1. Vulnerability
in HP Operations Orchestration (c04894110)
[20/11/2015] Vulnerability was identified in the HP Operations
Orchestration. An attacker could bypass security restrictions, obtain sensitive
information, execute arbitrary code and perform cross-site scripting attacks.
These vulnerabilities affects versions prior to 10.22.001 of the mentioned
product. Security patches are available to resolve these
vulnerabilities.
URL:h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c04894110
URL:exchange.xforce.ibmcloud.com/vulnerabilities/108160
2. Vulnerability in VMware Products
(VMSA-2015-0008)
[20/11/2015] Vulnerability was identified in the VMware vCenter Server,
vCloud Director and VMware Horizon View. An attacker could bypass security
restrictions and obtain sensitive information. This vulnerability affects
multiple versions of the mentioned products. Security patches are available to
resolve this
vulnerability.
URL:www.vmware.com/security/advisories/VMSA-2015-0008.html
URL:www.us-cert.gov/ncas/current-activity/2015/11/19/VMware-Releases-Security-Updates
3. Vulnerabilities in Kaspersky Antivirus (108161,
108165)
[20/11/2015]
Vulnerabilities were identified in the Kaspersky
Antivirus. An attacker could bypass security restrictions, execute arbitrary
code, cause a denial of service condition and crash the system. These
vulnerabilities affect multiple versions of the mentioned
product.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/108161
URL:exchange.xforce.ibmcloud.com/vulnerabilities/108165
4. Vulnerability in Horde Groupware
(108151)
[20/11/2015]
Vulnerability was identified in the Horde
Groupware. An attacker could bypass security restrictions, obtain sensitive
information, execute arbitrary code and perform code injection attacks. This
vulnerability affects versions prior to 5.2.11 of the mentioned product.
Security patches are available to resolve this
vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/108151
5. Vulnerabilities in NVIDIA Products (108164, 108166,
108186)
[20/11/2015]
Vulnerabilities were identified in multiple
NVIDIA Products. An attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and compromise the system. These vulnerabilities
affect multiple versions of the mentioned products. Security patches are
available to resolve these
vulnerabilities.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/108164
URL:exchange.xforce.ibmcloud.com/vulnerabilities/108166
URL:exchange.xforce.ibmcloud.com/vulnerabilities/108186
6. Vulnerabilities in Tibbo AggreGate Platform
(ICSA-15-323-01)
[20/11/2015] Vulnerabilities were identified in the Tibbo AggreGate
Platform. An attacker could bypass security restrictions and execute arbitrary
code on the system. These vulnerabilities affect versions prior to 5.30.06 of
the mentioned product. Security patches are available to resolve these
vulnerabilities.
URL:ics-cert.us-cert.gov/advisories/ICSA-15-323-01
7. Vulnerability in Spiffy web server
(108167)
[20/11/2015]
Vulnerability was identified in the Spiffy web
server. An attacker could bypass security restrictions and obtain sensitive
information. This vulnerability affects versions prior to 5.4 of the mentioned
product. Security patches are available to resolve this
vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/108167
8. Vulnerability in Linux Kernel
(108162)
[20/11/2015]
Vulnerability was identified in the Linux
Kernel. An attacker could bypass security restrictions, cause a denial of
service condition and crash the system. This vulnerability affects multiple
versions of the mentioned
product.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/108162
9. Vulnerabilities in Jenkins (108174, 108175, 108176,
108177, 108178, 108179, 108180, 108181, 108182,
108183)
[20/11/2015]
Vulnerabilities were identified in Jenkins. An
attacker could bypass security restrictions, obtain sensitive information, gain
elevated privileges, execute arbitrary code, cause a denial of service condition
and compromise the system. These vulnerabilities affect multiple versions of the
mentioned products. Security patches are available to resolve these
vulnerabilities.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/108174
URL:exchange.xforce.ibmcloud.com/vulnerabilities/108175
URL:exchange.xforce.ibmcloud.com/vulnerabilities/108176
URL:exchange.xforce.ibmcloud.com/vulnerabilities/108177
URL:exchange.xforce.ibmcloud.com/vulnerabilities/108178
URL:exchange.xforce.ibmcloud.com/vulnerabilities/108179
URL:exchange.xforce.ibmcloud.com/vulnerabilities/108180
URL:exchange.xforce.ibmcloud.com/vulnerabilities/108181
URL:exchange.xforce.ibmcloud.com/vulnerabilities/108182
URL:exchange.xforce.ibmcloud.com/vulnerabilities/108183
10.
