1. Vulnerability
in Apple iOS
[24/04/2015] Vulnerability was identified in the Apple iOS. An attacker
could bypass security restrictions, cause a denial of service condition and
crash the system. This vulnerability affects version 8 of the mentioned
product.
URL:www.hkcert.org/my_url/en/alert/15042401
2. Vulnerabilities in Cisco FireSIGHT Management
Center
[24/04/2015]
Vulnerabilities were identified in the Cisco
FireSIGHT Management Center. An attacker could bypass security restrictions,
execute arbitrary code, and perform web framework HTTP Header Redirection and
cross-site scripting attacks. These vulnerabilities affect multiple firmware
versions of the mentioned product. Security patches are available to resolve
these
vulnerabilities.
URL:tools.cisco.com/security/center/viewAlert.x?alertId=38486
URL:tools.cisco.com/security/center/viewAlert.x?alertId=38487
URL:exchange.xforce.ibmcloud.com/vulnerabilities/102511
URL:exchange.xforce.ibmcloud.com/vulnerabilities/102512
3. Vulnerabilities in IBM Products (1882637,
1882876)
[24/04/2015]
Vulnerabilities were identified in the IBM Lotus
Quickr for WebSphere Portal and IBM Sametime Unified Telephony. An attacker
could bypass security restrictions, obtain sensitive information, gain elevated
privileges, execute arbitrary code, cause a denial of service condition and
crash the system. These vulnerabilities affect multiple versions of the
mentioned products. Security patches are available to resolve these
vulnerabilities.
URL:www-304.ibm.com/support/docview.wss?uid=swg21882637
URL:www-304.ibm.com/support/docview.wss?uid=swg21882876
4. Vulnerabilities in NetIQ LDAP Proxy
(5204231)
[24/04/2015]
Vulnerabilities were identified in the NetIQ
LDAP Proxy. An attacker could bypass security restriction and obtain sensitive
information. These vulnerabilities affect version 1.5 of the mentioned product.
Security patches are available to resolve these
vulnerabilities.
URL:download.novell.com/Download?buildid=3x8lI-kJvhE~
5. Vulnerabilities in Trend Micro
OfficeScan
[24/04/2015]
Vulnerabilities were identified in the Trend
Micro OfficeScan 10.6. An attacker could bypass security restrictions, cause a
denial of service condition and crash the system. These vulnerabilities affect
versions prior to Server Build 5779 and Client Module Build 5527 of the
mentioned products. Security patches are available to resolve these
vulnerabilities.
URL:files.trendmicro.com/documentation/readme/osce_106_sp3_patch1_win_all_criticalpatch_5779_readme.txt
6. Vulnerabilities in F5 Products (SOL16471, SOL16477,
SOL16505)
[24/04/2015]
Vulnerabilities were identified in the F5 BIG-IP
LTM, BIG-IP AAM, BIG-IP AFM, BIG-IP Analytics, BIG-IP APM, BIG-IP ASM, BIG-IP
Edge Gateway, BIG-IP GTM, BIG-IP Link Controller, BIG-IP PEM, BIG-IP PSM, BIG-IP
WebAccelerator, BIG-IP WOM and Enterprise Manager. An attacker could bypass
security restrictions, obtain sensitive information, gain elevated privileges,
cause a denial of service condition and crash the system. These vulnerabilities
affect multiple versions of the mentioned products. Security patches are
available to resolve these
vulnerabilities.
URL:support.f5.com/kb/en-us/solutions/public/16000/400/sol16471.html
URL:support.f5.com/kb/en-us/solutions/public/16000/400/sol16477.html
URL:support.f5.com/kb/en-us/solutions/public/16000/500/sol16505.html
7. Vulnerability in PowerDNS
(2015-01)
[24/04/2015]
Vulnerability was identified in the PowerDNS. An
attacker could bypass security restrictions, execute arbitrary code, cause a
denial of service condition and crash the system. This vulnerability affects
version 3.5 of the mentioned product. Security patches are available to resolve
this
vulnerability.
URL:doc.powerdns.com/md/security/powerdns-advisory-2015-01/
URL:exchange.xforce.ibmcloud.com/vulnerabilities/102537
8. Vulnerability in Drupal
(DRUPAL-SA-CONTRIB-2015-099)
[24/04/2015] Vulnerability was identified in the Node Template module for
Drupal. An attacker could bypass security restrictions, execute arbitrary code
and perform cross-site scripting attacks. This vulnerability affects multiple
versions of the mentioned product. Security patches are available to resolve
this
vulnerability.
