1. Vulnerabilities in Cisco Products (cisco-sa-20150625-ironport)
[26/06/2015] Vulnerabilities were identified in the Cisco Web Security Virtual Appliance (WSAv), Cisco Email Security Virtual Appliance (ESAv), Cisco Content Security Management Virtual Appliance (SMAv) and Cisco Wireless LAN Controller. An attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, perform code injection attacks, cause a denial of service condition and compromise the system. These vulnerabilities affect multiple firmware versions of the mentioned products. Security patches are available to resolve these vulnerabilities.
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150625-ironport
URL:tools.cisco.com/security/center/viewAlert.x?alertId=39461
URL:tools.cisco.com/security/center/viewAlert.x?alertId=39517
URL:www.us-cert.gov/ncas/current-activity/2015/06/25/Cisco-Releases-Security-Updates
URL:exchange.xforce.ibmcloud.com/vulnerabilities/104072
URL:exchange.xforce.ibmcloud.com/vulnerabilities/104073
URL:exchange.xforce.ibmcloud.com/vulnerabilities/104075
2. Vulnerability in EMC Unisphere for VMAX (104074)
[26/06/2015] Vulnerability was identified in the EMC Unisphere for VMAX. An attacker could bypass security restrictions and execute arbitrary code. This vulnerability affects versions 8.0.0, 8.0.1 and 8.0.2 of the mentioned product. Security patches are available to resolve this vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/104074
3. Security Updates in Oracle Linux (ELSA-2015-1185, ELSA-2015-1189, ELSA-2015-3046, ELSA-2015-3047)
[26/06/2015] Oracle has released security update packages for fixing the vulnerabilities identified in the nss, kvm and kernel packages for Oracle Linux 5, 6 and 7. Due to multiple errors, an attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, cause a denial of service condition and crash the system.
URL:linux.oracle.com/errata/ELSA-2015-1185.html
URL:linux.oracle.com/errata/ELSA-2015-1189.html
URL:linux.oracle.com/errata/ELSA-2015-3046.html
URL:linux.oracle.com/errata/ELSA-2015-3047.html
4. Security Updates in Red Hat Enterprise Linux (RHSA-2015:1185-1, RHSA-2015:1186-1, RHSA-2015:1187-1, RHSA-2015:1188-1, RHSA-2015:1189-1, RHSA-2015:1190-1)
[26/06/2015] Red Hat has released security update packages for fixing the vulnerabilities identified in the nss, nss-util, php55-php, php56-php, chromium-browser, kvm and kernel packages for Red Hat Enterprise Linux 5, 6 and 7. Due to multiple errors, an attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, cause a denial of service condition and compromise the system.
URL:rhn.redhat.com/errata/RHSA-2015-1185.html
URL:rhn.redhat.com/errata/RHSA-2015-1186.html
URL:rhn.redhat.com/errata/RHSA-2015-1187.html
URL:rhn.redhat.com/errata/RHSA-2015-1188.html
URL:rhn.redhat.com/errata/RHSA-2015-1189.html
URL:rhn.redhat.com/errata/RHSA-2015-1190.html
5. Security Updates in SUSE (openSUSE-SU-2015:1139-1, SUSE-SU-2015:1143-1)
[26/06/2015] SUSE has released security update packages for fixing the vulnerabilities identified in the openssl packages of openSUSE 13.1 and 13.2, and SUSE Linux Enterprise 12. Due to multiple errors, an attacker could bypass security restrictions, obtain sensitive information, execute arbitrary code, cause a denial of service condition and crash the system.
URL:lists.opensuse.org/opensuse-security-announce/2015-06/msg00023.html
URL:lists.opensuse.org/opensuse-security-announce/2015-06/msg00024.html
6. Security Updates in Ubuntu GNU/Linux (USN-2653-1, USN-2654-1, USN-2655-1)
[26/06/2015] Ubuntu has released security update packages for fixing the vulnerabilities identified in the python2.7, python3.2, python3.4, tomcat7 and tomcat6 packages for versions 12.04 LTS, 14.04 LTS, 14.10 and 15.04 of Ubuntu GNU/Linux. Due to multiple errors, an attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, cause a denial of service condition and crash the system.
