1. Vulnerability
in Microsoft Windows (3046015)
[06/03/2015] Vulnerability was identified in the Microsoft Windows. An
attacker could bypass security restrictions and obtain sensitive information. An
attacker could bypass security restrictions and obtain sensitive information.
This vulnerability affects multiple versions of the mentioned
products.
URL:technet.microsoft.com/en-us/library/security/3046015
2. Vulnerabilities in Cisco
Products
[06/03/2015]
Vulnerabilities were identified in the Cisco
IOS, Cisco IOS XE and IOS XR Software. An attacker could bypass security
restrictions, gain elevated privileges, execute arbitrary code, cause a denial
of service condition and crash the system. These vulnerabilities affect multiple
firmware versions of the mentioned products. Security patches are available to
resolve these
vulnerabilities.
URL:tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0598
URL:tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0659
URL:tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0661
3. Vulnerability in SSL/TLS Export
Cipher
[06/03/2015]
Vulnerability was identified in the SSL/TLS
Export Cipher. An attacker could bypass security restrictions and obtain
sensitive information. This vulnerability affects multiple server and client
software employing the mentioned
product.
URL:www.hkcert.org/my_url/en/alert/15030501
4. Security Updates in Oracle Linux
(ELSA-2015-0628)
[06/03/2015] Oracle has
released security update packages for fixing the vulnerability identified in the
389-ds-base package for Oracle Linux 6. An attacker could bypass security
restrictions and obtain sensitive
information.
URL:linux.oracle.com/errata/ELSA-2015-0628.html
5. Security Updates in Debian
(DSA-3180-1)
[06/03/2015] Debian has
released security update packages for fixing the vulnerability identified in the
libarchive package for multiple versions of Debian GNU/Linux. An attacker could
bypass security restrictions and obtain sensitive
information.
URL:www.debian.org/security/2015/dsa-3180
6. Security Updates in Mageia (MGASA-2015-0091,
MGASA-2015-0092, MGASA-2015-0093, MGASA-2015-0094,
MGASA-2015-0095)
[06/03/2015] Mageia has
released security update packages for fixing the vulnerabilities identified in
the python, maradns, dokuwiki, vorbis-tools and vlc packages for multiple
versions of Mageia. Due to multiple errors, an attacker could bypass security
restrictions, obtain sensitive information, gain elevated privileges, execute
arbitrary code, cause a denial of service condition and crash the
system.
URL:advisories.mageia.org/MGASA-2015-0091.html
URL:advisories.mageia.org/MGASA-2015-0092.html
URL:advisories.mageia.org/MGASA-2015-0093.html
URL:advisories.mageia.org/MGASA-2015-0094.html
URL:advisories.mageia.org/MGASA-2015-0095.html
7. Security Updates in Slackware
(SSA:2015-064-01)
[06/03/2015] Slackware
has released security update packages for fixing the vulnerability identified in
the samba package for multiple versions of Slackware Linux. An attacker could
bypass security restrictions and execute arbitrary
code.
URL:www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.360345
8. Security Updates in Red Hat Enterprise Linux
(RHSA-2015:0623-2)
[06/03/2015] Red Hat
has released security update packages for fixing the vulnerabilities identified
in the docker package for Red Hat Enterprise Linux 7. Due to multiple errors, an
attacker could bypass security restrictions and gain elevated
privileges.
URL:rhn.redhat.com/errata/RHSA-2015-0623.html
9. Security Updates in SUSE
(SUSE-SU-2015:0436-1)
[06/03/2015] SUSE has
released security update packages for fixing the vulnerabilities identified in
the PHP 5.3 package of SUSE Linux Enterprise 11. Due to multiple errors, an
attacker could bypass security restrictions, obtain sensitive information, gain
elevated privileges, execute arbitrary code, cause a denial of service condition
and compromise the
system.
URL:lists.opensuse.org/opensuse-security-announce/2015-03/msg00003.html
10.
Security Updates in Ubuntu GNU/Linux
(USN-2522-1)
[06/03/2015] Ubuntu has
released security update packages for fixing the vulnerabilities identified in
the icu packages for versions 12.04 LTS, 14.04 LTS and 14.10 of Ubuntu
GNU/Linux. Due to multiple errors, an attacker could bypass security
restrictions, gain elevated privileges, execute arbitrary code, cause a denial
of service condition and crash the
system.
