1. Vulnerability
in Apache Cordova (103448)
[29/05/2015] Vulnerability was identified in the Apache Cordova. An
attacker could bypass security restrictions, execute arbitrary code and perform
code injection attacks, cause a denial of service condition and crash the
system. This vulnerability affects versions prior to 4.0.2 of the mentioned
product. Security patches are available to resolve this
vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/103448
2. Vulnerability in HP Products
(103453)
[29/05/2015]
Vulnerability was identified in the HP ThinPro
Linux and HP Smart Zero Core running HP Easy Setup Wizard. An attacker could
bypass security restrictions and gain elevated privileges. This vulnerability
affects multiple versions of the mentioned products. Security patches are
available to resolve this
vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/103453
3. Vulnerability in SAP HANA
(103456)
[29/05/2015]
Vulnerability was identified in the SAP HANA. An
attacker could bypass security restrictions and obtain sensitive information.
This vulnerability affects version 1.00.73.00.389160 of the mentioned product.
Security patches are available to resolve this
vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/103456
4. Security Updates in Debian
(DSA-3274-1)
[29/05/2015] Debian has
released security update packages for fixing the vulnerability identified in the
virtualbox package for multiple versions of Debian GNU/Linux. An attacker could
bypass security restrictions and gain elevated
privileges.
URL:www.debian.org/security/2015/dsa-3274
5. Security Updates in SUSE
(SUSE-SU-2015:0960-1)
[29/05/2015] SUSE has
released security update packages for fixing the vulnerabilities identified in
the MozillaFirefox packages of SUSE Linux Enterprise 12. Due to multiple errors,
an attacker could bypass security restrictions, execute arbitrary code, cause a
denial of service condition and crash the
system.
URL:lists.opensuse.org/opensuse-security-announce/2015-05/msg00054.html
6. Vulnerability in Apache Sling
(103417)
[28/05/2015]
Vulnerability was identified in the Apache
Sling. An attacker could bypass security restrictions, obtain sensitive
information, execute arbitrary code and perform cross-site scripting attacks.
This vulnerability affects multiple versions of the mentioned product. Security
patches are available to resolve this
vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/103417
7. Vulnerabilities in Apple Products
(HT202681)
[28/05/2015]
Vulnerabilities were identified in Adobe Flash
Player plug-in of Apple Safari and Apple iOS. An attacker could bypass security
restrictions, obtain sensitive information, execute arbitrary code, cause a
denial of service condition and compromise the system. These vulnerabilities
affect multiple versions of the mentioned products. Apple has confirmed the
vulnerability in Adobe Flash Player plug-in of Safari and released a security
patch for
it.
URL:support.apple.com/en-us/HT202681
URL:www.hkcert.org/my_url/en/alert/15052801
8. Vulnerabilities in Cisco
Products
[28/05/2015]
Vulnerabilities were identified in the Cisco
Telepresence Video Communication Server, Cisco Unified Email Interaction Manager
(EIM), Cisco Unified Web Interaction Manager (WIM), Cisco Finesse, Cisco
Identity Services Engine and Cisco Wireless LAN Controller. An attacker could
bypass security restrictions, obtain sensitive information, gain elevated
privileges, execute arbitrary code, perform cross-site scripting and code
injection attacks, cause a denial of service condition and crash the system.
These vulnerabilities affect multiple firmware versions of the mentioned
products. Security patches are available to resolve these vulnerabilities except
the Cisco Telepresence Video Communication Server and Cisco
Finesse.
URL:tools.cisco.com/security/center/viewAlert.x?alertId=39012
URL:tools.cisco.com/security/center/viewAlert.x?alertId=39013
URL:tools.cisco.com/security/center/viewAlert.x?alertId=39015
URL:tools.cisco.com/security/center/viewAlert.x?alertId=39018
URL:tools.cisco.com/security/center/viewAlert.x?alertId=39041
URL:tools.cisco.com/security/center/viewAlert.x?alertId=39042
URL:exchange.xforce.ibmcloud.com/vulnerabilities/103420
URL:exchange.xforce.ibmcloud.com/vulnerabilities/103421
9. Vulnerability in SolarWinds Network Performance
Monitor (103406)
[28/05/2015] Vulnerability was identified in the SolarWinds Network
Performance Monitor. An attacker could bypass security restrictions and perform
phishing attacks. This vulnerability affects version 11.5 of the mentioned
product.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/103406
10.
Security Updates in Mageia
(MGASA-2015-0237, MGASA-2015-0238, MGASA-2015-0239)
[28/05/2015] Mageia has released security update packages for fixing the
vulnerabilities identified in the kernel-linus, kernel-tmb and fuse packages for
multiple versions of Mageia. Due to multiple errors, an attacker could bypass
security restrictions, gain elevated privileges, cause a denial of service
condition and crash the
system.
