1. Vulnerabilities in Apache Products
[17/07/2015] Vulnerabilities were identified in the Apache HTTP Server and
Apache Groovy. An attacker could bypass security restrictions, execute arbitrary
code, cause a denial of service condition and crash the system. These
vulnerabilities affect multiple versions of the mentioned products. Security
patches are available to resolve these
vulnerabilities.
URL:httpd.apache.org/download.cgi#apache24
URL:groovy-lang.org/security.html
URL:www.hkcert.org/my_url/en/alert/15071701
URL:exchange.xforce.ibmcloud.com/vulnerabilities/104819
2. Vulnerability in Cisco Prime Collaboration Assurance
(40003)
[17/07/2015]
Vulnerability was identified in the Cisco Prime
Collaboration Assurance. An attacker could bypass security restrictions, cause a
denial of service condition and crash the system. This vulnerability affects
firmware version 10.0.0 of the mentioned product. Security patches are available
to resolve this
vulnerability.
URL:tools.cisco.com/security/center/viewAlert.x?alertId=40003
URL:exchange.xforce.ibmcloud.com/vulnerabilities/104831
3. Vulnerabilities in EMC Documentum Products (104820,
104821)
[17/07/2015]
Vulnerabilities were identified in the EMC
Documentum CenterStage, EMC Documentum WebTop and WebTop based client. An
attacker could bypass security restrictions, obtain sensitive information,
execute arbitrary code, perform cross-site scripting and phishing attacks. These
vulnerabilities affect multiple versions of the mentioned products. Security
patches are available to resolve these
vulnerabilities.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/104820
URL:exchange.xforce.ibmcloud.com/vulnerabilities/104821
4. Vulnerability in Path Breadcrumbs module for Drupal
(DRUPAL-SA-CONTRIB-2015-133)
[17/07/2015] Vulnerability was identified in the Path Breadcrumbs module
for Drupal. An attacker could bypass security restrictions, obtain sensitive
information, execute arbitrary code and perform cross-site scripting attacks.
This vulnerability affects versions prior to 7.x-3.3 of the mentioned product.
Security patches are available to resolve this
vulnerability.
URL:www.drupal.org/node/2533926
URL:exchange.xforce.ibmcloud.com/vulnerabilities/104815
5. Security Updates in Oracle Linux and Solaris
(ELSA-2015-1230, ELSA-2015-3049, ELSA-2015-3050)
[17/07/2015] Oracle has released security update packages for fixing the
vulnerabilities identified in the java-1.7.0-openjdk and kernel packages for
Oracle Linux 5 and 6. Due to multiple errors, an attacker could bypass security
restriction, obtain sensitive information, gain elevated privileges, execute
arbitrary code, cause a denial of service condition and compromise the
system.
URL:linux.oracle.com/errata/ELSA-2015-1230.html
URL:linux.oracle.com/errata/ELSA-2015-3049.html
URL:linux.oracle.com/errata/ELSA-2015-3050.html
6. Security Updates in Mageia
(MGASA-2015-0275)
[17/07/2015] Mageia has
released security update packages for fixing the vulnerabilities identified in
the flash-player-plugin package for multiple versions of Mageia. Due to multiple
errors, an attacker could bypass security restriction, gain elevated privileges,
execute arbitrary code and compromise the
system.
URL:advisories.mageia.org/MGASA-2015-0275.html
7. Security Updates in Red Hat Enterprise Linux
(RHSA-2015:1235-1)
[17/07/2015] Red Hat
has released security update packages for fixing the vulnerabilities identified
in the Adobe Flash Player packages for Red Hat Enterprise Linux 5 and 6. Due to
multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and compromise the
system.
URL:rhn.redhat.com/errata/RHSA-2015-1235.html
8. Vulnerabilities in Cisco Products
(cisco-sa-20150715-vds)
[16/07/2015] Vulnerabilities were identified in the Cisco Videoscape
Delivery System, Cisco Unified Intelligence Center, Cisco Packet Data Network
Gateway, Cisco WebEx Meetings Server and Cisco Email Security Appliance. An
attacker could bypass security restrictions, obtain sensitive information,
execute arbitrary code, perform cross-site scripting attacks, cause a denial of
service condition and crash the system. These vulnerabilities affect multiple
firmware versions of the mentioned products. Security patches are available to
resolve these vulnerabilities except the Cisco Email Security
Appliance.