URL:www.ubuntu.com/usn/usn-2522-1/
11. Vulnerabilities in Cisco
Products
[05/03/2015]
Vulnerabilities were identified in the Cisco
Secure Access Control System (ACS) and CISCO IOS XR Software. An attacker could
bypass security restrictions, gain elevated privileges, execute arbitrary code,
cause a denial of service condition and crash the system. These vulnerabilities
affect multiple firmware versions of the mentioned products. Security patches
are available to resolve these
vulnerabilities.
URL:tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-2130
URL:tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0657
URL:exchange.xforce.ibmcloud.com/#/vulnerabilities/101308
URL:exchange.xforce.ibmcloud.com/#/vulnerabilities/101309
12.
Vulnerability in F5 Products
(SOL16196)
[05/03/2015]
Vulnerabilities were identified in the F5 BIG-IP
LTM, BIG-IP AAM, BIG-IP AFM, BIG-IP Analytics, BIG-IP APM, BIG-IP ASM, BIG-IP
Edge Gateway, BIG-IP GTM, BIG-IP Link Controller, BIG-IP PEM, BIG-IP PSM, BIG-IP
WebAccelerator, BIG-IP WOM and Enterprise Manager. An attacker could bypass
security restrictions, cause a denial of service condition and crash the system.
This vulnerability affects multiple versions of the mentioned products. Security
patches are available to resolve this
vulnerability.
URL:support.f5.com/kb/en-us/solutions/public/16000/100/sol16196.html
13.
Vulnerability in Contact Form DB plugins
for WordPress (101307)
[05/03/2015] Vulnerability was identified in the Contact Form DB plugin
for WordPress. An attacker could bypass security restrictions, execute arbitrary
code and perform cross-site scripting attacks. This vulnerability affects
version 2.8.29 of
WordPress.
URL:exchange.xforce.ibmcloud.com/#/vulnerabilities/101307
14.
Vulnerability in Solarwinds Products
(101285)
[05/03/2015]
Vulnerability was identified in the SolarWinds
Network Performance Monitor, SolarWinds NetFlow Traffic Analyzer, SolarWinds
Network Configuration Manager and SolarWinds IP Address Manager. An attacker
could bypass security restrictions, execute arbitrary code and perform code
injection attacks. This vulnerability affects multiple versions of the mentioned
products.
URL:exchange.xforce.ibmcloud.com/#/vulnerabilities/101285
15.
Vulnerability in Red Hat rhnreg_ks
(101306)
[05/03/2015]
Vulnerability was identified in the Red Hat
rhnreg_ks. An attacker could bypass security restrictions, execute arbitrary
code and perform spoofing attacks. The affected version was not
specified.
URL:exchange.xforce.ibmcloud.com/#/vulnerabilities/101306
16.
Security Updates in Debian
(DSA-3179-1)
[05/03/2015] Debian has
released security update packages for fixing the vulnerabilities identified in
the icedove package for multiple versions of Debian GNU/Linux. Due to multiple
errors, an attacker could bypass security restrictions, obtain sensitive
information and execute arbitrary
code.
URL:www.debian.org/security/2015/dsa-3179
17.
Security Updates in Mandriva
(MDVSA-2015:054, MDVSA-2015:055)
[05/03/2015] Mandriva
has released security update packages for fixing the vulnerabilities identified
in the bind and freetype2 packages for version MBS1 of Mandriva GNU/Linux. Due
to multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, execute arbitrary code, cause a denial of service
condition and crash the
system.
URL:www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2015%3A054/
URL:www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2015%3A055/
18.
Security Updates in SUSE
(SUSE-SU-2015:0424-1)
[05/03/2015] SUSE has
released security update packages for fixing the vulnerabilities identified in
the php5 package of SUSE Linux Enterprise 12. Due to multiple errors, an
attacker could bypass security restrictions, obtain sensitive information, gain
elevated privileges, execute arbitrary code, cause a denial of service condition
and compromise the
system.
