+ RHSA-2016:0695 Critical: firefox security update
https://rhn.redhat.com/errata/RHSA-2016-0695.html
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2806
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2808
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2814
+ Mozilla Firefox 46.0 released
https://www.mozilla.org/en-US/firefox/46.0/releasenotes/
+ MFSA 2016-48 Firefox Health Reports could accept events from untrusted domains
https://www.mozilla.org/en-US/security/advisories/mfsa2016-48/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2820
+ MFSA 2016-47 Write to invalid HashMap entry through JavaScript.watch()
https://www.mozilla.org/en-US/security/advisories/mfsa2016-47/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2808
+ MFSA 2016-46 Elevation of privilege with chrome.tabs.update API in web extensions
https://www.mozilla.org/en-US/security/advisories/mfsa2016-46/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2817
+ MFSA 2016-45 CSP not applied to pages sent with multipart/x-mixed-replace
https://www.mozilla.org/en-US/security/advisories/mfsa2016-45/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2816
+ MFSA 2016-44 Buffer overflow in libstagefright with CENC offsets
https://www.mozilla.org/en-US/security/advisories/mfsa2016-44/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2814
+ MFSA 2016-43 Disclosure of user actions through JavaScript with motion and orientation sensors
https://www.mozilla.org/en-US/security/advisories/mfsa2016-43/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2813
+ MFSA 2016-42 Use-after-free and buffer overflow in Service Workers
https://www.mozilla.org/en-US/security/advisories/mfsa2016-42/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2811
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2812
+ MFSA 2016-41 Content provider permission bypass allows malicious application to access data
https://www.mozilla.org/en-US/security/advisories/mfsa2016-41/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2810
+ MFSA 2016-40 Privilege escalation through file deletion by Maintenance Service updater
https://www.mozilla.org/en-US/security/advisories/mfsa2016-40/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2809
+ MFSA 2016-39 Miscellaneous memory safety hazards (rv:46.0 / rv:45.1 / rv:38.8)
https://www.mozilla.org/en-US/security/advisories/mfsa2016-39/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2807
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2806
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2804
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2805
+ nginx 1.10.0 released
http://nginx.org/
+ CESA-2016:0684 Moderate CentOS 5 nspr Security Update
http://lwn.net/Alerts/685111/
+ CESA-2016:0684 Moderate CentOS 5 nss Security Update
http://lwn.net/Alerts/685112/
+ CESA-2016:0685 Moderate CentOS 7 nss-util Security Update
http://lwn.net/Alerts/685116/
+ CESA-2016:0685 Moderate CentOS 7 nspr Security Update
http://lwn.net/Alerts/685113/
+ CESA-2016:0685 Moderate CentOS 7 nss Security Update
http://lwn.net/Alerts/685114/
+ CESA-2016:0685 Moderate CentOS 7 nss-softokn Security Update
http://lwn.net/Alerts/685115/
+ Dovecot 2.2.24 released
http://www.dovecot.org/list/dovecot-news/2016-April/000320.html
+ Wireshark Multiple Dissector Bugs Let Remote Users Deny Service
http://www.securitytracker.com/id/1035685
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4006
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4076
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4077
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4078
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4079
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4080
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4081
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4082
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4083
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4084
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4085
JVNDB-2016-000053 EC-CUBE におけるクロスサイトリクエストフォージェリの脆弱性
http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-000053.html
JVNDB-2016-000057 株式会社シロハチ製の複数の EC-CUBE 用フリーエリア追加プラグインにおけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-000057.html
JVNDB-2016-000052 EC-CUBE におけるアクセス制限不備の脆弱性
http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-000052.html
JVNDB-2016-000051 EC-CUBE におけるアクセス制限不備の脆弱性
http://jvndb.jvn.jp/ja/contents/2016/JVNDB-2016-000051.html
Windows 7 ユーザーのためのWindows 10 入門講座
[8]Windows 10でパスワードはリセットできないの?
ローカルアカウントとMicrosoftアカウントでは違うので注意!
http://itpro.nikkeibp.co.jp/atcl/column/16/021900040/041200008/?ST=security
ファイア・アイがセキュリティ運用サービスの日本語対応を強化、2月に日本拠点を設置
http://itpro.nikkeibp.co.jp/atcl/news/16/042601239/?ST=security
JVNVU#92116866 ケータイキット for Movable Type に OS コマンドインジェクションの脆弱性
http://jvn.jp/vu/JVNVU92116866/
JVNVU#97339542 SaAT Netizen にダウンロードファイル検証不備の脆弱性
http://jvn.jp/vu/JVNVU97339542/
JVNVU#95625579 Allround Automations PL/SQL Developer が HTTP 経由でアップデートする問題
http://jvn.jp/vu/JVNVU95625579/index.html
0 件のコメント:
コメントを投稿