URL:advisories.mageia.org/MGASA-2015-0237.html
URL:advisories.mageia.org/MGASA-2015-0238.html
URL:advisories.mageia.org/MGASA-2015-0239.html
11.
Security Updates in Red Hat Enterprise
Linux (RHSA-2015:1030-1, RHSA-2015:1031-1)
[28/05/2015] Red Hat
has released security update packages for fixing the vulnerabilities identified
in the kernel and qemu-kvm packages for Red Hat Enterprise Linux 6. Due to
multiple errors, an attacker could bypass security restrictions, gain elevated
privileges, execute arbitrary code, cause a denial of service condition and
crash the
system.
URL:rhn.redhat.com/errata/RHSA-2015-1030.html
URL:rhn.redhat.com/errata/RHSA-2015-1031.html
12.
Security Updates in Ubuntu GNU/Linux
(USN-2617-3)
[28/05/2015] Ubuntu has
released security update packages for fixing the vulnerability identified in the
ntfs-3g package for version 15.04 of Ubuntu GNU/Linux. An attacker could bypass
security restrictions and gain elevated
privileges.
URL:www.ubuntu.com/usn/usn-2617-3/
13.
Vulnerabilities in Apache Products
(103332, 103333)
[27/05/2015] Vulnerabilities were identified in the Apache HBase and
Apache Hive. An attacker could bypass security restrictions, obtain sensitive
information, execute arbitrary code, cause a denial of service condition and
crash the system. These vulnerabilities affect multiple versions of the
mentioned products. Security patches are available to resolve these
vulnerabilities.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/103332
URL:exchange.xforce.ibmcloud.com/vulnerabilities/103333
14.
Vulnerability in Cisco IP Phone
7861
[27/05/2015]
Vulnerability was identified in the Cisco IP
Phone 7861. An attacker could bypass security restrictions, cause a denial of
service condition and crash the system. This vulnerability affects multiple
firmware versions of the mentioned product. Security patches are available to
resolve this
vulnerability.
URL:tools.cisco.com/security/center/viewAlert.x?alertId=39011
URL:exchange.xforce.ibmcloud.com/vulnerabilities/103336
15.
Vulnerability in HP SiteScope
(c04688784)
[27/05/2015] Vulnerability was identified in the HP SiteScope. An attacker
could bypass security restrictions and gain elevated privileges. This
vulnerability affects multiple versions of the mentioned product. Security
patches are available to resolve this
vulnerability.
URL:h20564.www2.hp.com/hpsc/doc/public/display?docId=emr_na-c04688784
URL:exchange.xforce.ibmcloud.com/vulnerabilities/103334
16.
Vulnerability in F5 ARX
(SOL16686)
[27/05/2015]
Vulnerability was identified in the F5 ARX. An
attacker could bypass security restrictions, cause a denial of service condition
and crash the system. This vulnerability affects versions 6.0.0 - 6.4.0 of the
mentioned product. Security patches are available to resolve this
vulnerability.
URL:support.f5.com/kb/en-us/solutions/public/16000/600/sol16686.html
17.
Vulnerability in Synology Cloud Station
sync client for OS X (VU#551972)
[27/05/2015] Vulnerability was identified in the Synology Cloud Station
sync client for OS X. An attacker could bypass security restrictions and gain
elevated privileges. This vulnerability affects versions prior to 3.2-3475 of
the mentioned product. Security patches are available to resolve this
vulnerability.
URL:www.kb.cert.org/vuls/id/551972
URL:exchange.xforce.ibmcloud.com/vulnerabilities/103335
18.
Vulnerabilities in Sendio ESP (103330,
103331)
[27/05/2015]
Vulnerabilities were identified in the Sendio
ESP (E-mail Security Platform). An attacker could bypass security restrictions
and obtain sensitive information. These vulnerabilities affect versions prior to
7.2.4 of the mentioned product. Security patches are available to resolve these
vulnerabilities.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/103330
URL:exchange.xforce.ibmcloud.com/vulnerabilities/103331
19.
Security Updates in SUSE
(SUSE-SU-2015:0889-2, SUSE-SU-2015:0940-1, SUSE-SU-2015:0943-1,
SUSE-SU-2015:0944-1, SUSE-SU-2015:0946-1)
[27/05/2015] SUSE has
released security update packages for fixing the vulnerabilities identified in
the xen, KVM and MySQL packages of SUSE Linux Enterprise 10 and 11. Due to
multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and compromise the
system.
URL:lists.opensuse.org/opensuse-security-announce/2015-05/msg00022.html
URL:lists.opensuse.org/opensuse-security-announce/2015-05/msg00023.html
URL:lists.opensuse.org/opensuse-security-announce/2015-05/msg00024.html
URL:lists.opensuse.org/opensuse-security-announce/2015-05/msg00025.html
URL:lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html
20.
