1. Vulnerabilities in Cisco Products
(cisco-sa-20150730-asr1k)
[31/07/2015] Vulnerabilities were identified in the Cisco ASR 1000 Series
Aggregation Services Routers, Cisco AnyConnect Secure Mobilty Client, Cisco
Prime Central Hosted Collaboration Solution, Cisco IM and Presence Service,
Cisco IOS-XE Software and Cisco Unified Communications Manager. An attacker
could bypass security restrictions, obtain sensitive information, execute
arbitrary code, perform cross-site scripting attacks, cause a denial of service
condition and crash the system. These vulnerabilities affect multiple firmware
versions of the mentioned products. Security patches are available to resolve
these vulnerabilities except the Cisco Prime Central Hosted Collaboration
Solution and Cisco Unified Communications
Manager.
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150730-asr1k
URL:tools.cisco.com/security/center/viewAlert.x?alertId=40175
URL:tools.cisco.com/security/center/viewAlert.x?alertId=40214
URL:tools.cisco.com/security/center/viewAlert.x?alertId=40215
URL:tools.cisco.com/security/center/viewAlert.x?alertId=40217
URL:tools.cisco.com/security/center/viewAlert.x?alertId=40223
URL:www.us-cert.gov/ncas/current-activity/2015/07/30/Cisco-Releases-Security-Updates
URL:exchange.xforce.ibmcloud.com/vulnerabilities/105203
URL:exchange.xforce.ibmcloud.com/vulnerabilities/105222
2. Vulnerabilities in Symantec Endpoint Protection
(SYM15-007)
[31/07/2015] Vulnerabilities were identified in the Symantec Endpoint
Protection Manager and Clients. An attacker could bypass security restrictions,
obtain sensitive information, gain elevated privileges, execute arbitrary code
and perform code injection attacks. These vulnerabilities affect versions prior
to 12.1-RU6-MP1 of the mentioned products. Security patches are available to
resolve these
vulnerabilities.
URL:www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2015&suid=20150730_00
3. Vulnerability in Multiple BIOS implementations
(VU#577140)
[31/07/2015] Vulnerability was identified in multiple BIOS
implementations. An attacker could bypass security restrictions, cause a denial
of service condition and execute arbitrary code. This vulnerability affects
multiple Vendor BIOS implementations. Security patches are available to resolve
this
vulnerability.
URL:www.kb.cert.org/vuls/id/577140
URL:exchange.xforce.ibmcloud.com/vulnerabilities/105219
4. Vulnerability in Dell NetVault Backup
(105220)
[31/07/2015]
Vulnerability was identified in the Dell
NetVault Backup. An attacker could bypass security restrictions, cause a denial
of service condition and crash the system. This vulnerability affects versions
prior to 10.0.5 of the mentioned product. Security patches are available to
resolve this
vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/105220
5. Vulnerability in F5 Products
(SOL17025)
[31/07/2015]
Vulnerability was identified in the F5 BIG-IP
GTM. An attacker could bypass security restrictions, cause a denial of service
condition and crash the system. This vulnerability affects versions 10.0.0 -
10.1.0 of the mentioned product. Security patches are available to resolve this
vulnerability.
URL:support.f5.com/kb/en-us/solutions/public/17000/000/sol17025.html
6. Vulnerability in Huawei eCloud CC solution
(HW-445981)
[31/07/2015] Vulnerability was identified in the Huawei eCloud CC
solution. An attacker could bypass security restrictions and execute arbitrary
code. This vulnerability affects multiple versions of the mentioned product.
Security patches are available to resolve this
vulnerability.
URL:www.huawei.com/en/security/psirt/security-bulletins/security-notices/archive/hw-445981.htm
7. Security Updates in Oracle Linux (ELSA-2015-1526,
ELSA-2015-3064)
[31/07/2015] Oracle has
released security update packages for fixing the vulnerabilities identified in
the java-1.6.0-openjdk and kernel-uek packages for Oracle Linux 6 and 7. Due to
multiple errors, an attacker could bypass security restriction, obtain sensitive
information, gain elevated privileges, execute arbitrary code, cause a denial of
service condition and compromise the
system.