URL:www.drupal.org/node/2475955
URL:exchange.xforce.ibmcloud.com/vulnerabilities/102521
9. Vulnerability in Android
component
[24/04/2015]
Vulnerability was identified in the Android
component wpa_supplicant. A remote attacker could bypass security restrictions,
obtain sensitive information, execute arbitrary code, cause a denial of service
condition and crash the system. This vulnerability affects versions 1.0 - 2.4 of
the mentioned component. Security patches are available to resolve this
vulnerability.
URL:www.hkcert.org/my_url/en/alert/15042402
10.
Vulnerability in
WordPress
[24/04/2015]
Vulnerability was identified in the WordPress.
An attacker could bypass security restrictions, execute arbitrary code and
perform cross-site scripting attacks. This vulnerability affects versions prior
to 4.1.2 of the mentioned product. Security patches are available to resolve
this
vulnerability.
URL:wordpress.org/news/2015/04/wordpress-4-1-2/
URL:www.us-cert.gov/ncas/current-activity/2015/04/23/WordPress-Releases-Security-Update
11.
Vulnerability in Red Hat JBoss Operations
Network (102539)
[24/04/2015] Vulnerability was identified in the Red Hat JBoss Operations
Network. An attacker could bypass security restrictions, execute arbitrary code,
cause a denial of service condition and crash the system. This vulnerability
affects version 3.0 of the mentioned product. Security patches are available to
resolve this
vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/102539
12.
Security Updates in Oracle Linux
(ELSA-2015-3032, ELSA-2015-3033, ELSA-2015-3034)
[24/04/2015] Oracle has released security update packages for fixing the
vulnerabilities identified in the kernel package for Oracle Linux 5, 6 and 7.
Due to multiple errors, an attacker could bypass security restrictions, gain
elevated privileges, execute arbitrary code, cause a denial of service condition
and crash the
system.
URL:linux.oracle.com/errata/ELSA-2015-3032.html
URL:linux.oracle.com/errata/ELSA-2015-3033.html
URL:linux.oracle.com/errata/ELSA-2015-3034.html
13.
Security Updates in Mageia
(MGASA-2015-0162, MGASA-2015-0163, MGASA-2015-0164, MGASA-2015-0165,
MGASA-2015-0166, MGASA-2015-0167, MGASA-2015-0168)
[24/04/2015] Mageia has released security update packages for fixing the
vulnerabilities identified in the setup, chrony, chromium-browser-stable, lftp,
libksba, t1utils and ntop packages for multiple versions of Mageia. Due to
multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and compromise the
system.
URL:advisories.mageia.org/MGASA-2015-0162.html
URL:advisories.mageia.org/MGASA-2015-0163.html
URL:advisories.mageia.org/MGASA-2015-0164.html
URL:advisories.mageia.org/MGASA-2015-0165.html
URL:advisories.mageia.org/MGASA-2015-0166.html
URL:advisories.mageia.org/MGASA-2015-0167.html
URL:advisories.mageia.org/MGASA-2015-0168.html
14.
Security Updates in Ubuntu GNU/Linux
(USN-2576-1, USN-2576-2, USN-2577-1)
[24/04/2015] Ubuntu has
released security update packages for fixing the vulnerabilities identified in
the usb-creator and wpa packages for versions 12.04 LTS, 14.04 LTS, 14.10 and
15.04 of Ubuntu GNU/Linux. Due to multiple errors, an attacker could bypass
security restrictions, obtain sensitive information, gain elevated privileges,
execute arbitrary code, cause a denial of service condition and crash the
system.
URL:www.ubuntu.com/usn/usn-2576-1/
URL:www.ubuntu.com/usn/usn-2576-2/
URL:www.ubuntu.com/usn/usn-2577-1/
15.
Vulnerabilities in HP Products (102501,
102503)
[23/04/2015]
Vulnerabilities were identified in the HP Data
Protector, HP TippingPoint Security Management System (SMS) and HP TippingPoint
Virtual Security Management System (vSMS). An attacker could bypass security
restriction, execute arbitrary code, cause a denial of service condition and
crash the system. These vulnerabilities affect multiple versions of the
mentioned products. Security patches are available to resolve these
vulnerabilities.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/102501
URL:exchange.xforce.ibmcloud.com/vulnerabilities/102503
16.