URL:www.ubuntu.com/usn/usn-2653-1/
URL:www.ubuntu.com/usn/usn-2654-1/
URL:www.ubuntu.com/usn/usn-2655-1/
7. Vulnerability in Apple OS X (104062)
[25/06/2015] Vulnerability was identified in the Apple OS X. An attacker could bypass security restrictions and execute arbitrary code. This vulnerability affects multiple versions of the mentioned product. Security patches are available to resolve this vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/104062
8. Vulnerabilities in Cisco Products
[25/06/2015] Vulnerabilities were identified in the Cisco Unified Presence Server, Cisco IM and Presence Service, and Cisco IOS XR. An attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, perform cross-site scripting and code injection attacks, cause a denial of service condition and crash the system. These vulnerabilities affect multiple firmware versions of the mentioned products. Security patches are available to resolve these vulnerabilities.
URL:tools.cisco.com/security/center/viewAlert.x?alertId=39504
URL:tools.cisco.com/security/center/viewAlert.x?alertId=39505
URL:tools.cisco.com/security/center/viewAlert.x?alertId=39506
URL:tools.cisco.com/security/center/viewAlert.x?alertId=39509
URL:exchange.xforce.ibmcloud.com/vulnerabilities/104059
URL:exchange.xforce.ibmcloud.com/vulnerabilities/104063
URL:exchange.xforce.ibmcloud.com/vulnerabilities/104064
URL:exchange.xforce.ibmcloud.com/vulnerabilities/104065
9. Vulnerabilities in Samsung Products (104060, 104061)
[25/06/2015] Vulnerabilities were identified in the Samsung Galaxy S5 and Samsung Sbeam. An attacker could bypass security restrictions, obtain sensitive information and execute arbitrary code. These vulnerabilities affect multiple firmware versions of the mentioned products. Security patches are available to resolve these vulnerabilities.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/104060
URL:exchange.xforce.ibmcloud.com/vulnerabilities/104061
10. Vulnerability in Thycotic Secret Server (104052)
[25/06/2015] Vulnerability was identified in the Thycotic Secret Server. An attacker could bypass security restrictions, execute arbitrary code and perform ross-site scripting attacks. This vulnerability affects versions 8.6.000000 and 8.8.000004 of the mentioned product. Security patches are available to resolve this vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/104052
11. Security Updates in Oracle Linux (ELSA-2015-3045)
[25/06/2015] Oracle has released security update packages for fixing the vulnerabilities identified in the kernel packages for Oracle Linux 7. Due to multiple errors, an attacker could bypass security restrictions, gain elevated privileges, execute arbitrary code and cause a denial of service condition.
URL:linux.oracle.com/errata/ELSA-2015-3045.html
12. Security Updates in Debian (DSA-3294-1, DSA-3295-1)
[25/06/2015] Debian has released security update packages for fixing the vulnerabilities identified in the wireshark and cacti packages for multiple versions of Debian GNU/Linux. Due to multiple errors, an attacker could bypass security restrictions, execute arbitrary code, perform cross-site scripting and code injection attacks, cause a denial of service condition and crash the system.
URL:www.debian.org/security/2015/dsa-3294
URL:www.debian.org/security/2015/dsa-3295
13. Security Updates in Mageia (MGASA-2015-0248)
[25/06/2015] Mageia has released security update packages for fixing the vulnerabilities identified in the flash-player-plugin package for multiple versions of Mageia. Due to multiple errors, an attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, cause a denial of service condition and compromise the system.