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150715-vds
URL:tools.cisco.com/security/center/viewAlert.x?alertId=39920
URL:tools.cisco.com/security/center/viewAlert.x?alertId=39934
URL:tools.cisco.com/security/center/viewAlert.x?alertId=39938
URL:tools.cisco.com/security/center/viewAlert.x?alertId=39940
URL:exchange.xforce.ibmcloud.com/vulnerabilities/104800
URL:exchange.xforce.ibmcloud.com/vulnerabilities/104802
URL:exchange.xforce.ibmcloud.com/vulnerabilities/104806
9. Vulnerability in NetIQ Security Solutions
(104803)
[16/07/2015]
Vulnerability was identified in the NetIQ
Security Solutions for iSeries. An attacker could bypass security restrictions
and execute arbitrary code. This vulnerability affects version 8.1 of the
mentioned products. Security patches are available to resolve this
vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/104803
10.
Security Updates in Oracle Linux and
Solaris (ELSA-2015-1228, ELSA-2015-1229,
ELSA-2015-3048)
[16/07/2015] Oracle has
released security update packages for fixing the vulnerabilities identified in
the java-1.8.0-openjdk, java-1.7.0-openjdk and kernel packages for Oracle Linux
6 and 7. Due to multiple errors, an attacker could bypass security restriction,
obtain sensitive information, gain elevated privileges, execute arbitrary code,
cause a denial of service condition and compromise the
system.
URL:linux.oracle.com/errata/ELSA-2015-1228.html
URL:linux.oracle.com/errata/ELSA-2015-1229.html
URL:linux.oracle.com/errata/ELSA-2015-3048.html
11.
Security Updates in Red Hat Enterprise
Linux (RHSA-2015:1228-1, RHSA-2015:1229-1,
RHSA-2015:1230-1)
[16/07/2015] Red Hat
has released security update packages for fixing the vulnerabilities identified
in the java-1.8.0-openjdk and java-1.7.0-openjdk packages for Red Hat Enterprise
Linux 5, 6 and 7. Due to multiple errors, an attacker could bypass security
restrictions, obtain sensitive information, gain elevated privileges, execute
arbitrary code, cause a denial of service condition and compromise the
system.
URL:rhn.redhat.com/errata/RHSA-2015-1228.html
URL:rhn.redhat.com/errata/RHSA-2015-1229.html
URL:rhn.redhat.com/errata/RHSA-2015-1230.html
12.
Security Updates in Ubuntu GNU/Linux
(USN-2656-2)
[16/07/2015] Ubuntu has
released security update packages for fixing the vulnerabilities identified in
the firefox package for versions 12.04 LTS of Ubuntu GNU/Linux. Due to multiple
errors, an attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges, execute arbitrary code, cause a denial of
service condition and compromise the
system.
URL:www.ubuntu.com/usn/usn-2656-2/
13. Vulnerabilities in Microsoft Products (2974294,
3065718, 3067505, 3068457, 3069392, 3070102, 3072000, 3072604, 3072620, 3072630,
3072631, 3072633, 3073094, 3074162, 3076321, 3077657)
[15/07/2015] Vulnerabilities were identified in the Microsoft SQL Server,
Microsoft Internet Explorer, Microsoft Windows, Microsoft Office and Microsoft
Malicious Software Removal Tool (MSRT). An attacker could bypass security
restrictions, obtain sensitive information, gain elevated privileges, execute
arbitrary code, cause a denial of service condition and compromise the system.
These vulnerabilities affect multiple versions of the mentioned products.
Security patches are available to resolve these
vulnerabilities.