Vulnerability in Novell ZENworks
Configuration Management (5207650)
[23/04/2015] Vulnerability was identified in the Novell ZENworks
Configuration Management. An attacker could bypass security restriction and
obtain sensitive information. This vulnerability affects multiple versions of
the mentioned product. Security patches are available to resolve this
vulnerability.
URL:download.novell.com/Download?buildid=Ddi7yDlFrqA~
17.
Vulnerability in F5 Products
(SOL16479)
[23/04/2015]
Vulnerability was identified in the F5 BIG-IP
LTM, BIG-IP APM, BIG-IP ASM, BIG-IP Edge Gateway, BIG-IP GTM, BIG-IP Link
Controller, BIG-IP PSM, BIG-IP WebAccelerator, BIG-IP WOM, ARX and Enterprise
Manager. An attacker could bypass security restrictions, cause a denial of
service condition and crash the system. This vulnerability affects multiple
versions of the mentioned products. Security patches are available to resolve
this
vulnerability.
URL:support.f5.com/kb/en-us/solutions/public/16000/400/sol16479.html
18.
Vulnerability in Photo Manager Pro for
iOS (102496)
[23/04/2015] Vulnerability was identified in the Photo Manager Pro for
iOS. An attacker could bypass security restrictions, obtain sensitive
information and execute arbitrary code. This vulnerability affects version 4.4.0
Pro of the mentioned
product.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/102496
19.
Vulnerability in GNU glibc
(102500)
[23/04/2015]
Vulnerability was identified in the GNU glibc.
An attacker could bypass security restrictions, gain elevated privileges,
execute arbitrary code, cause a denial of service condition and crash the
system. This vulnerability affects version 2.2 of the mentioned product.
Security patches are available to resolve this
vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/102500
20.
Security Updates in Oracle Linux
(ELSA-2015-0869)
[23/04/2015] Oracle has
released security update packages for fixing the vulnerabilities identified in
the kvm package for Oracle Linux 5. Due to multiple errors, an attacker could
bypass security restrictions, execute arbitrary code, cause a denial of service
condition and crash the
system.
URL:linux.oracle.com/errata/ELSA-2015-0869.html
21.
Security Updates in Debian
(DSA-3232-1)
[23/04/2015] Debian has
released security update packages for fixing the vulnerabilities identified in
the curl package for multiple versions of Debian GNU/Linux. Due to multiple
errors, an attacker could bypass security restrictions, gain elevated
privileges, execute arbitrary code, cause a denial of service condition and
crash the
system.
URL:www.debian.org/security/2015/dsa-3232
22.
Security Updates in Slackware
(SSA:2015-111-01, SSA:2015-111-02, SSA:2015-111-03, SSA:2015-111-04,
SSA:2015-111-05, SSA:2015-111-06, SSA:2015-111-07, SSA:2015-111-08,
SSA:2015-111-09, SSA:2015-111-10, SSA:2015-111-11, SSA:2015-111-12,
SSA:2015-111-13, SSA:2015-111-14)
[23/04/2015] Slackware
has released security update packages for fixing the vulnerabilities identified
in the mozilla-firefox, qt, mozilla-thunderbird, libssh, mutt, php, seamonkey,
ppp, proftpd, gnupg, ntp, bind, httpd and openssl package for multiple versions
of Slackware Linux. Due to multiple errors, an attacker could bypass security
restrictions, obtain sensitive information, gain elevated privileges, execute
arbitrary code, cause a denial of service condition and compromise the
system.
URL:www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.356157
URL:www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.357024
URL:www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.359872
URL:www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.382307
URL:www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.416238
URL:www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.429606
URL:www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.493735
URL:www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.497351
URL:www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.503863
URL:www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.517790
URL:www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.522767
URL:www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.522788
URL:www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.568837
URL:www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.756101
23.
Security Updates in Red Hat Enterprise
Linux (RHSA-2015:0869-1, RHSA-2015:0870-1)
[23/04/2015] Red Hat
has released security update packages for fixing the vulnerabilities identified
in the kvm and kernel packages for Red Hat Enterprise Linux 5. Due to multiple
errors, an attacker could bypass security restrictions, gain elevated
privileges, execute arbitrary code, cause a denial of service condition and
crash the
system.
URL:rhn.redhat.com/errata/RHSA-2015-0869.html
URL:rhn.redhat.com/errata/RHSA-2015-0870.html
24.
Vulnerability in Microsoft
Windows
[22/04/2015]
Vulnerability was identified in the Microsoft
Windows. An attacker could bypass security restrictions, gain elevated
privileges and execute arbitrary code. This vulnerability affects versions prior
to 8 of the mentioned
product.