URL:advisories.mageia.org/MGASA-2015-0248.html
14. Security Updates in Red Hat Enterprise Linux (RHSA-2015:1184-1)
[25/06/2015] Red Hat has released security update packages for fixing the vulnerability identified in the adobe flash player packages for Red Hat Enterprise Linux 5 and 6. An attacker could bypass security restrictions, execute arbitrary code, cause a denial of service condition and crash the system.
URL:rhn.redhat.com/errata/RHSA-2015-1184.html
15. Security Updates in SUSE (SUSE-SU-2015:1086-3, SUSE-SU-2015:1136-1, SUSE-SU-2015:1138-1)
[25/06/2015] SUSE has released security update packages for fixing the vulnerabilities identified in the flash-player, IBM Java 1.7.0 and IBM Java 1.6.0 packages of SUSE Linux Enterprise 10, 11 and 12. Due to multiple errors, an attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, cause a denial of service condition and compromise the system.
URL:lists.opensuse.org/opensuse-security-announce/2015-06/msg00020.html
URL:lists.opensuse.org/opensuse-security-announce/2015-06/msg00021.html
URL:lists.opensuse.org/opensuse-security-announce/2015-06/msg00022.html
16. Information Updates on Microsoft Bulletins (3057110, 3058985)
[24/06/2015] Microsoft has updated information on the Security Bulletins for Microsoft Windows, Microsoft .NET Framework, Microsoft Office, Microsoft Lync, and Microsoft Silverlight. (a) MS14-044 was revised to announce a detection change in the 3056819 update for Microsoft Silverlight 5. (b) MS15-049 was revised to announce a detection change in the 3056819 update for Microsoft Silverlight 5.
URL:technet.microsoft.com/en-us/library/security/MS15-044
URL:technet.microsoft.com/en-us/library/security/MS15-049
17. Vulnerability in Adobe Flash Player (APSB15-14)
[24/06/2015] Vulnerability was identified in the Adobe Flash Player. An attacker could bypass security restrictions, obtain sensitive information, execute arbitrary code, cause a denial of service condition and compromise the system. This vulnerability affects multiple versions of the mentioned product. Security patches are available to resolve this vulnerability.
URL:helpx.adobe.com/security/products/flash-player/apsb15-14.html
URL:technet.microsoft.com/en-us/library/security/2755801
URL:www.hkcert.org/my_url/en/alert/15062401
URL:www.us-cert.gov/ncas/current-activity/2015/06/23/Adobe-Releases-Security-Updates-Flash-Player
URL:exchange.xforce.ibmcloud.com/vulnerabilities/104002
18. Vulnerabilities in Cisco Products
[24/06/2015] Vulnerabilities were identified in the Cisco WebEx Meeting Center, Cisco AnyConnect Secure Mobility Client for Windows, Cisco Nexus 9000 Series Software, Cisco Unified MeetingPlace, Cisco Wireless LAN Controller, Cisco Jabber for Windows and Cisco Identity Services Engine and Secure Access Control System. An attacker could bypass security restrictions, obtain sensitive information, execute arbitrary code, perform code injection attacks, cause a denial of service condition and crash the system. These vulnerabilities affect multiple firmware versions of the mentioned products. Security patches are available to resolve these vulnerabilities except the Cisco Jabber for Windows.