URL:technet.microsoft.com/en-us/library/security/ms15-jul.aspx
URL:technet.microsoft.com/library/security/MS15-058
URL:technet.microsoft.com/library/security/MS15-065
URL:technet.microsoft.com/library/security/MS15-066
URL:technet.microsoft.com/library/security/MS15-067
URL:technet.microsoft.com/library/security/MS15-068
URL:technet.microsoft.com/library/security/MS15-069
URL:technet.microsoft.com/library/security/MS15-070
URL:technet.microsoft.com/library/security/MS15-071
URL:technet.microsoft.com/library/security/MS15-072
URL:technet.microsoft.com/library/security/MS15-073
URL:technet.microsoft.com/library/security/MS15-074
URL:technet.microsoft.com/library/security/MS15-075
URL:technet.microsoft.com/library/security/MS15-076
URL:technet.microsoft.com/library/security/MS15-077
URL:technet.microsoft.com/en-us/library/security/2974294
URL:technet.microsoft.com/en-us/library/security/3074162
URL:www.hkcert.org/my_url/en/alert/15071507
URL:www.hkcert.org/my_url/en/alert/15071508
URL:www.hkcert.org/my_url/en/alert/15071509
URL:www.hkcert.org/my_url/en/alert/15071510
URL:www.hkcert.org/my_url/en/alert/15071511
URL:www.hkcert.org/my_url/en/alert/15071512
URL:www.hkcert.org/my_url/en/alert/15071513
URL:www.hkcert.org/my_url/en/alert/15071514
URL:www.hkcert.org/my_url/en/alert/15071515
URL:www.hkcert.org/my_url/en/alert/15071516
URL:www.hkcert.org/my_url/en/alert/15071517
URL:www.hkcert.org/my_url/en/alert/15071518
URL:www.hkcert.org/my_url/en/alert/15071519
URL:www.us-cert.gov/ncas/current-activity/2015/07/14/Microsoft-Releases-July-2015-Security-Bulletin
14.
Information Updates on Microsoft Security
Advisory (3057154)
[15/07/2015] Microsoft
has published Security Advisory KB3057154 for Microsoft Windows to enhance user
protection in environments where DES is still enabled for application
compatibility
reasons.
URL:technet.microsoft.com/en-us/library/security/3057154
15.
Vulnerabilities in Adobe Products
(APSB15-15, APSB15-17, APSB15-18)
[15/07/2015] Vulnerabilities were identified in the Adobe Acrobat and
Reader, Adobe Shockwave Player and Adobe Flash Player. An attacker could bypass
security restrictions, obtain sensitive information, gain elevated privileges,
execute arbitrary code, cause a denial of service condition and compromise the
system. These vulnerabilities affect multiple versions of the mentioned
products. Security patches are available to resolve these
vulnerabilities.
URL:helpx.adobe.com/security/products/acrobat/apsb15-15.html
URL:helpx.adobe.com/security/products/shockwave/apsb15-17.html
URL:helpx.adobe.com/security/products/flash-player/apsb15-18.html
URL:www.hkcert.org/my_url/en/alert/15071503
URL:www.hkcert.org/my_url/en/alert/15071504
URL:www.hkcert.org/my_url/en/alert/15071505
URL:www.kb.cert.org/vuls/id/338736
URL:www.kb.cert.org/vuls/id/918568
URL:www.us-cert.gov/ncas/current-activity/2015/07/11/Adobe-Flash-ActionScript-3-opaqueBackground-Use-After-Free
URL:www.us-cert.gov/ncas/current-activity/2015/07/14/Adobe-Releases-Security-Update-Shockwave-Player
URL:exchange.xforce.ibmcloud.com/vulnerabilities/104569
URL:exchange.xforce.ibmcloud.com/vulnerabilities/104570
16.
Security Updates in Oracle
Products
[15/07/2015]
Oracle has released security update packages for
fixing the vulnerabilities identified in the Oracle Database Server, Oracle
Fusion Applications and Middleware, Oracle Enterprise Manager Grid Control,
Oracle E-Business Suite, Oracle Supply Chain Products Suite, Oracle PeopleSoft
Products, Oracle JD Edwards Products, Oracle Siebel CRM, Oracle iLearning,
Oracle Communications Applications, Oracle Retail Applications, Oracle Health
Sciences Applications, Oracle Java SE, Oracle and Sun Systems Products, Oracle
Linux and Virtualization, Oracle MySQL and Support Tools. Due to multiple
errors, an attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges, execute arbitrary code, cause a denial of
service condition and compromise the system. Security patches are available to
resolve these
vulnerabilities.
