+ RHSA-2017:0979 Moderate: libreoffice security update
https://rhn.redhat.com/errata/RHSA-2017-0979.html
CVE-2017-3157
+ RHSA-2017:0987 Important: qemu-kvm security update
https://rhn.redhat.com/errata/RHSA-2017-0987.html
CVE-2016-9603
+ Linux kernel 4.10.11, 4.9.23, 4.4.62, 3.18.49 released
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.10.11
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.23
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.62
https://cdn.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.49
+ Oracle Critical Patch Update Advisory - April 2017
http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html
+ VMSA-2017-0008 VMware Unified Access Gateway, Horizon View and Workstation updates resolve multiple security vulnerabilities
http://www.vmware.com/security/advisories/VMSA-2017-0008.html
CVE-2017-4907
CVE-2017-4908
CVE-2017-4909
CVE-2017-4910
CVE-2017-4911
CVE-2017-4912
CVE-2017-4913
+ Java Platform, Standard Edition 8 Update 131 (Java SE 8u131) released
http://www.oracle.com/technetwork/java/javase/downloads/index-jsp-138363.html
http://www.oracle.com/technetwork/java/javase/8u131-relnotes-3565278.html
+ UPDATE: JVNVU#97322649 ISC BIND に複数のサービス運用妨害 (DoS) の脆弱性
http://jvn.jp/vu/JVNVU97322649/index.html
+ UPDATE: JVNVU#98665451 Microsoft OLE URL Moniker における遠隔の HTA データに対する不適切な処理
http://jvn.jp/vu/JVNVU98665451/index.html
+ VMware Horizon View Buffer Overflows Let Remote Users Execute Arbitrary Code and Guest Users Deny Service and Gain Elevated Privileges
http://www.securitytracker.com/id/1038281
CVE-2017-4907
CVE-2017-4908
CVE-2017-4909
CVE-2017-4910
CVE-2017-4911
CVE-2017-4912
CVE-2017-4913
+ VMware Workstation Heap Overflows Let Local Users on the Guest System Deny Service or Gain Elevated Privileges on the Host System
http://www.securitytracker.com/id/1038280
CVE-2017-4908
CVE-2017-4909
CVE-2017-4910
CVE-2017-4911
CVE-2017-4912
+ Apache CXF JAX-RS XML Security Streaming Client Validation Flaw Lets Remote Users Bypass Security Restrictions on the Target System
http://www.securitytracker.com/id/1038279
CVE-2017-5653
+ MantisBT Input Validation Flaw in 'view_user_page.php' and 'my_view_page.php' Lets Remote Users Conduct Cross-Site Scripting Attacks
http://www.securitytracker.com/id/1038278
CVE-2017-7897
+ Apache Traffic Server HPACK Decompression and Chunked Data Processing Flaws Let Remote Users Deny Service
http://www.securitytracker.com/id/1038275
CVE-2016-5396
CVE-2017-5659
+ Mantis Bug Tracker v1.3.0 / 2.3.0 Pre-Auth Remote Password Reset
https://cxsecurity.com/issue/WLB-2017040105
CVE-2017-7615
+ Apache Log4j socket receiver deserialization vulnerability
https://cxsecurity.com/issue/WLB-2017040112
CVE-2017-5645
+ Microsoft Windows MS17-010 SMB Remote Code Execution
https://cxsecurity.com/issue/WLB-2017040110
CVE-2017-0143
CVE-2017-0144
CVE-2017-0145
CVE-2017-0146
CVE-2017-0147
CVE-2017-0148
JVNDB-2017-000055 NETGEAR ProSAFE Plus Configuration Utility におけるアクセス制限不備の脆弱性
http://jvndb.jvn.jp/ja/contents/2017/JVNDB-2017-000055.html
JVNVU#91685026 IBM Lotus Domino サーバの IMAP EXAMINE コマンドにバッファオーバーフローの脆弱性
http://jvn.jp/vu/JVNVU91685026/index.html
Android向けVPNアプリに情報漏洩リスク、安心して利用するためには?
http://itpro.nikkeibp.co.jp/atcl/column/14/277462/041100057/?ST=security&itp_list_theme
百社百様、我が社のCSIRT
[サイボウズ]CSIRTを出直し、5年でトップガン育成へ
http://itpro.nikkeibp.co.jp/atcl/column/16/080500167/041800011/?ST=security&itp_list_theme
東京エレクトロン、「おとり」によるセキュリティソリューションを販売へ
http://itpro.nikkeibp.co.jp/atcl/news/17/041801190/?ST=security&itp_list_theme
ANAや電通など8社、セキュリティ強化に向けて55億円出資
http://itpro.nikkeibp.co.jp/atcl/news/17/041801182/?ST=security&itp_list_theme
Apple、iPhone 8で指紋認証「Touch ID」を廃止か
http://itpro.nikkeibp.co.jp/atcl/news/17/041801178/?ST=security&itp_list_theme
Sneaky Exploit Allows Phishing Attacks From Sites That Look Secure
http://www.linuxsecurity.com/content/view/171235/169/
Encryption: Usage grows again, but only at snail's pace
http://www.linuxsecurity.com/content/view/171234/169/
0 件のコメント:
コメントを投稿