URL:tools.cisco.com/security/center/viewAlert.x?alertId=39458
URL:tools.cisco.com/security/center/viewAlert.x?alertId=39466
URL:tools.cisco.com/security/center/viewAlert.x?alertId=39467
URL:tools.cisco.com/security/center/viewAlert.x?alertId=39469
URL:tools.cisco.com/security/center/viewAlert.x?alertId=39470
URL:tools.cisco.com/security/center/viewAlert.x?alertId=39472
URL:tools.cisco.com/security/center/viewAlert.x?alertId=39494
URL:tools.cisco.com/security/center/viewAlert.x?alertId=39501
URL:exchange.xforce.ibmcloud.com/vulnerabilities/104003
URL:exchange.xforce.ibmcloud.com/vulnerabilities/104008
19. Vulnerability in Paintshop Pro X7 (104001)
[24/06/2015] Vulnerability was identified in the Paintshop Pro X7. An attacker could bypass security restrictions, gain elevated privileges and execute arbitrary code. This vulnerability affects multiple versions of the mentioned product. Security patches are available to resolve this vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/104001
20. Vulnerability in FTP To Zip plugin for WordPress (104015)
[24/06/2015] Vulnerability was identified in the FTP To Zip plugin for WordPress. An attacker could bypass security restrictions and execute arbitrary code. This vulnerability affects versions 1.8 of the mentioned product.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/104015
21. Security Updates in Oracle Linux (ELSA-2015-1135, ELSA-2015-1137, ELSA-2015-1153, ELSA-2015-1154)
[24/06/2015] Oracle has released security update packages for fixing the vulnerabilities identified in the php, kernel, mailman and libreswan packages for Oracle Linux 7. Due to multiple errors, an attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, cause a denial of service condition and compromise the system.
URL:linux.oracle.com/errata/ELSA-2015-1135.html
URL:linux.oracle.com/errata/ELSA-2015-1137.html
URL:linux.oracle.com/errata/ELSA-2015-1153.html
URL:linux.oracle.com/errata/ELSA-2015-1154.html
22. Security Updates in Gentoo Linux (GLSA 201506-04)
[24/06/2015] Gentoo has released security update packages for fixing the vulnerabilities identified in the chromium packages for multiple versions of Gentoo Linux. Due to multiple errors, an attacker could bypass security restrictions, execute arbitrary code, cause a denial of service condition and crash the system.
URL:security.gentoo.org/glsa/201506-04
23. Security Updates in Red Hat Enterprise Linux (RHSA-2015:1135-1)
[24/06/2015] Red Hat has released security update packages for fixing the vulnerabilities identified in the php packages for Red Hat Enterprise Linux 7. Due to multiple errors, an attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, cause a denial of service condition and compromise the system.
URL:rhn.redhat.com/errata/RHSA-2015-1135.html
24. Security Updates in SUSE (SUSE-SU-2015:1103-1)
[24/06/2015] SUSE has released security update packages for fixing the vulnerabilities identified in the e2fsprogs package of SUSE Linux Enterprise 11. Due to multiple errors, an attacker could bypass security restrictions, cause a denial of service condition and crash the system.
URL:lists.opensuse.org/opensuse-security-announce/2015-06/msg00019.html
25. Vulnerability in Apache Storm (103970)
[23/06/2015] Vulnerability was identified in the Apache Storm. An attacker could bypass security restrictions and execute arbitrary code. This vulnerability affects versions prior to 0.10.0-beta1 of the mentioned product. Security patches are available to resolve this vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/103970
26. Vulnerabilities in Apple OS X
[23/06/2015] Vulnerabilities were identified in the Apple OS X. An attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code and compromise the system. These vulnerabilities affect versions 10.10.3 and prior of the mentioned product.
URL:www.hkcert.org/my_url/en/alert/15062201
27. Vulnerabilities in Cisco Products
[23/06/2015] Vulnerabilities were identified in the Cisco Data Center Analytics Framework, Cisco Universal Broadband Routers, Cisco ASR 9000 Series Aggregation Services Routers and Cisco WebEx Meetings. An attacker could bypass security restrictions, obtain sensitive information, execute arbitrary code, perform cross-site scripting and cross-site request forgery attacks, cause a denial of service condition and crash the system. These vulnerabilities affect multiple firmware versions of the mentioned products. Security patches are available to resolve these vulnerabilities except the Cisco Data Center Analytics Framework.