URL:www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
URL:www.hkcert.org/my_url/en/alert/15071506
URL:www.us-cert.gov/ncas/current-activity/2015/07/14/Oracle-Releases-July-2015-Security-Advisory
17.
Vulnerabilities in Cisco
Products
[15/07/2015]
Vulnerabilities were identified in the Cisco
Identity Services Engine, Cisco TelePresence Integrator C Series devices, Cisco
Packet Data Network Gateway and Cisco Adaptive Security Appliance. An attacker
could bypass security restrictions, execute arbitrary code, perform code
injection and cross-site scripting attacks, cause a denial of service condition
and crash the system. These vulnerabilities affect multiple firmware versions of
the mentioned products. Security patches are available to resolve these
vulnerabilities.
URL:tools.cisco.com/security/center/viewAlert.x?alertId=39871
URL:tools.cisco.com/security/center/viewAlert.x?alertId=39872
URL:tools.cisco.com/security/center/viewAlert.x?alertId=39880
URL:tools.cisco.com/security/center/viewAlert.x?alertId=39907
URL:tools.cisco.com/security/center/viewAlert.x?alertId=39919
URL:exchange.xforce.ibmcloud.com/vulnerabilities/104562
URL:exchange.xforce.ibmcloud.com/vulnerabilities/104564
URL:exchange.xforce.ibmcloud.com/vulnerabilities/104568
18.
Vulnerabilities in F5 Products
(SOL16954)
[15/07/2015]
Vulnerabilities were identified in the F5 BIG-IP
LTM, BIG-IP AAM, BIG-IP AFM, BIG-IP Analytics, BIG-IP APM, BIG-IP ASM, BIG-IP
Edge Gateway, BIG-IP GTM, BIG-IP Link Controller, BIG-IP PEM, BIG-IP PSM, BIG-IP
WebAccelerator, BIG-IP WOM, Enterprise Manager, BIG-IQ Cloud, BIG-IQ Device,
BIG-IQ Security and BIG-IQ ADC. An attacker could bypass security restrictions,
execute arbitrary code, cause a denial of service condition and crash the
system. These vulnerabilities affect multiple versions of the mentioned
products. Security patches are available to resolve these
vulnerabilities.
URL:support.f5.com/kb/en-us/solutions/public/16000/900/sol16954.html
19.
Vulnerabilities in Juniper Junos OS with
J-Web (JSA10682)
[15/07/2015] Vulnerabilities were identified in the Juniper Junos OS with
J-Web. An attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges, execute arbitrary code, perform cross
site scripting attacks, cause a denial of service condition and crash the
system. These vulnerabilities affect multiple versions of the mentioned product.
Security patches are available to resolve these
vulnerabilities.
URL:kb.juniper.net/index?page=content&id=JSA10682
20.
Vulnerability in BlackBerry Link
(BSRT-2015-001)
[15/07/2015] Vulnerability was identified in the BlackBerry Link. An
attacker could bypass security restrictions, gain elevated privileges, execute
arbitrary code and compromise the system. This vulnerability affects versions
prior to 1.2.3.53 of the mentioned product. Security patches are available to
resolve this
vulnerability.
URL:btsc.webapps.blackberry.com/btsc/dynamickc.do?externalId=KB37207&sliceID=1&command=show&forward=nonthreadedKC&kcId=KB37207
21.
Vulnerabilities in Samsung SyncThru
(104565)
[15/07/2015]
Vulnerabilities were identified in the Samsung
SyncThru. An attacker could bypass security restrictions, gain elevated
privileges, execute arbitrary code, cause a denial of service condition and
compromise the system. These vulnerabilities affect versions prior to 6 v1.0 of
the mentioned product. Security patches are available to resolve these
vulnerabilities.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/104565
22.
Security Updates in Oracle Linux and
Solaris (ELSA-2015-1221)
[15/07/2015] Oracle has
released security update packages for fixing the vulnerabilities identified in
the kernel package for Oracle Linux 6, Apache Tomcat and X.Org packages for
Oracle Solaris 10 and 11.1. Due to multiple errors, an attacker could bypass
security restriction, obtain sensitive information, gain elevated privileges,
execute arbitrary code, cause a denial of service condition and compromise the
system.