URL:linux.oracle.com/errata/ELSA-2015-1526.html
URL:linux.oracle.com/errata/ELSA-2015-3064.html
8. Security Updates in Debian (DSA-3320-1,
DSA-3321-1)
[31/07/2015] Debian has
released security update packages for fixing the vulnerabilities identified in
the openafs and xmltooling package for multiple versions of Debian GNU/Linux. An
attacker could bypass security restrictions, obtain sensitive information,
execute arbitrary code, cause a denial of service condition and crash the
system.
URL:www.debian.org/security/2015/dsa-3320
URL:www.debian.org/security/2015/dsa-3321
9. Security Updates in Mageia
(MGASA-2015-0296)
[31/07/2015] Mageia has
released security update packages for fixing the vulnerability identified in the
groovy package for multiple versions of Mageia. Due to multiple errors, an
attacker could bypass security restrictions and execute arbitrary
code.
URL:advisories.mageia.org/MGASA-2015-0296.html
10.
Security Updates in Red Hat Enterprise
Linux (RHSA-2015:1526-1)
[31/07/2015] Red Hat
has released security update packages for fixing the vulnerabilities identified
in the java-1.6.0-openjdk packages for Red Hat Enterprise Linux 5, 6 and 7. Due
to multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and compromise the
system.
URL:rhn.redhat.com/errata/RHSA-2015-1526.html
11.
Security Updates in SUSE
(SUSE-SU-2015:1316-1, SUSE-SU-2015:1319-1, SUSE-SU-2015:1320-1,
SUSE-SU-2015:1322-1)
[31/07/2015] SUSE has
released security update packages for fixing the vulnerabilities identified in
the bind and java-1_7_0-openjdk packages of SUSE Linux Enterprise 10, 11 and 12.
Due to multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and compromise the
system.
URL:lists.opensuse.org/opensuse-security-announce/2015-07/msg00045.html
URL:lists.opensuse.org/opensuse-security-announce/2015-07/msg00046.html
URL:lists.opensuse.org/opensuse-security-announce/2015-07/msg00047.html
URL:lists.opensuse.org/opensuse-security-announce/2015-07/msg00048.html
12.
Security Updates in Ubuntu GNU/Linux
(USN-2696-1, USN-2697-1, USN-2698-1, USN-2699-1)
[31/07/2015] Ubuntu has released security update packages for fixing the
vulnerabilities identified in the openjdk-7, ghostscript, sqlite3 and hplip
package for versions 12.04 LTS, 14.04 LTS and 15.04 of Ubuntu GNU/Linux. Due to
multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and compromise the
system.
URL:www.ubuntu.com/usn/usn-2696-1/
URL:www.ubuntu.com/usn/usn-2697-1/
URL:www.ubuntu.com/usn/usn-2698-1/
URL:www.ubuntu.com/usn/usn-2699-1/
13.
Information Updates on Microsoft Security
Advisory and Bulletins (2755801, 3072630, 3072631,
3079904)
[30/07/2015]
Microsoft has updated information on the
Security Advisory and Security Bulletins for Microsoft Internet Explorer and
Microsoft Windows. (a) KB2755801 added the 3074683 update for Windows 10 systems
to the Current Update section. (b) MS15-069 was revised to correct the Desktop
Experience footnote in the Affected Software section. (c) MS15-074 was
rereleased to announce the availability of an update package for Windows 10
systems. (d) MS15-078 was rereleased to announce the availability of an update
package for Windows 10
systems.
URL:technet.microsoft.com/en-us/library/security/2755801
URL:technet.microsoft.com/en-us/library/security/MS15-069
URL:technet.microsoft.com/en-us/library/security/MS15-074
URL:technet.microsoft.com/en-us/library/security/MS15-078
14.
Vulnerabilities in IBM WebSphere
Application Server
[30/07/2015] Vulnerabilities were identified in the IBM WebSphere
Application Server. An attacker could obtain sensitive information and cause a
denial of service condition. These vulnerabilities affect multiple versions of
the mentioned product. Security patches are available to resolve these
vulnerabilities.
URL:www-01.ibm.com/support/docview.wss?uid=swg21962931
15.
Vulnerabilities in OpenStack Products
(105132, 105198, 105199)
[30/07/2015] Vulnerabilities were identified in the OpenStack Glance and
OpenStack Designate. An attacker could bypass security restrictions and cause a
denial of service condition. These vulnerabilities affect multiple versions of
the mentioned products. Security patches are available to resolve these
vulnerabilities.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/105132
URL:exchange.xforce.ibmcloud.com/vulnerabilities/105198
URL:exchange.xforce.ibmcloud.com/vulnerabilities/105199
16.
