認証局においてメールアドレスのみに基づいて証明書を発行している問題
http://jvn.jp/vu/JVNVU92002857/
VU#550620 Multicast DNS (mDNS) implementations may respond to unicast queries originating outside the local link
http://www.kb.cert.org/vuls/id/550620
0 件のコメント:
コメントを投稿