URL:tools.cisco.com/security/center/viewAlert.x?alertId=39377
URL:tools.cisco.com/security/center/viewAlert.x?alertId=39423
URL:tools.cisco.com/security/center/viewAlert.x?alertId=39424
URL:tools.cisco.com/security/center/viewAlert.x?alertId=39439
URL:tools.cisco.com/security/center/viewAlert.x?alertId=39440
URL:tools.cisco.com/security/center/viewAlert.x?alertId=39455
URL:tools.cisco.com/security/center/viewAlert.x?alertId=39457
URL:tools.cisco.com/security/center/viewAlert.x?alertId=39459
URL:tools.cisco.com/security/center/viewAlert.x?alertId=39460
URL:exchange.xforce.ibmcloud.com/vulnerabilities/103963
URL:exchange.xforce.ibmcloud.com/vulnerabilities/103964
URL:exchange.xforce.ibmcloud.com/vulnerabilities/103965
URL:exchange.xforce.ibmcloud.com/vulnerabilities/103966
URL:exchange.xforce.ibmcloud.com/vulnerabilities/103967
28. Vulnerabilities in Symantec Data Loss Prevention (SYM15-006)
[23/06/2015] Vulnerabilities were identified in the Symantec Data Loss Prevention Enforce Server Administration Console. An attacker could bypass security restrictions, gain elevated privileges, execute arbitrary code, perform cross-site scripting and cross-site request forgery attacks. These vulnerabilities affect versions prior to 12.5.2 of the mentioned product. Security patches are available to resolve these vulnerabilities.
URL:www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2015&suid=20150622_00
29. Vulnerability in FreeRADIUS (103971)
[23/06/2015] Vulnerability was identified in the FreeRADIUS. An attacker could bypass security restrictions and execute arbitrary code. This vulnerability affects versions prior to 3.0.9 of the mentioned product. Security patches are available to resolve this vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/103971
30. Vulnerabilities in Google Chrome
[23/06/2015] Vulnerabilities were identified in the Google Chrome. An attacker could bypass security restrictions, obtain sensitive information, execute arbitrary code, cause a denial of service condition and compromise the system. These vulnerabilities affect versions prior to 43.0.2357.130 of the mentioned product. Security patches are available to resolve these vulnerabilities.
URL:googlechromereleases.blogspot.hk/2015/06/chrome-stable-update.html
URL:www.us-cert.gov/ncas/current-activity/2015/06/22/Google-Releases-Security-Update-Chrome
31. Security Updates in Gentoo Linux (GLSA 201506-02, GLSA 201506-03)
[23/06/2015] Gentoo has released security update packages for fixing the vulnerabilities identified in the openssl and gnutls packages for multiple versions of Gentoo Linux. Due to multiple errors, an attacker could bypass security restrictions, obtain sensitive information, cause a denial of service condition and crash the system.
URL:security.gentoo.org/glsa/201506-02
URL:security.gentoo.org/glsa/201506-03
32. Security Updates in SUSE (openSUSE-SU-2015:1092-1, openSUSE-SU-2015:1094-1, SUSE-SU-2015:1086-2)
[23/06/2015] SUSE has released security update packages for fixing the vulnerabilities identified in the xen package of openSUSE 13.1 and 13.2, and IBM Java 1.6.0 package of SUSE Linux Enterprise 11. Due to multiple errors, an attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, cause a denial of service condition and compromise the system.
URL:lists.opensuse.org/opensuse-security-announce/2015-06/msg00016.html
URL:lists.opensuse.org/opensuse-security-announce/2015-06/msg00017.html
URL:lists.opensuse.org/opensuse-security-announce/2015-06/msg00018.html
33. Security Updates in Ubuntu GNU/Linux (USN-2651-1)
[23/06/2015] Ubuntu has released security update packages for fixing the vulnerabilities identified in the GNU patch packages for versions 12.04 LTS, 14.04 LTS and 14.10 of Ubuntu GNU/Linux. Due to multiple errors, an attacker could bypass security restrictions, gain elevated privileges, execute arbitrary code, cause a denial of service condition and crash the system.
