+ nginx 1.12.0 released
http://nginx.org/en/CHANGES-1.12
+ Mozilla Thunderbird 52.0.1 released
https://www.mozilla.org/en-US/thunderbird/52.0.1/releasenotes/
+ UPDATE: Multiple Vulnerabilities in OpenSSL Affecting Cisco Products: January and February 2017
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20170130-openssl
+ Oracle Critical Patch Update Pre-Release Announcement - April 2017
http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html
+ SA76328 Hitachi Multiple Products Information Disclosure Vulnerability
https://secuniaresearch.flexerasoftware.com/advisories/76328/
CVE-2013-2566
CVE-2015-2808
CVE-2016-2183
+ VMSA-2017-0007 VMware vCenter Server updates resolve a remote code execution vulnerability via BlazeDS
http://www.vmware.com/security/advisories/VMSA-2017-0007.html
CVE-2017-5641
+ hitachi-sec-2017-110 Vulnerability in HiRDB Control Manager - Server
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2017-110/index.html
CVE-2017-5638
+ hitachi-sec-2017-109 Multiple Vulnerabilities in JP1/IT Desktop Management 2 - Smart Device Manager
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2017-109/index.html
CVE-2013-2566
CVE-2015-2808
CVE-2016-2183
+ hitachi-sec-2017-108 Vulnerability in Cosminexus HTTP Server and Hitachi Web Server
http://www.hitachi.co.jp/Prod/comp/soft1/global/security/info/vuls/hitachi-sec-2017-108/index.html
CVE-2016-0887
+ hitachi-sec-2017-110 HiRDB Control Manager - Serverにおける脆弱性
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/hitachi-sec-2017-110/index.html
CVE-2017-5638
+ hitachi-sec-2017-109 JP1/IT Desktop Management 2 - Smart Device Managerにおける複数の脆弱性
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/hitachi-sec-2017-109/index.html
CVE-2013-2566
CVE-2015-2808
CVE-2016-2183
+ hitachi-sec-2017-108 Cosminexus HTTP Server, Hitachi Web Serverにおける脆弱性
http://www.hitachi.co.jp/Prod/comp/soft1/security/info/vuls/hitachi-sec-2017-108/index.html
CVE-2016-0887
+ Apache POI 3.16 released
http://ftp.kddilabs.jp/infosystems/apache/poi/release/RELEASE-NOTES.txt
+ UPDATE: JVNVU#97322649 ISC BIND に複数のサービス運用妨害 (DoS) の脆弱性
http://jvn.jp/vu/JVNVU97322649/index.html
+ VMware vCenter Server AMF3 Message Deserialization Bug Lets Remote Users Execute Arbitrary Code on the Target System
http://www.securitytracker.com/id/1038273
CVE-2017-5641
+ Microsoft Windows Unspecified SmartCard Authentication Flaw Lets Remote Users Execute Arbitrary Code on the Target System
http://www.securitytracker.com/id/1038264
+ [Duplicate] Windows Server Message Block Unspecified Flaw Lets Remote Users Execute Arbitrary Code on the Target System
http://www.securitytracker.com/id/1038263
+ Wireshark Multiple Bugs Lets Remote Users Deny Service
http://www.securitytracker.com/id/1038262
CVE-2017-7700
CVE-2017-7701
CVE-2017-7702
CVE-2017-7703
CVE-2017-7704
CVE-2017-7705
+ Mantis Bug Tracker v1.3.0 / 2.3.0 Pre-Auth Remote Password Reset
https://cxsecurity.com/issue/WLB-2017040105
CVE-2017-7615
+ Linux Kernel 4.8.0 udev 232 Privilege Escalation
https://cxsecurity.com/issue/WLB-2017040097
CVE-2017-7874
JVNDB-2017-000069 東芝製メモリカード関連ソフトウェアの複数のインストーラにおける DLL 読み込みに関する脆弱性
http://jvndb.jvn.jp/ja/contents/2017/JVNDB-2017-000069.html
JVNDB-2017-000070 WN-AC1167GR におけるクロスサイトスクリプティングの脆弱性
http://jvndb.jvn.jp/ja/contents/2017/JVNDB-2017-000070.html
百社百様、我が社のCSIRT
[みずほFG]橋渡し人材がセキュリティの現場と経営の距離縮める
http://itpro.nikkeibp.co.jp/atcl/column/16/080500167/041400009/?ST=security&itp_list_theme
Linux Advisory Watch: April 14th, 2017
http://www.linuxsecurity.com/content/view/171193/187/
SEI CERT C++ Coding Standard
http://www.linuxsecurity.com/content/view/171192/169/
0 件のコメント:
コメントを投稿