2015年12月1日火曜日

1日 火曜日、大安

+ RHSA-2015:2521 Important: jakarta-commons-collections security update
https://rhn.redhat.com/errata/RHSA-2015-2521.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7501

+ RHSA-2015:2522 Important: apache-commons-collections security update
https://rhn.redhat.com/errata/RHSA-2015-2522.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7501

+ Cisco Cloud Services Router 1000V Command Injection Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151130-csr
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6385

+ Cisco Web Security Appliance Native FTP Denial of Service Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151130-wsa
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6386

+ UPDATE: Cisco FireSIGHT Management Center Certificate Validation Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151116-fmc

+ UPDATE: Cisco Identity Services Engine Cross-Site Scripting Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20150128-CVE-2014-8022

+ Cisco ASR 1000 Series Root Shell License Bypass Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151130-asa
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6383

+ HS15-029 Vulnerability in Cosminexus HTTP Server and Hitachi Web Server
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS15-029/index.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3183

+ HS15-028 XML External Entity (XXE) Vulnerability in Hitachi Command Suite
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/HS15-028/index.html

+ HS15-029 Cosminexus HTTP Server, Hitachi Web Serverにおける脆弱性
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS15-029/index.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3183

+ HS15-028 Hitachi Command Suite製品における任意のファイルが参照できる脆弱性
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/HS15-028/index.html

+ OpenLDAP 2.4.43 released
http://www.openldap.org/software/release/

Announcing PGConf US 2016: Apr 18 - 20, NYC - Call for Presentations Open
http://www.postgresql.org/about/news/1628/

JVNDB-2015-000189 p++BBS におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-000189.html

JVNDB-2015-000188 フレーム高速チャットにおけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2015/JVNDB-2015-000188.html

三菱東京UFJ銀行から出会い系サイト利用者の電話番号1万4000件漏洩、システムに不備
http://itpro.nikkeibp.co.jp/atcl/news/15/113003910/?ST=security

VU#792004 RSI Video Technologies Videofied security system Frontel software uses an insecure custom protocol
http://www.kb.cert.org/vuls/id/792004

0 件のコメント:

コメントを投稿