URL:lists.opensuse.org/opensuse-security-announce/2015-03/msg00002.html
19.
Security Updates in Ubuntu GNU/Linux
(USN-2506-1, USN-2515-2, USN-2516-3)
[05/03/2015] Ubuntu has
released security update packages for fixing the vulnerabilities identified in
the thunderbird, linux-lts-trusty and linux packages for versions 12.04 LTS,
14.04 LTS and 14.10 of Ubuntu GNU/Linux. Due to multiple errors, an attacker
could bypass security restrictions, obtain sensitive information, gain elevated
privileges, execute arbitrary code, cause a denial of service condition and
compromise the
system.
URL:www.ubuntu.com/usn/usn-2506-1/
URL:www.ubuntu.com/usn/usn-2515-2/
URL:www.ubuntu.com/usn/usn-2516-3/
20.
Vulnerabilities in Cisco
Products
[04/03/2015]
Vulnerabilities were identified in the Cisco
Adaptive Security Appliance (ASA) Software, Cisco ACE Application Control Engine
Module, CISCO IOS, Cisco ASR 5000 Series Software and Cisco Network Analysis
Module (NAM) Software. An attacker could bypass security restrictions, obtain
sensitive information, execute arbitrary code, perform cross-site scripting and
cross-site request forgery attacks, cause a denial of service condition and
crash the system. These vulnerabilities affect multiple firmware versions of the
mentioned products. Security patches are available to resolve these
vulnerabilities.
URL:tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2014-8730
URL:tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0607
URL:tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0656
URL:exchange.xforce.ibmcloud.com/#/vulnerabilities/101280
21.
Vulnerability in HP Products
(101281)
[04/03/2015]
Vulnerability was identified in the HP Device
Manager, HP XP P9000 Tiered Storage Manager, HP XP P9000 Replication Manager and
HP XP7 Global Link Manager Software (HGLM). An attacker could bypass security
restrictions, execute arbitrary code and perform cross-site scripting attacks.
This vulnerability affects multiple versions of the mentioned products. Security
patches are available to resolve this
vulnerability.
URL:exchange.xforce.ibmcloud.com/#/vulnerabilities/101281
22.
Vulnerabilities in multiple plugins for
WordPress (101277, 101278)
[04/03/2015] Vulnerabilities were identified in the Captcha and Google
Captcha (reCAPTCHA) plugin for WordPress. An attacker could bypass security
restrictions and gain elevated privileges. These vulnerabilities affect multiple
versions of the mentioned plugins. Security patches are available to resolve
these
vulnerabilities.
URL:exchange.xforce.ibmcloud.com/#/vulnerabilities/101277
URL:exchange.xforce.ibmcloud.com/#/vulnerabilities/101278
23.
Security Updates in Mandriva
(MDVSA-2015:051, MDVSA-2015:052, MDVSA-2015:053)
[04/03/2015] Mandriva has released security update packages for fixing the
vulnerabilities identified in the sympa, tomcat and tomcat6 packages for version
MBS1 of Mandriva GNU/Linux. Due to multiple errors, an attacker could bypass
security restrictions, obtain sensitive information, execute arbitrary code,
perform HTTP request request-smuggling, cause a denial of service condition and
crash the
system.
URL:www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2015%3A051/
URL:www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2015%3A052/
URL:www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2015%3A053/
24.
Security Updates in Mageia
(MGASA-2015-0090)
[04/03/2015] Mageia has
released security update packages for fixing the vulnerabilities identified in
the php and php-apc packages for multiple versions of Mageia. Due to multiple
errors, an attacker could bypass security restrictions, execute arbitrary code,
cause a denial of service condition and crash the
system.
URL:advisories.mageia.org/MGASA-2015-0090.html
25.
Security Updates in SUSE
(SUSE-SU-2015:0412-1)
[04/03/2015] SUSE has
released security update packages for fixing the vulnerabilities identified in
the MozillaFirefox package of SUSE Linux Enterprise 12. Due to multiple errors,
an attacker could bypass security restrictions, obtain sensitive information,
gain elevated privileges, execute arbitrary code, cause a denial of service
condition and compromise the
system.