URL:linux.oracle.com/errata/ELSA-2015-1221.html
URL:blogs.oracle.com/sunsecurity/entry/cve_2014_0075_numeric_errors
URL:blogs.oracle.com/sunsecurity/entry/cve_2014_0096_permissions_privileges
URL:blogs.oracle.com/sunsecurity/entry/cve_2014_0099_numeric_errors
URL:blogs.oracle.com/sunsecurity/entry/cve_2014_0119_permissions_privileges
URL:blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_apache_tomcat4
URL:blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_x_org2
23.
Security Updates in Red Hat Enterprise
Linux (RHSA-2015:1221-1)
[15/07/2015] Red Hat
has released security update packages for fixing the vulnerabilities identified
in the kernel package for Red Hat Enterprise Linux 6. Due to multiple errors, an
attacker could bypass security restrictions, obtain sensitive information, gain
elevated privileges, execute arbitrary code, cause a denial of service condition
and compromise the
system.
URL:rhn.redhat.com/errata/RHSA-2015-1221.html
24.
Vulnerabilities in Cisco
Products
[14/07/2015]
Vulnerabilities were identified in the Cisco
Identity Services Engine, Cisco Unified Communications Manager and Cisco
FireSIGHT Management Center. An attacker could bypass security restrictions,
obtain sensitive information, execute arbitrary code, perform code injection and
cross-site scripting attacks, cause a denial of service condition and crash the
system. These vulnerabilities affect multiple firmware versions of the mentioned
products.
URL:tools.cisco.com/security/center/viewAlert.x?alertId=39873
URL:tools.cisco.com/security/center/viewAlert.x?alertId=39877
URL:tools.cisco.com/security/center/viewAlert.x?alertId=39879
URL:tools.cisco.com/security/center/viewAlert.x?alertId=39905
URL:exchange.xforce.ibmcloud.com/vulnerabilities/104545
25.
Vulnerability in F5 BIG-IP Edge Clients
for Windows (SOL16903)
[14/07/2015] Vulnerability was identified in the F5 BIG-IP Edge Clients
for Windows. An attacker could bypass security restrictions, obtain sensitive
information, execute arbitrary code and perform cipher-downgrade attacks. This
vulnerability affects versions 6035.x - 7110.x of the mentioned product.
Security patches are available to resolve this vulnerability as recommended in
Microsoft Security Bulletin
MS15-031.
URL:support.f5.com/kb/en-us/solutions/public/16000/900/sol16903.html
26.
Vulnerabilities in Moodle (MSA-15-0026,
MSA-15-0027, MSA-15-0028, MSA-15-0029)
[14/07/2015] Vulnerabilities were identified in the Moodle. An attacker
could bypass security restrictions, obtain sensitive information, execute
arbitrary code and perform cross-site scripting attacks. These vulnerabilities
affect multiple versions of the mentioned product. Security patches are
available to resolve these
vulnerabilities.
URL:moodle.org/security/
URL:exchange.xforce.ibmcloud.com/vulnerabilities/104541
URL:exchange.xforce.ibmcloud.com/vulnerabilities/104542
URL:exchange.xforce.ibmcloud.com/vulnerabilities/104543
URL:exchange.xforce.ibmcloud.com/vulnerabilities/104544
27.
Vulnerabilities in SAP Products (104276,
104511)
[14/07/2015]
Vulnerabilities were identified in the SAP ECC
and SAP Afaria. An attacker could bypass security restrictions and gain elevated
privileges. These vulnerabilities affect multiple versions of the mentioned
products. Security patches are available to resolve these
vulnerabilities.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/104276
URL:exchange.xforce.ibmcloud.com/vulnerabilities/104511
28.
Security Updates in Red Hat Enterprise
Linux (RHSA-2015:1120-2)
[14/07/2015] Red Hat
has released security update packages for fixing the vulnerability identified in
the kernel package for Red Hat Enterprise Linux 5.9 Advanced Update Support. An
attacker could bypass security restrictions, gain elevated privileges, execute
arbitrary code, cause a denial of service condition and crash the
system.
