+ Cisco Voice Operating System-Based Products Unauthorized Access Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-vos
CVE-2017-12337
+ UPDATE: Multiple Vulnerabilities in Wi-Fi Protected Access and Wi-Fi Protected Access II
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171016-wpa
+ UPDATE: Cisco FindIT Discovery Utility Insecure Library Loading Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-findit
+ Cisco Web Security Appliance Advanced Malware Protection File Bypass Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-wsa
CVE-2017-12303
+ Cisco Umbrella Insights Virtual Appliance Static Credentials Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-uva
CVE-2017-12350
+ Cisco Unified Communications Manager SQL Injection Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-ucm
CVE-2017-12302
+ Cisco Spark Board Upgrade Signature Verification Bypass Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-spark
CVE-2017-12306
+ Cisco RF Gateway 1 TCP Connection Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-rf-gateway-1
CVE-2017-12318
+ Cisco Registered Envelope Service Cross-Site Scripting Vulnerabilities
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-res
CVE-2017-12290
CVE-2017-12291
CVE-2017-12292
+ Cisco Identity Services Engine Guest Portal Login Limit Bypass Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-ise
CVE-2017-12316
+ Cisco IP Phone 8800 Series Command Injection Vulnerability in Debug Shell
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-ipp
CVE-2017-12305
+ Cisco IOS and IOS XE Software IOS daemon Cross-Site Scripting Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-ios
CVE-2017-12304
+ Cisco Immunet Antimalware Installer DLL Preloading Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-iami
CVE-2017-12312
+ Cisco HyperFlex System Authenticated Information Disclosure Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-hyperflex
CVE-2017-12315
+ Cisco Firepower System Software Server Message Block Version 2 File Policy Bypass Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-firepower2
CVE-2017-12300
+ Cisco ASA Next-Generation Firewall Services Local Management Filtering Bypass Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-firepower1
CVE-2017-12299
+ Cisco Email Security Appliance HTTP Response Splitting Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-esa
CVE-2017-12309
+ Cisco Network Academy Packet Tracer DLL Preload Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-cpt
CVE-2017-12313
+ Cisco Meeting Server H.264 Decoding Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171115-cms
CVE-2017-12311
+ VU#421280 Microsoft Office Equation Editor stack buffer overflow
https://www.kb.cert.org/vuls/id/421280
CVE-2017-11882
+ FreeBSD-SA-17:10.kldstat Information leak in kldstat(2)
https://www.freebsd.org/security/advisories/FreeBSD-SA-17:10.kldstat.asc
CVE-2017-1088
+ FreeBSD-SA-17:09.shm POSIX shm allows jails to access global namespace
https://www.freebsd.org/security/advisories/FreeBSD-SA-17:09.shm.asc
CVE-2017-1087
+ FreeBSD-SA-17:08.ptrace Kernel data leak via ptrace(PT_LWPINFO)
https://www.freebsd.org/security/advisories/FreeBSD-SA-17:08.ptrace.asc
CVE-2017-1086
+ Linux kernel 4.13.13, 4.9.62, 4.4.98, 3.18.81 released
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.13.13
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.9.62
https://cdn.kernel.org/pub/linux/kernel/v4.x/ChangeLog-4.4.98
https://cdn.kernel.org/pub/linux/kernel/v3.x/ChangeLog-3.18.81
+ Samba 4.7.2, 4.6.10 Available for Download
https://www.samba.org/samba/history/samba-4.7.2.html
https://www.samba.org/samba/history/samba-4.6.10.html
+ PHP 7.1.8 Heap-Based Buffer Overflow
https://cxsecurity.com/issue/WLB-2017110087
+ Linux Kernel 'drivers/media/usb/dvb-usb/dib0700_devices.c' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/101846
CVE-2017-16646
+ Linux Kernel 'drivers/media/usb/hdpvr/hdpvr-core.c' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/101842
CVE-2017-16644
+ Linux Kernel 'drivers/net/usb/qmi_wwan.c' Local Denial of Service Vulnerability
http://www.securityfocus.com/bid/101791
CVE-2017-16650
企業版振り込め詐欺
日本企業で被害が拡大する振り込め詐欺、手法に「やり取り型」や「CxO型」
http://itpro.nikkeibp.co.jp/atcl/column/17/110700496/110800001/?ST=security&itp_list_theme
日立ソリューションズが社内セキュリティコンテスト、ホワイトハッカー育成で事業拡大
http://itpro.nikkeibp.co.jp/atcl/news/17/111502672/?ST=security&itp_list_theme
0 件のコメント:
コメントを投稿