URL:www.hkcert.org/my_url/en/alert/15042101
25.
Vulnerability in Apple OS
X
[22/04/2015] Vulnerability was identified in Apple OS X. An
attacker could bypass security restrictions, gain elevated privileges and
execute arbitrary code. This vulnerability affects versions prior to 10.0.3 of
the mentioned
product.
URL:www.hkcert.org/my_url/en/alert/15042201
26.
Vulnerabilities in Cisco Unified
MeetingPlace
[22/04/2015] Vulnerabilities were identified in the Cisco Unified
MeetingPlace. An attacker could bypass security restrictions, gain elevated
privileges, execute arbitrary code and perform cross-site scripting attacks.
These vulnerabilities affect multiple firmware versions of the mentioned
product. Security patches are available to resolve these
vulnerabilities.
URL:tools.cisco.com/security/center/viewAlert.x?alertId=38460
URL:tools.cisco.com/security/center/viewAlert.x?alertId=38461
URL:exchange.xforce.ibmcloud.com/vulnerabilities/102468
URL:exchange.xforce.ibmcloud.com/vulnerabilities/102469
27.
Vulnerabilities in Novell Products
(5207351)
[22/04/2015]
Vulnerabilities were identified in the NetIQ
Sentinel and NetIQ Sentinel Log Manager. An attacker could bypass security
restriction, gain elevated privileges, execute arbitrary code, cause a denial of
service condition and crash the system. These vulnerabilities affect multiple
versions of the mentioned product. Security patches are available to resolve
these
vulnerabilities.
URL:download.novell.com/Download?buildid=dpHkpNu89zw~
28.
Vulnerability in F5 Products (SOL16473,
SOL16476, SOL16480)
[22/04/2015] Vulnerabilities were identified in the F5 BIG-IP LTM, BIG-IP
AAM, BIG-IP AFM, BIG-IP Analytics, BIG-IP APM, BIG-IP ASM, BIG-IP Edge Gateway,
BIG-IP GTM, BIG-IP Link Controller, BIG-IP PEM, BIG-IP PSM, BIG-IP
WebAccelerator, BIG-IP WOM, ARX, Enterprise Manager, FirePass, BIG-IQ Cloud,
BIG-IQ Device, BIG-IQ Security, BIG-IQ-ADC, LineRate and Traffix-SDC. An
attacker could bypass security restrictions, obtain sensitive information, cause
a denial of service condition and crash the system. These vulnerabilities affect
multiple versions of the mentioned products. Security patches are available to
resolve these
vulnerabilities.
URL:support.f5.com/kb/en-us/solutions/public/16000/100/sol16473.html
URL:support.f5.com/kb/en-us/solutions/public/16000/400/sol16476.html
URL:support.f5.com/kb/en-us/solutions/public/16000/400/sol16480.html
29.
Vulnerability in Xen
(XSA-132)
[22/04/2015]
Vulnerability was identified in the Xen. An
attacker could bypass security restrictions and obtain sensitive information.
This vulnerability affects multiple versions of the mentioned product. Security
patches are available to resolve this
vulnerability.
URL:xenbits.xen.org/xsa/advisory-132.html
URL:exchange.xforce.ibmcloud.com/vulnerabilities/102388
30.
Security Updates in Oracle Linux
(ELSA-2015-0863, ELSA-2015-0864)
[22/04/2015] Oracle has
released security update packages for fixing the vulnerabilities identified in
the glibc and kernel packages for Oracle Linux 6. Due to multiple errors, an
attacker could bypass security restrictions, obtain sensitive information, gain
elevated privileges, execute arbitrary code, cause a denial of service condition
and compromise the
system.
URL:linux.oracle.com/errata/ELSA-2015-0863.html
URL:linux.oracle.com/errata/ELSA-2015-0864.html
31.
Security Updates in Debian (DSA-3230-1,
DSA-3231-1)
[22/04/2015] Debian has
released security update packages for fixing the vulnerabilities identified in
the django-markupfield and subversion packages for multiple versions of Debian
GNU/Linux. Due to multiple errors, an attacker could bypass security
restrictions, obtain sensitive information, execute arbitrary code, cause a
denial of service condition and crash the
system.
URL:www.debian.org/security/2015/dsa-3230
URL:www.debian.org/security/2015/dsa-3231
32.
