+ Opera 35 released
http://www.opera.com/docs/changelogs/unified/3500/
+ phpMyAdmin 4.5.4.1, 4.4.15.4, 4.0.10.14 released
https://www.phpmyadmin.net/news/2016/1/29/phpmyadmin-401014-44154-and-451/
+ Cisco WebEx Meetings Server Multiple Cross-Site Scripting Vulnerabilities
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160202-wms
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1309
+ Cisco Finesse Desktop and Cisco Unified Contact Center Express Applications XMPP Unauthorized Access Vulnerability
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160202-fducce
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1307
+ UPDATE: Multiple Vulnerabilities in OpenSSL (January 2016) Affecting Cisco Products
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160129-openssl
+ UPDATE: Vulnerability in Java Deserialization Affecting Cisco Products
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151209-java-deserialization
+ curl remote file name path traversal in curl tool for Windows
https://cxsecurity.com/issue/WLB-2016020025
+ curl NTLM credentials not-checked for proxy connection re-use
https://cxsecurity.com/issue/WLB-2016020024
VU#544527 OpenELEC and RasPlex have a hard-coded SSH root password
https://www.kb.cert.org/vuls/id/544527
VU#719736 Fisher-Price Smart Toy platform allows some unauthenticated web API commands
https://www.kb.cert.org/vuls/id/719736
ヤフー系FX事業者の顧客情報など18万件超が流出、従業員貸与PCからアップ
http://itpro.nikkeibp.co.jp/atcl/news/16/020200343/?ST=security
UPDATE: JVNVU#92574416 Huawei E5151 および Huawei E5186 に不十分なランダム値を使用している問題
http://jvn.jp/vu/JVNVU92574416/
0 件のコメント:
コメントを投稿