+ UPDATE: MS16-039 - 緊急 Microsoft Graphics コンポーネントのセキュリティ更新プログラム (3148522)
https://technet.microsoft.com/ja-jp/library/security/MS16-039
+ RHSA-2016:0676 Critical: java-1.7.0-openjdk security update
https://rhn.redhat.com/errata/RHSA-2016-0676.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0686
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0687
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0695
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3425
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3427
+ RHSA-2016:0675 Critical: java-1.7.0-openjdk security update
https://rhn.redhat.com/errata/RHSA-2016-0675.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0686
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0687
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0695
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3425
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3427
+ RHSA-2016:0651 Critical: java-1.8.0-openjdk security update
https://rhn.redhat.com/errata/RHSA-2016-0651.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0686
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0687
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0695
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3425
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3426
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3427
+ RHSA-2016:0650 Critical: java-1.8.0-openjdk security update
https://rhn.redhat.com/errata/RHSA-2016-0650.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0686
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0687
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0695
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3425
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3426
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3427
+ Google Chrome 50.0.2661.87 released
http://googlechromereleases.blogspot.jp/2016/04/stable-channel-update_20.html
+ APSB16-13 Security update available for the Adobe Analytics AppMeasurement for Flash Library
https://helpx.adobe.com/security/products/analytics/APSB16-13.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1036
+ squid 3.5.17 released
http://www.squid-cache.org/Versions/v3/3.5/squid-3.5.17-RELEASENOTES.html
+ Ubuntu 16.04 LTS released
https://wiki.ubuntu.com/XenialXerus/ReleaseNotes?_ga=1.106222147.1754260706.1408405881
+ Multiple Cisco Products libSRTP Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160420-libsrtp
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6360
+ Cisco Wireless LAN Controller Management Interface Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160420-wlc
+ Cisco Wireless LAN Controller Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160420-bdos
+ Cisco Adaptive Security Appliance Software DHCPv6 Relay Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160420-asa-dhcpv6
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1367
+ Cisco Wireless LAN Controller HTTP Parsing Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160420-htrd
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1363
+ UPDATE: Cisco IOS XR for Cisco ASR 9000 Series Aggregation Services Routers Interface Flap Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160412-asr
+ Linux kernel 4.5.2, 4.4.8, 4.1.22, 3.18.31, 3.14.67 released
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.5.2
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.8
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.1.22
https://cdn.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.31
https://cdn.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.14.67
+ SA70105 Squid Multiple Vulnerabilities
https://secunia.com/advisories/70105/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4051
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4052
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4053
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4054
+ SA70053 Linux Kernel "usbip_recv_xbuff()" Memory Corruption Vulnerability
https://secunia.com/advisories/70053/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3955
+ S2-032 Remote Code Execution can be performed via method: prefix when Dynamic Method Invocation is enabled.
http://struts.apache.org/docs/s2-032.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3081
+ S2-031 XSLTResult can be used to parse arbitrary stylesheet
http://struts.apache.org/docs/s2-031.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-3082
+ Apache Struts 2.3.28.1, 2.3.20.3, 2.3.24.3 GA released
http://struts.apache.org/announce.html#a20160419
+ Wireshark <= 1.12.9 DLL hijacking exploit (riched20.dll.dll)
https://cxsecurity.com/issue/WLB-2016040132
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2521
図解で手口を学ぶ「脆弱性」セキュリティ
図解でわかるキャッシュポイズニング
http://itpro.nikkeibp.co.jp/atcl/column/16/041400084/041400005/?ST=security
サイバークライムアナリストが明かす標的型攻撃の実像
手法再現で理解する、標的型攻撃を受けた端末は一体何をされるのか(3)
http://itpro.nikkeibp.co.jp/atcl/column/16/041300083/041500004/?ST=security
日テレWebサイトに不正アクセス、約43万件の個人情報流出の恐れ
http://itpro.nikkeibp.co.jp/atcl/news/16/042101194/?ST=security
図解で手口を学ぶ「脆弱性」セキュリティ
図解でわかるSQLインジェクション
http://itpro.nikkeibp.co.jp/atcl/column/16/041400084/041400004/?ST=security
サイバークライムアナリストが明かす標的型攻撃の実像
手法再現で理解する、標的型攻撃を受けた端末は一体何をされるのか(2)
http://itpro.nikkeibp.co.jp/atcl/column/16/041300083/041500003/?ST=security
ほけんの窓口が米Taniumのセキュリティツール採用、PC約5500台を一元管理
http://itpro.nikkeibp.co.jp/atcl/news/16/042001178/?ST=security
UPDATE: JVNVU#92749596 BlueDriver LSB2 に認証なしで Bluetooth アクセスが可能な問題
http://jvn.jp/vu/JVNVU92749596/
UPDATE: JVNVU#95244076 DameWare Mini Remote Control にスタックバッファオーバーフローの脆弱性
http://jvn.jp/vu/JVNVU95244076/
0 件のコメント:
コメントを投稿