Security Updates in SUSE
(SUSE-SU-2015:0743-1)
[22/04/2015] SUSE has
released security update packages for fixing the vulnerabilities identified in
the mariadb package of SUSE Linux Enterprise 12. Due to multiple errors, an
attacker could bypass security restrictions, obtain sensitive information, gain
elevated privileges, execute arbitrary code, cause a denial of service condition
and crash the
system.
URL:lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html
33.
Security Updates in Red Hat Enterprise
Linux (RHSA-2015:0863-1, RHSA-2015:0864-1, RHSA-2015:0867-1,
RHSA-2015:0868-1)
[22/04/2015] Red Hat
has released security update packages for fixing the vulnerabilities identified
in the glibc, kernel, qemu-kvm and qemu-kvm-rhev packages for Red Hat Enterprise
Linux 6. Due to multiple errors, an attacker could bypass security restrictions,
obtain sensitive information, gain elevated privileges, execute arbitrary code,
cause a denial of service condition and compromise the
system.
URL:rhn.redhat.com/errata/RHSA-2015-0863.html
URL:rhn.redhat.com/errata/RHSA-2015-0864.html
URL:rhn.redhat.com/errata/RHSA-2015-0867.html
URL:rhn.redhat.com/errata/RHSA-2015-0868.html
34.
Security Updates in Ubuntu GNU/Linux
(USN-2573-1, USN-2574-1, USN-2575-1)
[22/04/2015] Ubuntu has
released security update packages for fixing the vulnerabilities identified in
the openjdk-6, openjdk-7 and mysql-5.5 packages for versions 10.04 LTS, 12.04
LTS, 14.04 LTS and 14.10 of Ubuntu GNU/Linux. Due to multiple errors, an
attacker could bypass security restrictions, obtain sensitive information, gain
elevated privileges, execute arbitrary code, cause a denial of service condition
and compromise the
system.
URL:www.ubuntu.com/usn/usn-2573-1/
URL:www.ubuntu.com/usn/usn-2574-1/
URL:www.ubuntu.com/usn/usn-2575-1/
35.
Vulnerability in Mozilla Firefox (MFSA
2015-45)
[21/04/2015]
Vulnerability was identified in Mozilla Firefox.
An attacker could potentially execute arbitrary code. This vulnerability affects
versions prior to 37.0.2 of the mentioned product. Security patches are
available to resolve this
vulnerability.
URL:www.mozilla.org/en-US/security/advisories/mfsa2015-45/
36.
Vulnerabilities in Cisco Unified
MeetingPlace
[21/04/2015] Vulnerabilities were identified in the Cisco Unified
MeetingPlace. An attacker could bypass security restrictions, obtain sensitive
information, execute arbitrary code, perform cross-site scripting attacks, cause
a denial of service condition and crash the system. These vulnerabilities affect
multiple firmware versions of the mentioned product. Security patches are
available to resolve these
vulnerabilities.
URL:tools.cisco.com/security/center/viewAlert.x?alertId=38455
URL:tools.cisco.com/security/center/viewAlert.x?alertId=38459
37.
Vulnerability in F5 Products
(SOL16472)
[21/04/2015]
Vulnerability was identified in the F5 BIG-IP
LTM, BIG-IP AAM, BIG-IP AFM, BIG-IP Analytics, BIG-IP APM, BIG-IP ASM, BIG-IP
GTM, BIG-IP Link Controller, BIG-IP PEM, BIG-IQ Cloud, BIG-IQ Device, BIG-IQ
Security and BIG-IQ ADC. An attacker could bypass security restrictions, gain
elevated privileges and execute arbitrary code. This vulnerability affects
multiple versions of the mentioned products. Security patches are available to
resolve this
vulnerability.
URL:support.f5.com/kb/en-us/solutions/public/16000/100/sol16472.html
38.
Vulnerability in NetNanny
(VU#260780)
[21/04/2015] Vulnerability was identified in the NetNanny. An attacker
could bypass security restrictions, obtain sensitive information, execute
arbitrary code and perform spoofing attacks. This vulnerability affects version
7.2.4.2 and possibly other versions of the mentioned
product.
URL:www.kb.cert.org/vuls/id/260780
39. Security Updates in SUSE (openSUSE-SU-2015:0732-1,
SUSE-SU-2015:0736-1)
[21/04/2015] SUSE has
released security update packages for fixing the vulnerabilities identified in
the xen package of openSUSE 13.1, and the Real Time Linux Kernel package of SUSE
Linux Enterprise 11. Due to multiple errors, an attacker could bypass security
restrictions, obtain sensitive information, gain elevated privileges, execute
arbitrary code, cause a denial of service condition and compromise the
system.