Security Updates in Oracle Linux
(ELSA-2015-1419, ELSA-2015-1471, ELSA-2015-1482, ELSA-2015-1513, ELSA-2015-1514,
ELSA-2015-1515, ELSA-2015-3053)
[30/07/2015] Oracle has
released security update packages for fixing the vulnerabilities identified in
the libxml2, bind, libuser, bind97 and kernel packages for Oracle Linux 5, 6 and
7. Due to multiple errors, an attacker could cause a denial of service
condition, gain elevated privileges and crash the
system.
URL:linux.oracle.com/errata/ELSA-2015-1419.html
URL:linux.oracle.com/errata/ELSA-2015-1471.html
URL:linux.oracle.com/errata/ELSA-2015-1482.html
URL:linux.oracle.com/errata/ELSA-2015-1513.html
URL:linux.oracle.com/errata/ELSA-2015-1514.html
URL:linux.oracle.com/errata/ELSA-2015-1515.html
URL:linux.oracle.com/errata/ELSA-2015-3053.html
17.
Security Updates in Red Hat Gluster
Storage (RHSA-2015:1495-1)
[30/07/2015] Red Hat
has released security update packages for fixing the vulnerabilities identified
in version 3.0 of Red Hat Gluster Storage. Due to multiple errors, an attacker
could bypass security restrictions and execute arbitrary
code.
URL:rhn.redhat.com/errata/RHSA-2015-1495.html
18.
Security Updates in Ubuntu GNU/Linux
(USN-2694-1, USN-2695-1)
[30/07/2015] Ubuntu has
released security update packages for fixing the vulnerabilities identified in
the PCRE and HTML Tidy packages for versions 12.04 LTS, 14.04 LTS and 15.04 of
Ubuntu GNU/Linux. Due to multiple errors, an attacker could crash the system,
cause a denial of service condition and execute arbitrary
code.
URL:www.ubuntu.com/usn/usn-2694-1/
URL:www.ubuntu.com/usn/usn-2695-1/
19.
Vulnerability in BIND
(AA-01272)
[29/07/2015]
Vulnerability was identified in the BIND. An
attacker could bypass security restrictions, cause a denial of service condition
and crash the system. This vulnerability affects versions prior to 9.9.7-P2 or
9.10.2-P3 of the mentioned products. Security patches are available to resolve
this
vulnerability.
URL:kb.isc.org/article/AA-01272
URL:www.us-cert.gov/ncas/current-activity/2015/07/28/Internet-Systems-Consortium-ISC-Releases-Security-Updates-BIND
URL:exchange.xforce.ibmcloud.com/vulnerabilities/105120
20.
Vulnerabilities in Cisco
Products
[29/07/2015]
Vulnerabilities were identified in the Cisco UCS
Central Software and Cisco AnyConnect Secure Mobility Client. An attacker could
bypass security restrictions, obtain sensitive information, execute arbitrary
code, cause a denial of service condition and crash the system. These
vulnerabilities affect multiple firmware versions of the mentioned products.
Security patches are available to resolve these
vulnerabilities.
URL:tools.cisco.com/security/center/viewAlert.x?alertId=40151
URL:tools.cisco.com/security/center/viewAlert.x?alertId=40176
21.
Vulnerabilities in F5 Products (SOL16909,
SOL16912)
[29/07/2015]
Vulnerabilities were identified in the F5 BIG-IP
LTM, BIG-IP AAM, BIG-IP AFM, BIG-IP Analytics, BIG-IP APM, BIG-IP ASM, BIG-IP
Edge Gateway, BIG-IP GTM, BIG-IP Link Controller, BIG-IP PEM, BIG-IP PSM, BIG-IP
WebAccelerator, BIG-IP WOM, Enterprise Manager, BIG-IQ Cloud, BIG-IQ Device,
BIG-IQ Security and BIG-IQ ADC. An attacker could bypass security restrictions,
obtain sensitive information, cause a denial of service condition and crash the
system. These vulnerabilities affect multiple versions of the mentioned
products. Security patches are available to resolve these
vulnerabilities.
URL:support.f5.com/kb/en-us/solutions/public/16000/900/sol16909.html
URL:support.f5.com/kb/en-us/solutions/public/16000/900/sol16912.html
22.