URL:rhn.redhat.com/errata/RHSA-2015-1120.html
29.
Security Updates in SUSE
(openSUSE-SU-2015:1229-1)
[14/07/2015] SUSE has
released security update packages for fixing the vulnerabilities identified in
the MozillaFirefox and mozilla-nss packages of openSUSE 13.1 and 13.2. Due to
multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and compromise the
system.
URL:lists.opensuse.org/opensuse-security-announce/2015-07/msg00025.html
30.
Vulnerabilities in Adobe Flash Player
(APSA15-04)
[13/07/2015] Vulnerabilities were identified in the Adobe Flash Player. An
attacker could bypass security restrictions, obtain sensitive information,
execute arbitrary code, cause a denial of service condition and compromise the
system. These vulnerabilities affect multiple versions of the mentioned
product.
URL:helpx.adobe.com/security/products/flash-player/apsa15-04.html
URL:www.kb.cert.org/vuls/id/338736
URL:www.kb.cert.org/vuls/id/918568
URL:www.us-cert.gov/ncas/current-activity/2015/07/11/Adobe-Flash-ActionScript-3-opaqueBackground-Use-After-Free
31.
Vulnerabilities in Apple OS X
(HT202681)
[13/07/2015]
Vulnerabilities were identified in the Apple OS
X. An attacker could bypass security restrictions, obtain sensitive information,
gain elevated privileges, execute arbitrary code, cause a denial of service
condition and compromise the system. These vulnerabilities affect multiple
versions of the mentioned products. Security patches are available to resolve
these
vulnerabilities.
URL:support.apple.com/en-us/HT202681
32.
Vulnerabilities in Cisco Products
(cisco-sa-20150710-openssl)
[13/07/2015] Vulnerabilities were identified in the multiple Cisco
Products. An attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges, execute arbitrary code, perform code
injection and cross-site scripting attacks, and compromise the system. These
vulnerabilities affect multiple firmware versions of the mentioned products.
Security patches are available to resolve these vulnerabilities except the Cisco
TelePresence Advanced Media Gateway and Cisco Mobility Services
Engine.
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150710-openssl
URL:tools.cisco.com/security/center/viewAlert.x?alertId=39782
URL:tools.cisco.com/security/center/viewAlert.x?alertId=39785
URL:tools.cisco.com/security/center/viewAlert.x?alertId=39797
URL:tools.cisco.com/security/center/viewAlert.x?alertId=39825
URL:exchange.xforce.ibmcloud.com/vulnerabilities/104521
URL:exchange.xforce.ibmcloud.com/vulnerabilities/104523
33.
Vulnerabilities in Novell Products
(5214311)
[13/07/2015]
Vulnerabilities were identified in the Novell
NetIQ Sentinel. An attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges, execute arbitrary code, cause a denial of
service condition and crash the system. These vulnerabilities affect multiple
versions of the mentioned products. Security patches are available to resolve
these
vulnerabilities.
URL:download.novell.com/Download?buildid=QhraQvuhtlA~
34.
Vulnerabilities in F5 Products (SOL16945,
SOL16949, SOL16950)
[13/07/2015] Vulnerabilities were identified in the F5 BIG-IP LTM, BIG-IP
AAM, BIG-IP AFM, BIG-IP Analytics, BIG-IP APM, BIG-IP ASM, BIG-IP Edge Gateway,
BIG-IP GTM, BIG-IP Link Controller, BIG-IP PEM, BIG-IP PSM, BIG-IP
WebAccelerator, BIG-IP WOM, ARX, Enterprise Manager, BIG-IQ Cloud, BIG-IQ
Device, BIG-IQ Security, BIG-IQ ADC and Traffix SDC. An attacker could bypass
security restrictions, obtain sensitive information, gain elevated privileges,
execute arbitrary code, cause a denial of service condition and crash the
system. These vulnerabilities affect multiple versions of the mentioned
products. Security patches are available to resolve these
vulnerabilities.
URL:support.f5.com/kb/en-us/solutions/public/16000/900/sol16945.html
URL:support.f5.com/kb/en-us/solutions/public/16000/900/sol16949.html
URL:support.f5.com/kb/en-us/solutions/public/16000/900/sol16950.html
35.
