+ About the security content of Safari 8.0.6, Safari 7.1.6, and Safari 6.2.6
https://support.apple.com/ja-jp/HT204826
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1152
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1153
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1154
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1155
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1156
+ phpMyAdmin 4.4.5 released
https://sourceforge.net/projects/phpmyadmin/files/phpMyAdmin/4.4.5/phpMyAdmin-4.4.5-notes.html/view
+ squid 3.5.4, 3.4.13, 3.3.14, 3.2.14 released
http://www.squid-cache.org/Versions/v3/3.5/squid-3.5.4-RELEASENOTES.html
http://www.squid-cache.org/Versions/v3/3.4/squid-3.4.13-RELEASENOTES.html
http://www.squid-cache.org/Versions/v3/3.3/RELEASENOTES.html
http://www.squid-cache.org/Versions/v3/3.2/RELEASENOTES.html
+ VMware Player 6.0.6 released
https://www.vmware.com/support/player60/doc/player-606-release-notes.html
+ Cisco UCS Central Software Arbitrary Command Execution Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150506-ucsc
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0701
+ UPDATE: Multiple Vulnerabilities in ntpd (April 2015) Affecting Cisco Products
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150408-ntpd
+ UPDATE: Multiple Vulnerabilities in OpenSSL (January 2015) Affecting Cisco Products
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150310-ssl
+ UPDATE: Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150320-openssl
+ Linux kernel 4.0.2, 3.19.7, 3.18.13, 3.14.41, 3.12.42, 3.10.77 released
https://www.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.0.2
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.13
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.41
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.12.42
https://www.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.10.77
+ Samba 4.2.1, 4.0.26 released
http://news.samba.org/
+ McAfee ePolicy Orchestrator Deep Command Unquoted Executable Path Lets Local Users Gain Elevated Privileges
http://www.securitytracker.com/id/1032244
+ Google Chrome Bugs Let Remote Users Execute Arbitrary Code
http://www.securitytracker.com/id/1032234
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1243
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1250
+ libcurl CURLOPT_HTTPHEADER Option Discloses Potentially Sensitive Information to Remote Users
http://www.securitytracker.com/id/1032233
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3153
+ libcurl Bugs Let Remote Users Deny Service and Execute Arbitrary Code
http://www.securitytracker.com/id/1032232
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3143
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3144
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3145
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3148
+ Squid SSL-Bump Certificate Validation Flaw Lets Remote Servers Bypass Client-side Certificate Validation
http://www.securitytracker.com/id/1032221
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3455
+ Apache Tomcat Connection Swallow Denial Of Service
http://cxsecurity.com/issue/WLB-2015050029
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0230
+ Dell SonicWALL Secure Remote Access 7.5 / 8.0 CSRF
http://cxsecurity.com/issue/WLB-2015050023
+ Windows 8.1 Console Driver Job Object Process Limit Bypass
http://cxsecurity.com/issue/WLB-2015050018
+ PHP logic error and some == wonkiness
http://cxsecurity.com/issue/WLB-2015050010
+ Chrome 42.0.2311.87 MutationObserver::disconnect Use-after-free
http://cxsecurity.com/issue/WLB-2015050005
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1243
+ Linux Kernel ipv4 Missing sk_nulls_node_init() in ping_unhash()
http://cxsecurity.com/issue/WLB-2015050004
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3636
+ Adobe Flash Player UncompressViaZlibVariant Uninitialized Memory
http://cxsecurity.com/issue/WLB-2015050003
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1243
+ net-snmp snmp_pdu_parse() function incompletely initializaition vulnerability
http://cxsecurity.com/issue/WLB-2015040064
+ PHP 5.6.7 Exception Type Confusion / Heap Overflow
http://cxsecurity.com/issue/WLB-2015040209
+ PHP 5.6.7 SoapFault Type Confusion
http://cxsecurity.com/issue/WLB-2015040208
+ SA64411 SonicWALL SSL-VPN SRA Cross-Site Request Forgery Vulnerability
http://secunia.com/advisories/64411/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2248
+ SA64043 Hitachi Cosminexus Products Denial of Service Vulnerability
http://secunia.com/advisories/64043/
+ SA64405 Apache Tomcat Request Body Swallow Denial of Service Vulnerability
http://secunia.com/advisories/64405/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0230
+SA64291 Apache Tomcat Chunked Request Handling Vulnerability
http://secunia.com/advisories/64291/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0227
+ SA64282 OpenStack Keystone Cache Backend Information Disclosure Weakness
http://secunia.com/advisories/64282/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3646
+ SA64351 McAfee Firewall Enterprise ISC BIND Trusted Anchor Management Denial of Service Vulnerability
http://secunia.com/advisories/64351/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1349
+ SA64360 Squid Server Certificate Validation Security Issue
http://secunia.com/advisories/64360/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3455
+ SA64359 libssh "ssh_packet_kexdh_init()" Denial of Service Vulnerability
http://secunia.com/advisories/64359/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3146
Barman 1.4.1 released
http://www.postgresql.org/about/news/1583/
JVNDB-2015-000062 EasyCTF におけるセッション管理不備の脆弱性
http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-000062.html
JVNDB-2015-000061 EasyCTF におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-000061.html
JVNDB-2015-000060 EasyCTF における任意のファイルを作成される脆弱性
http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-000060.html
JVNVU#94201974 EMC AutoStart に任意のコマンド実行が可能な脆弱性
http://jvn.jp/vu/JVNVU94201974/
VU#978652 Bomgar Remote Support Portal deserializes untrusted data
http://www.kb.cert.org/vuls/id/978652
VU#602540 ICU Project ICU4C library contains multiple overflow vulnerabilities
http://www.kb.cert.org/vuls/id/602540
0 件のコメント:
コメントを投稿