Vulnerability in Foxit Reader
(105109)
[29/07/2015]
Vulnerability was identified in the Foxit
Reader. An attacker could bypass security restrictions and execute arbitrary
code. This vulnerability affects versions 7.0.8, 7.0.9 and 7.1.5 of the
mentioned
product.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/105109
23.
Vulnerabilities in Android
Stagefright
[29/07/2015] Vulnerabilities were identified in the Android Stagefright
media playback service. An attacker could bypass security restrictions, execute
arbitrary code and compromise the system. These vulnerabilities affect firmware
versions prior to 5.1.1_r5 of the mentioned
products.
URL:www.hkcert.org/my_url/en/alert/15072901
URL:www.kb.cert.org/vuls/id/924951
URL:www.us-cert.gov/ncas/current-activity/2015/07/28/%E2%80%9CStagefright%E2%80%9D-Android-Vulnerability
URL:exchange.xforce.ibmcloud.com/vulnerabilities/105118
24.
Security Updates in Oracle Linux
(ELSA-2015-1249, ELSA-2015-1254, ELSA-2015-1272, ELSA-2015-1287, ELSA-2015-1330,
ELSA-2015-1344, ELSA-2015-1347, ELSA-2015-1378, ELSA-2015-1385, ELSA-2015-1409,
ELSA-2015-1417, ELSA-2015-1419, ELSA-2015-1439, ELSA-2015-1447, ELSA-2015-1457,
ELSA-2015-1458, ELSA-2015-1459, ELSA-2015-1460,
ELSA-2015-1462)
[29/07/2015] Oracle has
released security update packages for fixing the vulnerabilities identified in
the httpd, curl, kernel, freeradius, python, autofs, pki-core, hivex, net-snmp,
sudo, mailman, libxml2, wpa_supplicant, grep, gnutls, libreoffice, ntp,
wireshark and ipa packages for Oracle Linux 6. Due to multiple errors, an
attacker could bypass security restriction, obtain sensitive information, gain
elevated privileges, execute arbitrary code, cause a denial of service condition
and compromise the
system.
URL:linux.oracle.com/errata/ELSA-2015-1249.html
URL:linux.oracle.com/errata/ELSA-2015-1254.html
URL:linux.oracle.com/errata/ELSA-2015-1272.html
URL:linux.oracle.com/errata/ELSA-2015-1287.html
URL:linux.oracle.com/errata/ELSA-2015-1330.html
URL:linux.oracle.com/errata/ELSA-2015-1344.html
URL:linux.oracle.com/errata/ELSA-2015-1347.html
URL:linux.oracle.com/errata/ELSA-2015-1378.html
URL:linux.oracle.com/errata/ELSA-2015-1385.html
URL:linux.oracle.com/errata/ELSA-2015-1409.html
URL:linux.oracle.com/errata/ELSA-2015-1417.html
URL:linux.oracle.com/errata/ELSA-2015-1419.html
URL:linux.oracle.com/errata/ELSA-2015-1439.html
URL:linux.oracle.com/errata/ELSA-2015-1447.html
URL:linux.oracle.com/errata/ELSA-2015-1457.html
URL:linux.oracle.com/errata/ELSA-2015-1458.html
URL:linux.oracle.com/errata/ELSA-2015-1459.html
URL:linux.oracle.com/errata/ELSA-2015-1460.html
URL:linux.oracle.com/errata/ELSA-2015-1462.html
25.
Security Updates in Debian
(DSA-3319-1)
[29/07/2015] Debian has
released security update packages for fixing the vulnerability identified in the
bind9 package for multiple versions of Debian GNU/Linux. An attacker could
bypass security restrictions, execute arbitrary code, cause a denial of service
condition and crash the
system.
URL:www.debian.org/security/2015/dsa-3319
26.
Security Updates in FreeBSD
(FreeBSD-SA-15:14.bsdpatch, FreeBSD-SA-15:15.tcp, FreeBSD-SA-15:16.openssh,
FreeBSD-SA-15:17.bind)
[29/07/2015] FreeBSD
has released security update packages for fixing the vulnerability identified in
the patch, inet, openssh and bind packages for multiple versions of FreeBSD
Linux. Due to multiple errors, an attacker could bypass security restriction,
obtain sensitive information, gain elevated privileges, execute arbitrary code,
cause a denial of service condition and compromise the
system.