Vulnerability in VMware Products
(VMSA-2015-0005)
[13/07/2015] Vulnerability was identified in the VMware Workstation,
VMware Player and VMware Horizon View Client for Windows. An attacker could
bypass security restrictions and gain elevated privileges. This vulnerability
affects multiple versions of the mentioned products. Security patches are
available to resolve this
vulnerability.
URL:www.vmware.com/security/advisories/VMSA-2015-0005.html
URL:www.us-cert.gov/ncas/current-activity/2015/07/10/VMware-Releases-Security-Advisory
URL:exchange.xforce.ibmcloud.com/vulnerabilities/104519
36.
Vulnerability in EMC RecoverPoint
(104522)
[13/07/2015]
Vulnerability was identified in the EMC
RecoverPoint for VMs Installation Manager. An attacker could bypass security
restrictions and gain elevated privileges. This vulnerability affects version
4.2 of the mentioned product. Security patches are available to resolve this
vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/104522
37.
Security Updates in Debian (DSA-3306-1,
DSA-3307-1)
[13/07/2015] Debian has
released security update packages for fixing the vulnerabilities identified in
the pdns and pdns-recursor packages for multiple versions of Debian GNU/Linux.
Due to multiple errors, an attacker could bypass security restrictions, cause a
denial of service condition and crash the
system.
URL:www.debian.org/security/2015/dsa-3306
URL:www.debian.org/security/2015/dsa-3307
38.
Security Updates in Gentoo Linux (GLSA
201507-10, GLSA 201507-11, GLSA 201507-12, GLSA 201507-13, GLSA 201507-14, GLSA
201507-15, GLSA 201507-16, GLSA 201507-17, GLSA 201507-18, GLSA
201507-19)
[13/07/2015]
Gentoo has released security update packages for
fixing the vulnerabilities identified in the t1utils, perl, libcapsinetwork,
adobe-flash, oracle-jre-bin, openssl, portage, net-snmp, chromium and mysql
packages for multiple versions of Gentoo Linux. Due to multiple errors, an
attacker could bypass security restrictions, obtain sensitive information, gain
elevated privileges, execute arbitrary code, cause a denial of service condition
and compromise the
system.
URL:security.gentoo.org/glsa/201507-10
URL:security.gentoo.org/glsa/201507-11
URL:security.gentoo.org/glsa/201507-12
URL:security.gentoo.org/glsa/201507-13
URL:security.gentoo.org/glsa/201507-14
URL:security.gentoo.org/glsa/201507-15
URL:security.gentoo.org/glsa/201507-16
URL:security.gentoo.org/glsa/201507-17
URL:security.gentoo.org/glsa/201507-18
URL:security.gentoo.org/glsa/201507-19
39.
Security Updates in Mageia
(MGASA-2015-0274)
[13/07/2015] Mageia has
released security update packages for fixing the vulnerability identified in the
openssl packages for multiple versions of Mageia. Due to multiple errors, an
attacker could bypass security restrictions and obtain sensitive
information.
URL:advisories.mageia.org/MGASA-2015-0274.html
40.
Security Updates in Slackware
(SSA:2015-192-01)
[13/07/2015] Slackware
has released security update packages for fixing the vulnerability identified in
the mozilla-thunderbird packages for multiple versions of Slackware Linux. An
attacker could bypass security restriction, obtain sensitive information, gain
elevated privileges, execute arbitrary code, cause a denial of service condition
and compromise the
system.
URL:www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.360005
41.
Security Updates in SUSE
(SUSE-SU-2015:1224-1, SUSE-SU-2015:1177-2)
[13/07/2015] SUSE has
released security update packages for fixing the vulnerabilities identified in
the Linux Kernel and MySQL packages of SUSE Linux Enterprise 11. Due to multiple
errors, an attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges, execute arbitrary code, cause a denial of
service condition and compromise the
system.
URL:lists.opensuse.org/opensuse-security-announce/2015-07/msg00023.html
URL:lists.opensuse.org/opensuse-security-announce/2015-07/msg00024.html
No comments:
Post a Comment