URL:lists.opensuse.org/opensuse-security-announce/2015-03/msg00001.html
26.
Security Updates in Red Hat Enterprise
Linux (RHSA-2015:0284-1, RHSA-2015:0285-1, RHSA-2015:0287-1,
RHSA-2015:0288-1)
[04/03/2015] Red Hat
has released security update packages for fixing the vulnerabilities identified
in the kernel and foreman-proxy packages for Red Hat Enterprise Linux 6, Red Hat
Enterprise Linux OpenStack Platform 4.0 and 5.0. Due to multiple errors, an
attacker could bypass security restrictions, obtain sensitive information, gain
elevated privileges, execute arbitrary code, cause a denial of service condition
and compromise a vulnerable
system.
URL:rhn.redhat.com/errata/RHSA-2015-0284.html
URL:rhn.redhat.com/errata/RHSA-2015-0285.html
URL:rhn.redhat.com/errata/RHSA-2015-0287.html
URL:rhn.redhat.com/errata/RHSA-2015-0288.html
27.
Vulnerability in Symantec NetBackup
OpsCenter (SYM15-003)
[03/03/2015] Vulnerability was identified in the Symantec NetBackup
OpsCenter for Linux/Unix. An attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and compromise the system. This vulnerability
affects versions 7.6.0.2 through 7.6.1 of the mentioned product. Security
patches are available to resolve this
vulnerability.
URL:www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2015&suid=20150302_00
28.
Vulnerability in D-link
router
[03/03/2015]
Vulnerability was identified in the D-link
router DIR-636L. An attacker could bypass security restrictions and execute
arbitrary code. The affected version was not
specified.
URL:exchange.xforce.ibmcloud.com/#/vulnerabilities/101253
29.
Vulnerabilities in Seagate Business NAS
(101257, 101258, 101259)
[03/03/2015] Vulnerabilities were identified in the Seagate Business NAS.
An attacker could bypass security restrictions, obtain sensitive information,
gain elevated privileges, execute arbitrary code, cause a denial of service
condition and compromise the system. These vulnerabilities affect firmware
version 2014.00319 of the mentioned
product.
URL:exchange.xforce.ibmcloud.com/#/vulnerabilities/101257
URL:exchange.xforce.ibmcloud.com/#/vulnerabilities/101258
URL:exchange.xforce.ibmcloud.com/#/vulnerabilities/101259
URL:www.hkcert.org/my_url/en/alert/15030302
30.
Vulnerability in DokuWiki
(101254)
[03/03/2015]
Vulnerability was identified in the DokuWiki. An
attacker could bypass security restrictions and gain elevated privileges. This
vulnerability affects versions prior to 2014-09-29c of the mentioned product.
Security patches are available to resolve this
vulnerability.
URL:exchange.xforce.ibmcloud.com/#/vulnerabilities/101254
31.
Vulnerability in Slim PHP Framework
(101256)
[03/03/2015]
Vulnerability was identified in the Slim PHP
Framework. An attacker could bypass security restrictions, execute arbitrary
code and perform code injection attacks. This vulnerability affects versions
prior to 2.6.0 of the mentioned product. Security patches are available to
resolve this
vulnerability.
URL:exchange.xforce.ibmcloud.com/#/vulnerabilities/101256
32.
Security Updates in Debian
(DSA-3178-1)
[03/03/2015] Debian has
released security update packages for fixing the vulnerability identified in the
unace package for multiple versions of Debian GNU/Linux. An attacker could
bypass security restrictions, execute arbitrary code and cause a denial of
service
condition.
URL:www.debian.org/security/2015/dsa-3178
33.
Security Updates in Mandriva
(MDVSA-2015:049, MDVSA-2015:050)
[03/03/2015] Mandriva
has released security update packages for fixing the vulnerabilities identified
in the cups and patch packages for version MBS1 of Mandriva GNU/Linux. Due to
multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and crash the
system.
URL:www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2015%3A049/
URL:www.mandriva.com/en/support/security/advisories/advisory/MDVSA-2015%3A050/
34.