Security Updates in Ubuntu GNU/Linux
(USN-2622-1)
[27/05/2015] Ubuntu has
released security update packages for fixing the vulnerabilities identified in
the openldap package for versions 12.04 LTS, 14.04 LTS, 14.10 and 15.04 of
Ubuntu GNU/Linux. Due to multiple errors, an attacker could bypass security
restrictions, execute arbitrary code, cause a denial of service condition and
crash the
system.
URL:www.ubuntu.com/usn/usn-2622-1/
21. Vulnerabilities in Cisco
Products
[26/05/2015]
Vulnerabilities were identified in the Cisco
Unified Communications Manager and Cisco Hosted Collaboration Solution. An
attacker could bypass security restrictions, obtain sensitive information and
execute arbitrary code. These vulnerabilities affect multiple firmware versions
of the mentioned products. Security patches are available to resolve these
vulnerabilities.
URL:tools.cisco.com/security/center/viewAlert.x?alertId=38964
URL:tools.cisco.com/security/center/viewAlert.x?alertId=38969
22.
Vulnerabilities in
PostgreSQL
[26/05/2015]
Vulnerabilities were identified in the
PostgreSQL. An attacker could bypass security restrictions, obtain sensitive
information, cause a denial of service condition and crash the system. These
vulnerabilities affect versions 9.1 and 9.4 of the mentioned product. Security
patches are available to resolve these
vulnerabilities.
URL:www.hkcert.org/my_url/en/alert/15052601
23.
Security Updates in Oracle Linux
(ELSA-2015-3037)
[26/05/2015] Oracle has
released security update packages for fixing the vulnerabilities identified in
the docker package for Oracle Linux 6 and 7. Due to multiple errors, an attacker
could bypass security restrictions, obtain sensitive information and gain
elevated
privileges.
URL:linux.oracle.com/errata/ELSA-2015-3037.html
24.
Security Updates in Debian (DSA-3267-1,
DSA-3268-1, DSA-3269-1, DSA-3270-1, DSA-3271-1, DSA-3272-1,
DSA-3273-1)
[26/05/2015] Debian has
released security update packages for fixing the vulnerabilities identified in
the chromium-browser, ntfs-3g, postgresql-9.1, postgresql-9.4, nbd, ipsec-tools
and tiff packages for multiple versions of Debian GNU/Linux. Due to multiple
errors, an attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges, execute arbitrary code, cause a denial of
service condition and compromise the
system.
URL:www.debian.org/security/2015/dsa-3267
URL:www.debian.org/security/2015/dsa-3268
URL:www.debian.org/security/2015/dsa-3269
URL:www.debian.org/security/2015/dsa-3270
URL:www.debian.org/security/2015/dsa-3271
URL:www.debian.org/security/2015/dsa-3272
URL:www.debian.org/security/2015/dsa-3273
25.
Security Updates in Mageia
(MGASA-2015-0235, MGASA-2015-0236)
[26/05/2015] Mageia has
released security update packages for fixing the vulnerabilities identified in
the chromium-browser-stable, kernel, kernel-userspace-headers,
kmod-vboxadditions, kmod-virtualbox, kmod-xtables-addons, kmod-broadcom-wl,
kmod-fglrx, kmod-nvidia173, kmod-nvidia304 and kmod-nvidia-current packages for
multiple versions of Mageia. Due to multiple errors, an attacker could bypass
security restrictions, obtain sensitive information, gain elevated privileges,
execute arbitrary code, cause a denial of service condition and compromise the
system.
URL:advisories.mageia.org/MGASA-2015-0235.html
URL:advisories.mageia.org/MGASA-2015-0236.html
26.
Security Updates in Red Hat Enterprise
Linux (RHSA-2015:1023-1)
[26/05/2015] Red Hat
has released security update packages for fixing the vulnerabilities identified
in the chromium-browser package for Red Hat Enterprise Linux 6. Due to multiple
errors, an attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges, execute arbitrary code, cause a denial of
service condition and compromise the
system.
URL:rhn.redhat.com/errata/RHSA-2015-1023.html
27.
Security Updates in Ubuntu GNU/Linux
(USN-2617-2, USN-2619-2, USN-2620-1, USN-2621-1)
[26/05/2015] Ubuntu has released security update packages for fixing the
vulnerabilities identified in the ntfs-3g, linux-lts-trusty, linux,
postgresql-9.1, postgresql-9.3 and postgresql-9.4 for versions 12.04 LTS, 14.04
LTS, 14.10 and 15.04 of Ubuntu GNU/Linux. Due to multiple errors, an attacker
could bypass security restrictions, obtain sensitive information, gain elevated
privileges, execute arbitrary code, cause a denial of service condition and
compromise the
system.
URL:www.ubuntu.com/usn/usn-2617-2/
URL:www.ubuntu.com/usn/usn-2619-1/
URL:www.ubuntu.com/usn/usn-2620-1/
URL:www.ubuntu.com/usn/usn-2621-1/
No comments:
Post a Comment