URL:lists.opensuse.org/opensuse-security-announce/2015-04/msg00014.html
URL:lists.opensuse.org/opensuse-security-announce/2015-04/msg00015.html
40.
Security Updates in Red Hat Enterprise
Linux (RHSA-2015:0856-1, RHSA-2015:0857-1,
RHSA-2015:0858-1)
[21/04/2015] Red Hat
has released security update packages for fixing the vulnerabilities identified
in the postgresql package for Red Hat Satellite 5.7, the java-1.7.0-oracle and
java-1.6.0-oracle packages for Red Hat Enterprise Linux 5, 6, and 7. Due to
multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and compromise the
system.
URL:rhn.redhat.com/errata/RHSA-2015-0856.html
URL:rhn.redhat.com/errata/RHSA-2015-0857.html
URL:rhn.redhat.com/errata/RHSA-2015-0858.html
41.
Security Updates in Ubuntu GNU/Linux
(USN-2572-1)
[21/04/2015] Ubuntu has
released security update packages for fixing the vulnerability identified in the
php5 package for versions 10.04 LTS, 12.04 LTS, 14.04 LTS and 14.10 of Ubuntu
GNU/Linux. Due to multiple errors, an attacker could bypass security
restrictions, obtain sensitive information, gain elevated privileges, execute
arbitrary code, cause a denial of service condition and crash the
system.
URL:www.ubuntu.com/usn/usn-2572-1/
42. Vulnerabilities in Novell ZENworks Configuration
Management (5206350)
[20/04/2015] Vulnerabilities were identified in the Novell ZENworks
Configuration Management. An attacker could bypass security restriction, gain
elevated privileges, execute arbitrary code, cause a denial of service condition
and crash the system. These vulnerabilities affect multiple versions of the
mentioned product. Security patches are available to resolve these
vulnerabilities.
URL:download.novell.com/Download?buildid=BJbybNUmQRQ~
43.
Vulnerability in
GnuTLS
[20/04/2015]
Vulnerability was identified in the GnuTLS. An
attacker could bypass security restrictions, obtain sensitive information and
execute arbitrary code. This vulnerability affects versions prior to 3.1.0 of
the mentioned product. Security patches are available to resolve this
vulnerability.
URL:www.gnutls.org/security.html
URL:exchange.xforce.ibmcloud.com/vulnerabilities/102423
44.
Security Updates in Debian (DSA-3228-1,
DSA-3229-1)
[20/04/2015] Debian has
released security update packages for fixing the vulnerabilities identified in
the ppp and mysql-5.5 packages for multiple versions of Debian GNU/Linux. Due to
multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, execute arbitrary code, cause a denial of service
condition and crash the
system.
URL:www.debian.org/security/2015/dsa-3228
URL:www.debian.org/security/2015/dsa-3229
45.
Security Updates in Gentoo Linux (GLSA
201504-06, GLSA 201504-07)
[20/04/2015] Gentoo has
released security update packages for fixing the vulnerabilities identified in
the xorg-server and adobe-flash packages for multiple versions of Gentoo Linux.
Due to multiple errors, an attacker could bypass security restrictions, gain
elevated privileges, execute arbitrary code, cause a denial of service condition
and crash the
system.
URL:security.gentoo.org/glsa/201504-06
URL:security.gentoo.org/glsa/201504-07
46.
Security Updates in Mageia
(MGASA-2015-0159, MGASA-2015-0160, MGASA-2015-0161)
[20/04/2015] Mageia has released security update packages for fixing the
vulnerabilities identified in the perl-DBD-Firebird, perl-Module-Signature and
potrace packages for multiple versions of Mageia. Due to multiple errors, an
attacker could bypass security restrictions, obtain sensitive information, gain
elevated privileges, execute arbitrary code, cause a denial of service condition
and crash the
system.
URL:advisories.mageia.org/MGASA-2015-0159.html
URL:advisories.mageia.org/MGASA-2015-0160.html
URL:advisories.mageia.org/MGASA-2015-0161.html
47.
Security Updates in Red Hat Enterprise
Linux (RHSA-2015:0854-1)
[20/04/2015] Red Hat
has released security update packages for fixing the vulnerabilities identified
in the java-1.8.0-oracle package for Red Hat Enterprise Linux 6 and 7. Due to
multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and compromise the
system.
URL:rhn.redhat.com/errata/RHSA-2015-0854.html
No comments:
Post a Comment