+ SSL out of buffer access
https://curl.haxx.se/docs/adv_2017-af0a.html
CVE-2017-8818
+ FTP wildcard out of bounds read
https://curl.haxx.se/docs/adv_2017-ae72.html
CVE-2017-8817
+ RHSA-2017:3278 Important: samba4 security update
https://access.redhat.com/errata/RHSA-2017:3278
CVE-2017-14746
CVE-2017-15275
+ About the security content of Security Update 2017-001
https://support.apple.com/ja-jp/HT208315
CVE-2017-13872
+ CESA-2017:3270 Important CentOS 7 apr Security Update
https://lwn.net/Alerts/740201/
+ CESA-2017:3270 Important CentOS 6 apr Security Update
https://lwn.net/Alerts/740200/
+ UPDATE: Multiple Vulnerabilities in Cisco WebEx Recording Format and Advanced Recording Format Players
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-webex-players
+ UPDATE: Cisco WebEx Meeting Center Cross-Site Scripting Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-webex5
+ Cisco WebEx Meeting Center URL Redirection Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-wmc
CVE-2017-12297
+ Cisco WebEx Event Center Information Disclosure Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-webex4
CVE-2017-12365
+ Cisco WebEx Meeting Server Unauthorized Welcome Message Modification Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-webex3
CVE-2017-12363
+ Cisco WebEx Network Recording Player Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-webex1
CVE-2017-12360
+ Cisco WebEx Network Recording Player Buffer Overflow Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-webex
CVE-2017-12359
+ Multiple Vulnerabilities in Cisco UCS Central Software
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-ucs-central
CVE-2017-12348
CVE-2017-12349
+ Cisco Multilayer Director, Nexus 7000 Series, and Nexus 7700 Series Switches Bash Shell Unauthorized Access Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-switch
CVE-2017-12340
+ Cisco Prime Service Catalog SQL Injection Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-prime
CVE-2017-12364
+ Cisco Nexus Series Switches Open Agent Container Code Execution Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-nxos9
CVE-2017-12342
+ Cisco NX-OS System Software Patch Installation Command Injection Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-nxos8
CVE-2017-12341
+ Cisco NX-OS System Software CLI Command Injection Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-nxos7
CVE-2017-12339
+ Cisco NX-OS System Software CLI Arbitrary File Read Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-nxos6
CVE-2017-12338
+ Cisco NX-OS System Software Interactive TCL Shell Escape Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-nxos5
CVE-2017-12336
+ Cisco NX-OS System Software CLI Command Injection Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-nxos4
CVE-2017-12335
+ Cisco NX-OS System Software CLI Command Injection Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-nxos3
CVE-2017-12334
+ Cisco NX-OS System Software Image Signature Bypass Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-nxos2
CVE-2017-12333
+ Cisco NX-OS System Software Guest Shell Unauthorized Internal Interface Access Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-nxos10
CVE-2017-12351
+ Cisco NX-OS System Software Patch Installation Arbitrary File Write Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-nxos1
CVE-2017-12332
+ Cisco NX-OS System Software Patch Signature Bypass Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-nxos
CVE-2017-12331
+ Cisco Nexus Series Switches CLI Command Injection Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-nss
CVE-2017-12330
+ Cisco Jabber Information Disclosure Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-jabber2
CVE-2017-12361
+ Cisco Jabber Clients Cross-Site Scripting Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-jabber1
CVE-2017-12358
+ Cisco Jabber Clients Cross-Site Scripting Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-jabber
CVE-2017-12356
+ Cisco IP Phone 8800 Series Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-ipp
CVE-2017-12328
+ Cisco IOS XR Software Local Packet Transport Services Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-ios-xr
CVE-2017-12355
+ Cisco FXOS and NX-OS System Software CLI Command Injection Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-fxnx
CVE-2017-12329
+ Cisco Email Security Appliance Malformed MIME Header Bypass Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-esa
CVE-2017-12353
+ Multiple Vulnerabilities in Cisco Data Center Network Manager Software
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-dcnm
CVE-2017-12343
CVE-2017-12344
CVE-2017-12345
+ Cisco Unified Communications Manager Cross-Site Scripting Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-cucm
CVE-2017-12357
+ Cisco Meeting Server Denial of Service Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-cms
CVE-2017-12362
+ Cisco Application Policy Infrastructure Controller Local Command Injection and Privilege Escalation Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-apic
CVE-2017-12352
+ Cisco Secure Access Control System Information Disclosure Vulnerability
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20171129-acs
CVE-2017-12354
+ VU#113765 Apple MacOS High Sierra disabled account authentication bypass
https://www.kb.cert.org/vuls/id/113765
+ curl 7.57.0 released
https://curl.haxx.se/download.html
+ FreeBSD-SA-17:11.openssl OpenSSL multiple vulnerabilities
https://www.freebsd.org/security/advisories/FreeBSD-SA-17:11.openssl.asc
CVE-2017-3735
CVE-2017-3736
JVN#71291160 StreamRelay.net.exe および sDNSProxy.exe におけるサービス運用妨害 (DoS) の脆弱性
http://jvn.jp/jp/JVN71291160/index.html
macOSの脆弱性修正パッチ公開、説明は「なるべく早くインストール」だけ
http://itpro.nikkeibp.co.jp/atcl/news/17/113002768/?ST=security&itp_list_theme
「ルートユーザを無効にする」と危険!macOSに管理者権限悪用の脆弱性
http://itpro.nikkeibp.co.jp/atcl/news/17/113002766/?ST=security&itp_list_theme
ニュース解説
ロボット掃除機COCOROBOがやばい理由
http://itpro.nikkeibp.co.jp/atcl/column/14/346926/112201216/?ST=security&itp_list_theme
インターネット再生計画
電子マネーはコストの削減だけじゃない、みずほFGのJ-Coin構想に壮大な狙い
http://itpro.nikkeibp.co.jp/atcl/column/17/111000513/111000002/?ST=security&itp_list_theme
保険会社のSOMPO、サイバーセキュリティ事業に参入
http://itpro.nikkeibp.co.jp/atcl/news/17/112902756/?ST=security&itp_list_theme
+ Linux Kernel 'mm/pagewalk.c' Local Information Disclosure Vulnerability
http://www.securityfocus.com/bid/101969
CVE-2017-16994
+ Linux Kernel CVE-2017-16939 Local Privilege Escalation Vulnerability
http://www.securityfocus.com/bid/101954
CVE-2017-16939
0 件のコメント:
コメントを投稿