URL:www.freebsd.org/security/advisories/FreeBSD-SA-15:14.bsdpatch.asc
URL:www.freebsd.org/security/advisories/FreeBSD-SA-15:15.tcp.asc
URL:www.freebsd.org/security/advisories/FreeBSD-SA-15:16.openssh.asc
URL:www.freebsd.org/security/advisories/FreeBSD-SA-15:17.bind.asc
27.
Security Updates in Mageia
(MGASA-2015-0291, MGASA-2015-0292, MGASA-2015-0293, MGASA-2015-0294,
MGASA-2015-0295)
[29/07/2015] Mageia has
released security update packages for fixing the vulnerabilities identified in
the freeradius, ansible, python-django14, python-django, springframework and
openssh packages for multiple versions of Mageia. Due to multiple errors, an
attacker could bypass security restrictions, obtain sensitive information, gain
elevated privileges, execute arbitrary code, cause a denial of service condition
and compromise the
system.
URL:advisories.mageia.org/MGASA-2015-0291.html
URL:advisories.mageia.org/MGASA-2015-0292.html
URL:advisories.mageia.org/MGASA-2015-0293.html
URL:advisories.mageia.org/MGASA-2015-0294.html
URL:advisories.mageia.org/MGASA-2015-0295.html
28.
Security Updates in Red Hat Enterprise
Linux (RHSA-2015:1512-1, RHSA-2015:1513-1, RHSA-2015:1514-1,
RHSA-2015:1515-1)
[29/07/2015] Red Hat
has released security update packages for fixing the vulnerabilities identified
in the qemu-kvm-rhev, bind and bind97 packages for Red Hat Enterprise Linux
OpenStack Platform 5 and 6, Red Hat Enterprise Linux 5, 6 and 7. Due to multiple
errors, an attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges, execute arbitrary code, cause a denial of
service condition and compromise the
system.
URL:rhn.redhat.com/errata/RHSA-2015-1512.html
URL:rhn.redhat.com/errata/RHSA-2015-1513.html
URL:rhn.redhat.com/errata/RHSA-2015-1514.html
URL:rhn.redhat.com/errata/RHSA-2015-1515.html
29.
Security Updates in Slackware
(SSA:2015-209-01)
[29/07/2015] Slackware
has released security update packages for fixing the vulnerability identified in
the bind package for multiple versions of Slackware Linux. An attacker could
bypass security restriction, cause a denial of service condition and crash the
system.
URL:www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.554472
30.
Security Updates in SUSE
(SUSE-SU-2015:1302-1, SUSE-SU-2015:1304-1,
SUSE-SU-2015:1305-1)
[29/07/2015] SUSE has
released security update packages for fixing the vulnerabilities identified in
the xen and bind packages of SUSE Linux Enterprise 11 and 12. Due to multiple
errors, an attacker could bypass security restrictions, gain elevated
privileges, execute arbitrary code, cause a denial of service condition and
crash the
system.
URL:lists.opensuse.org/opensuse-security-announce/2015-07/msg00042.html
URL:lists.opensuse.org/opensuse-security-announce/2015-07/msg00043.html
URL:lists.opensuse.org/opensuse-security-announce/2015-07/msg00044.html
31.
Security Updates in Ubuntu GNU/Linux
(USN-2686-1)
[29/07/2015] Ubuntu has
released security update packages for fixing the vulnerabilities identified in
the apache2 package for versions 12.04 LTS, 14.04 LTS and 15.04 of Ubuntu
GNU/Linux. Due to multiple errors, an attacker could bypass security
restrictions, execute arbitrary code and perform HTTP request smuggling
attacks.
URL:www.ubuntu.com/usn/usn-2687-1/
URL:www.ubuntu.com/usn/usn-2688-1/
URL:www.ubuntu.com/usn/usn-2689-1/
URL:www.ubuntu.com/usn/usn-2690-1/
URL:www.ubuntu.com/usn/usn-2691-1/
URL:www.ubuntu.com/usn/usn-2692-1/
URL:www.ubuntu.com/usn/usn-2693-1/
32.
Vulnerabilities in Microsoft Internet
Explorer Mobile
[28/07/2015] Vulnerabilities were identified in the Microsoft Internet
Explorer Mobile. An attacker could bypass security restrictions and execute
arbitrary code. The affected version was not
specified.
URL:www.hkcert.org/my_url/en/alert/15072701
33.