Vulnerability in Cisco Unified Web and
E-Mail Interaction Manager
[02/03/2015] Vulnerability was identified in the Cisco Unified Web and
E-Mail Interaction Manager. An attacker could bypass security restrictions,
execute arbitrary code and perform cross-site scripting attacks. This
vulnerability affects multiple versions of the mentioned product. Security
patches are available to resolve this
vulnerability.
URL:tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2015-0655
URL:exchange.xforce.ibmcloud.com/#/vulnerabilities/101234
35.
Vulnerability in Novell iPrint Appliance
(5202050)
[02/03/2015]
Vulnerability was identified in the Novell
iPrint Appliance. An attacker could bypass security restrictions, obtain
sensitive information and execute arbitrary code. This vulnerability affects
versions prior to 1.0.1 of the mentioned product. Security patches are available
to resolve this
vulnerability.
URL:download.novell.com/Download?buildid=n_pYZp8JQ74~
36.
Vulnerability in F5 BIG-IP ASM
(SOL16081)
[02/03/2015]
Vulnerability was identified in the F5 BIG-IP
ASM. An attacker could bypass security restrictions, execute arbitrary code and
perform cross-site scripting attacks. This vulnerability affects multiple
versions of the mentioned product. Security patches are available to resolve
this
vulnerability.
URL:support.f5.com/kb/en-us/solutions/public/16000/000/sol16081.html
37.
Vulnerability in Toshiba Products
(4007185, 4007187)
[02/03/2015] Vulnerability was identified in the Toshiba Bluetooth Stack
for Windows and Toshiba Service Station. An attacker could bypass security
restrictions and gain elevated privileges. This vulnerability affects versions
prior to 9.10.32(T) of Toshiba Bluetooth Stack for Windows and 2.2.14 of Toshiba
Service Station. Security patches are available to resolve this
vulnerability.
URL:www.support.toshiba.com/sscontent?contentId=4007185
URL:www.support.toshiba.com/sscontent?contentId=4007187
URL:www.kb.cert.org/vuls/id/632140
38.
Vulnerability in Akeneo PIM
(101227)
[02/03/2015]
Vulnerability was identified in the Akeneo PIM.
An attacker could perform cross-site scripting attacks. The affected version was
not
specified.
URL:exchange.xforce.ibmcloud.com/#/vulnerabilities/101227
39.
Vulnerability in eFront Learning
(101228)
[02/03/2015]
Vulnerability was identified in the eFront
Learning. An attacker could perform cross-site scripting attacks. This
vulnerability affects version 3.6.11 of the mentioned
product.
URL:exchange.xforce.ibmcloud.com/#/vulnerabilities/101228
40.
Vulnerability in KENT-WEB Clip Board
(101235)
[02/03/2015]
Vulnerability was identified in the KENT-WEB
Clip Board. An attacker could delete arbitrary files from the system. This
vulnerability affects versions 4.02 and prior of the mentioned product. Security
patches are available to resolve this
vulnerability.
URL:exchange.xforce.ibmcloud.com/#/vulnerabilities/101235
41.
Security Updates in SUSE
(SUSE-SU-2015:0386-1, SUSE-SU-2015:0392-1,
openSUSE-SU-2015:0404-1)
[02/03/2015] SUSE has
released security update packages for fixing the vulnerabilities identified in
the Samba and java-1_6_0-ibm packages of SUSE Linux Enterprise 11, and
MozillaFirefox and mozilla-nss packages of openSUSE 13.1 and 13.2. Due to
multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and compromise the
system.
URL:lists.opensuse.org/opensuse-security-announce/2015-02/msg00035.html
URL:lists.opensuse.org/opensuse-security-announce/2015-02/msg00036.html
URL:lists.opensuse.org/opensuse-security-announce/2015-03/msg00000.html
42.
Security Updates in Ubuntu GNU/Linux
(USN-2516-2)
[02/03/2015] Ubuntu has
released security update packages for fixing the vulnerabilities identified in
the linux package for version 14.04 LTS of Ubuntu GNU/Linux. Due to multiple
errors, an attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges, execute arbitrary code, cause a denial of
service condition and compromise the
system.
URL:www.ubuntu.com/usn/usn-2516-2/
No comments:
Post a Comment