URL:www.ubuntu.com/usn/usn-2651-1/
34. Vulnerabilities in Cisco Products
[22/06/2015] Vulnerabilities were identified in the Cisco NX-OS Software, Cisco Web Security Appliance, Cisco Gateway General Packet Radio Service Support Node and Cisco uBR10000 Series Universal Broadband Routers. An attacker could bypass security restrictions, obtain sensitive information, execute arbitrary code, cause a denial of service condition and crash the system. These vulnerabilities affect multiple firmware versions of the mentioned products. Security patches are available to resolve these vulnerabilities except the Cisco Web Security Appliance.
URL:tools.cisco.com/security/center/viewAlert.x?alertId=39421
URL:tools.cisco.com/security/center/viewAlert.x?alertId=39422
URL:tools.cisco.com/security/center/viewAlert.x?alertId=39431
URL:tools.cisco.com/security/center/viewAlert.x?alertId=39432
URL:exchange.xforce.ibmcloud.com/vulnerabilities/103948
35. Vulnerabilities in Cacti (103949, 103950)
[22/06/2015] Vulnerabilities were identified in the Cacti. An attacker could bypass security restrictions, execute arbitrary code, perform code injection and cross-site scripting attacks. These vulnerabilities affect versions prior to 0.8.8d of the mentioned product. Security patches are available to resolve these vulnerabilities.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/103949
URL:exchange.xforce.ibmcloud.com/vulnerabilities/103950
36. Security Updates in Debian (DSA-3291-1, DSA-3292-1, DSA-3293-1)
[22/06/2015] Debian has released security update packages for fixing the vulnerabilities identified in the drupal7, cinder and pyjwt packages for multiple versions of Debian GNU/Linux. Due to multiple errors, an attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, cause a denial of service condition and compromise the system.
URL:www.debian.org/security/2015/dsa-3291
URL:www.debian.org/security/2015/dsa-3292
URL:www.debian.org/security/2015/dsa-3293
37. Security Updates in Gentoo Linux (GLSA 201506-01)
[22/06/2015] Gentoo has released security update packages for fixing the vulnerabilities identified in the adobe-flash packages for multiple versions of Gentoo Linux. Due to multiple errors, an attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, cause a denial of service condition and crash the system.
URL:security.gentoo.org/glsa/201506-01
38. Security Updates in Mageia (MGASA-2015-0244, MGASA-2015-0245, MGASA-2015-0246, MGASA-2015-0247)
[22/06/2015] Mageia has released security update packages for fixing the vulnerabilities identified in the redis, ffmpeg, openssl and cups packages for multiple versions of Mageia. Due to multiple errors, an attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, cause a denial of service condition and crash the system.
URL:advisories.mageia.org/MGASA-2015-0244.html
URL:advisories.mageia.org/MGASA-2015-0245.html
URL:advisories.mageia.org/MGASA-2015-0246.html
URL:advisories.mageia.org/MGASA-2015-0247.html
39. Security Updates in Ubuntu GNU/Linux (USN-2640-2, USN-2641-2, USN-2642-2, USN-2643-2, USN-2644-2, USN-2646-2)
[22/06/2015] Ubuntu has released security update packages for fixing the vulnerabilities identified in the linux, linux-ti-omap4, linux-lts-trusty and linux-lts-utopic packages for versions 12.04 LTS, 14.04 LTS and 14.10 of Ubuntu GNU/Linux. Due to multiple errors, an attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, cause a denial of service condition and compromise the system.
URL:www.ubuntu.com/usn/usn-2640-2/
URL:www.ubuntu.com/usn/usn-2641-2/
URL:www.ubuntu.com/usn/usn-2642-2/
URL:www.ubuntu.com/usn/usn-2643-2/
URL:www.ubuntu.com/usn/usn-2644-2/
URL:www.ubuntu.com/usn/usn-2646-2/
No comments:
Post a Comment