Vulnerabilities in Cisco
Products
[28/07/2015]
Vulnerabilities were identified in the Cisco
Firepower 9000 Series devices, Cisco Web Security Appliance (WSA), Cisco Email
Security Appliance (ESA) and Cisco Content Security Management Appliance (SMA).
An attacker could bypass security restrictions, obtain sensitive information,
execute arbitrary code and perform cross-site scripting attacks. These
vulnerabilities affect multiple firmware versions of the mentioned
products.
URL:tools.cisco.com/security/center/viewAlert.x?alertId=40136
URL:tools.cisco.com/security/center/viewAlert.x?alertId=40172
34.
Security Updates in Oracle Linux
(ELSA-2015-1507, ELSA-2015-1510)
[28/07/2015] Oracle has
released security update packages for fixing the vulnerabilities identified in
the qemu-kvm and clutter packages for Oracle Linux 7. Due to multiple errors, an
attacker could bypass security restriction, gain elevated privileges and execute
arbitrary
code.
URL:linux.oracle.com/errata/ELSA-2015-1507.html
URL:linux.oracle.com/errata/ELSA-2015-1510.html
35.
Security Updates in Debian (DSA-3316-1,
DSA-3318-1)
[28/07/2015] Debian has
released security update packages for fixing the vulnerabilities identified in
the openjdk-7 and expat package for multiple versions of Debian GNU/Linux. Due
to multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and compromise the
system.
URL:www.debian.org/security/2015/dsa-3316
URL:www.debian.org/security/2015/dsa-3318
36.
Security Updates in Mageia
(MGASA-2015-0279, MGASA-2015-0280, MGASA-2015-0281, MGASA-2015-0282,
MGASA-2015-0283, MGASA-2015-0284, MGASA-2015-0285, MGASA-2015-0286,
MGASA-2015-0287, MGASA-2015-0288, MGASA-2015-0289,
MGASA-2015-0290)
[28/07/2015] Mageia has
released security update packages for fixing the vulnerabilities identified in
the mariadb, java-1.8.0-openjdk, apache, evolution, wesnoth, thunderbird,
thunderbird-l10n, expat, icu, chromium-browser-stable, stunnel and wordpress
packages for multiple versions of Mageia. Due to multiple errors, an attacker
could bypass security restrictions, obtain sensitive information, gain elevated
privileges, execute arbitrary code, cause a denial of service condition and
compromise the
system.
URL:advisories.mageia.org/MGASA-2015-0279.html
URL:advisories.mageia.org/MGASA-2015-0280.html
URL:advisories.mageia.org/MGASA-2015-0281.html
URL:advisories.mageia.org/MGASA-2015-0282.html
URL:advisories.mageia.org/MGASA-2015-0283.html
URL:advisories.mageia.org/MGASA-2015-0284.html
URL:advisories.mageia.org/MGASA-2015-0285.html
URL:advisories.mageia.org/MGASA-2015-0286.html
URL:advisories.mageia.org/MGASA-2015-0287.html
URL:advisories.mageia.org/MGASA-2015-0288.html
URL:advisories.mageia.org/MGASA-2015-0289.html
URL:advisories.mageia.org/MGASA-2015-0290.html
37.
Security Updates in Red Hat Enterprise
Linux (RHSA-2015:1499-1, RHSA-2015:1507-1,
RHSA-2015:1510-1)
[28/07/2015] Red Hat
has released security update packages for fixing the vulnerabilities identified
in the chromium-browser, qemu-kvm and clutter packages for Red Hat Enterprise
Linux 6 and 7. Due to multiple errors, an attacker could bypass security
restrictions, obtain sensitive information, gain elevated privileges, execute
arbitrary code, cause a denial of service condition and compromise the
system.
URL:rhn.redhat.com/errata/RHSA-2015-1499.html
URL:rhn.redhat.com/errata/RHSA-2015-1507.html
URL:rhn.redhat.com/errata/RHSA-2015-1510.html
38.
Security Updates in SUSE
(SUSE-SU-2015:1299-1)
[28/07/2015] SUSE has
released security update packages for fixing the vulnerabilities identified in
the xen package of SUSE Linux Enterprise 11. Due to multiple errors, an attacker
could bypass security restrictions, gain elevated privileges, execute arbitrary
code, cause a denial of service condition and crash the
system.
URL:lists.opensuse.org/opensuse-security-announce/2015-07/msg00041.html
39.
