+ Cisco Small Business RV Series and SA500 Series Dual WAN VPN Router Generated Key Pair Information Disclosure Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151210-dwvr
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6418
+ Cisco Hosted Collaboration Mediation Fulfillment SOAP API Sensitive Information Disclosure Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151210-hcm
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6404
+ Cisco Emergency Responder Web Framework Cross-Site Scripting Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151210-cer
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6400
+ UPDATE: Vulnerability in Java Deserialization Affecting Cisco Product
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151209-java-deserialization
+ UPDATE: Cisco Emergency Responder Service Web Framework Cross-Site Request Forgery Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151209-cers
+ Cisco Emergency Responder Tools Menu Directory Traversal Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151209-ert
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6406
+ Cisco Unified Computing System 6200 Series Fabric Interconnect Series Switch DoS Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151210-ucs
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6415
+ Cisco Videoscape Distribution Suite Service Manager Unauthorized Access Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151210-vdssm
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6417
+ Cisco Unified Email Interaction Manager and Cisco Unified Web Interaction Manager XSS Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151210-uim
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6416
+ Cisco TelePresence Video Communication Server Information Disclosure Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151210-tvcs
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6414
+ Linux kernel 4.3.2 released
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.3.2
+ Apache Log4j 2.5 released
http://logging.apache.org/log4j/2.x/changes-report.html#a2.5
+ VU#403568 Netgear G54/N150 Wireless Router WNR1000v3 uses insufficiently random values for DNS queries
http://www.kb.cert.org/vuls/id/403568
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8263
+ VU#646008 Buffalo AirStation Extreme N600 Router WZR-600DHP2 uses insufficiently random values for DNS queries
http://www.kb.cert.org/vuls/id/646008
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8262
+ VU#330000 ZyXEL NBG-418N router uses default credentials and is vulnerable to cross-site request forgery
http://www.kb.cert.org/vuls/id/330000
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7283
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7284
+ VU#167992 ReadyNet WRT300N-DD Wireless Router contains multiple vulnerabilities
http://www.kb.cert.org/vuls/id/167992
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7280
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7281
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7282
+ VU#763576 Amped Wireless R10000 router contains multiple vulnerabilities
http://www.kb.cert.org/vuls/id/763576
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7277
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7278
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7279
+ Microsoft Office / COM Object els.dll DLL Planting (MS15-134)
https://cxsecurity.com/issue/WLB-2015120098
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6128
+ Microsoft Windows Media Center Library Parsing RCE aka "self-executing" MCL File
https://cxsecurity.com/issue/WLB-2015120097
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6131
+ IE 11 COmWindowProxy::SwitchMarkup NULL PTR
https://cxsecurity.com/issue/WLB-2015120095
+ Microsoft Windows Media Center Incorrectly Resolved Reference
https://cxsecurity.com/issue/WLB-2015120091
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6127
Alpha 1 of OpenSSL 1.1.0 is now available: please download and test it
https://www.openssl.org/
IoTが直面するセキュリティという挑戦
[第5回]産業用制御システム(ICS)に対する脅威とその対策
http://itpro.nikkeibp.co.jp/atcl/column/15/112700271/112700005/?ST=security
「AIの研究者を倍増する」とNEC、AIを活用したサイバー攻撃検知技術も披露
http://itpro.nikkeibp.co.jp/atcl/news/15/121004039/?ST=security
記者の眼
ネットワーク機器だって守ってあげたい
http://itpro.nikkeibp.co.jp/atcl/watcher/14/334361/120700439/?ST=security
IoTが直面するセキュリティという挑戦
[第4回]ATM端末に対する脅威とその対策
http://itpro.nikkeibp.co.jp/atcl/column/15/112700271/112700004/?ST=security
0 件のコメント:
コメントを投稿