Security Updates in Ubuntu GNU/Linux
(USN-2686-1)
[28/07/2015] Ubuntu has
released security update packages for fixing the vulnerabilities identified in
the apache2 package for versions 12.04 LTS, 14.04 LTS and 15.04 of Ubuntu
GNU/Linux. Due to multiple errors, an attacker could bypass security
restrictions, execute arbitrary code and perform HTTP request smuggling
attacks.
URL:www.ubuntu.com/usn/usn-2686-1/
40. Vulnerability in Cisco
Products
[27/07/2015]
Vulnerability was identified in the Cisco Web
Security Appliance (WSA), Cisco Email Security Appliance (ESA) and Cisco Content
Security Management Appliance (SMA). An attacker could bypass security
restrictions and obtain sensitive information. This vulnerability affects
multiple firmware versions of the mentioned
products.
URL:tools.cisco.com/security/center/viewAlert.x?alertId=40137
41.
Vulnerabilities in Honeywell Tuxedo Touch
Controller (VU#857948)
[27/07/2015] Vulnerabilities were identified in the Honeywell Tuxedo Touch
Controller. An attacker could bypass security restrictions, execute arbitrary
code, perform cross-site request forgery attacks. These vulnerabilities affect
firmware versions prior to TUXW_V5.2.19.0_VA of the mentioned product. Security
patches are available to resolve these
vulnerabilities.
URL:www.kb.cert.org/vuls/id/857948
42.
Vulnerability in Fiat-Chrysler Automative
UConnect (VU#819439)
[27/07/2015] Vulnerability was identified in the Fiat-Chrysler Automative
UConnect. An attacker could bypass security restrictions, execute arbitrary code
and compromise the system. This vulnerability affects multiple versions of the
mentioned product. Security patches are available to resolve this
vulnerability.
URL:www.kb.cert.org/vuls/id/819439
43.
Vulnerability in Ghostscript
(105033)
[27/07/2015]
Vulnerability was identified in the Ghostscript.
An attacker could bypass security restrictions and execute arbitrary code. This
vulnerability affects version 9.16 of the mentioned product. Security patches
are available to resolve this
vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/105033
44.
Vulnerabilities in libuser (105022,
105023)
[27/07/2015]
Vulnerabilities were identified in the libuser.
An attacker could bypass security restrictions, obtain sensitive information,
gain elevated privileges, execute arbitrary code, cause a denial of service
condition and compromise the system. These vulnerabilities affect versions prior
to 0.62 of the mentioned product. Security patches are available to resolve
these
vulnerabilities.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/105022
URL:exchange.xforce.ibmcloud.com/vulnerabilities/105023
45.
Security Updates in Debian (DSA-3315-1,
DSA-3317-1)
[27/07/2015] Debian has
released security update packages for fixing the vulnerabilities identified in
the chromium-browser and lxc package for multiple versions of Debian GNU/Linux.
Due to multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and compromise the
system.
URL:www.debian.org/security/2015/dsa-3315
URL:www.debian.org/security/2015/dsa-3317
46.
Security Updates in Mageia
(MGASA-2015-0278)
[27/07/2015] Mageia has
released security update packages for fixing the vulnerabilities identified in
the libuser packages for multiple versions of Mageia. Due to multiple errors, an
attacker could bypass security restrictions, obtain sensitive information, gain
elevated privileges, execute arbitrary code, cause a denial of service condition
and compromise the
system.
URL:advisories.mageia.org/MGASA-2015-0278.html
47.
Security Updates in SUSE
(openSUSE-SU-2015:1287-1, openSUSE-SU-2015:1288-1,
openSUSE-SU-2015:1289-1)
[27/07/2015] SUSE has
released security update packages for fixing the vulnerabilities identified in
the Chromium, java-1_7_0-openjdk and java-1_8_0-openjdk package of openSUSE 13.1
and 13.2. Due to multiple errors, an attacker could bypass security
restrictions, obtain sensitive information, gain elevated privileges, execute
arbitrary code, cause a denial of service condition and compromise the
system.
URL:lists.opensuse.org/opensuse-security-announce/2015-07/msg00038.html
URL:lists.opensuse.org/opensuse-security-announce/2015-07/msg00039.html
URL:lists.opensuse.org/opensuse-security-announce/2015-07/msg00040.html
No comments:
Post a Comment