Vulnerability in Zenario CMS
(108136)
[20/11/2015]
Vulnerability was identified in the Zenario CMS.
An attacker could bypass security restrictions, obtain sensitive information,
execute arbitrary code and perform code injection attacks. This vulnerability
affects multiple versions of the mentioned
product.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/108136
11.
Security Updates in Mageia
(MGASA-2015-0449, MGASA-2015-0450, MGASA-2015-0451, MGASA-2015-0452,
MGASA-2015-0453, MGASA-2015-0454)
[20/11/2015] Mageia has
released security update packages for fixing the vulnerabilities identified in
the gcc, kernel, kernel-userspace-headers, kmod-xtables-addons,
kmod-broadcom-wl, kmod-fglrx, kmod-nvidia304, kmod-nvidia340,
kmod-nvidia-current, libpng, libpng12, dovecot, latex2rtf, uglify-js,
nodejs-align-text, nodejs-ansi-regex, nodejs-camelcase, nodejs-center-align,
nodejs-cliui, nodejs-code-point-at, nodejs-decamelize, nodejs-invert-kv,
nodejs-is-buffer, nodejs-is-fullwidth-code-point, nodejs-kind-of, nodejs-lcid,
nodejs-longest, nodejs-minimist, nodejs-number-is-nan, nodejs-os-locale,
nodejs-repeat-string, nodejs-right-align, nodejs-source-map,
nodejs-string-width, nodejs-strip-ansi, nodejs-window-size, nodejs-wrap-ansi,
nodejs-y18n and nodejs-yargs packages for multiple versions of Mageia. Due to
multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and compromise the
system.
URL:advisories.mageia.org/MGASA-2015-0449.html
URL:advisories.mageia.org/MGASA-2015-0450.html
URL:advisories.mageia.org/MGASA-2015-0451.html
URL:advisories.mageia.org/MGASA-2015-0452.html
URL:advisories.mageia.org/MGASA-2015-0453.html
URL:advisories.mageia.org/MGASA-2015-0454.html
12.
Security Updates in Ubuntu GNU/Linux
(USN-2815-1)
[20/11/2015] Ubuntu has
released security update packages for fixing the vulnerabilities identified in
the libpng packages for versions 12.04 LTS, 14.04 LTS, 15.04 and 15.10. Due to
multiple errors, an attacker could bypass security restrictions, gain elevated
privileges, cause a denial of service condition and crash the
system.
URL:www.ubuntu.com/usn/usn-2815-1/
13. Vulnerabilities in IBM WebSphere Application Server
(1969620)
[19/11/2015]
Vulnerabilities were identified in the IBM SDK
Java Technology Edition shipped with IBM WebSphere Application Server. An
attacker could bypass security restrictions and obtain sensitive information.
These vulnerabilities affect multiple versions of the mentioned product.
Security patches are available to resolve these
vulnerabilities.
URL:www.ibm.com/support/docview.wss?uid=swg21969620
14.
Vulnerability in F5 Products
(SOL10600056)
[19/11/2015] Vulnerability was identified in the F5 BIG-IP LTM, BIG-IP
AAM, BIG-IP AFM, BIG-IP Analytics, BIG-IP APM, BIG-IP ASM, BIG-IP DNS, BIG-IP
Edge Gateway, BIG-IP GTM, BIG-IP Link Controller, BIG-IP PEM, BIG-IP PSM, BIG-IP
WebAccelerator, BIG-IP WOM, ARX, Enterprise Manager, BIG-IQ Cloud, BIG-IQ
Device, BIG-IQ Security, BIG-IQ ADC, LineRate and Traffix SDC. An attacker could
bypass security restrictions and execute arbitrary code. This vulnerability
affects multiple versions of the mentioned products. Security patches are
available to resolve this
vulnerability.
URL:support.f5.com/kb/en-us/solutions/public/k/10/sol10600056.html
15.
Vulnerability in Huawei DSM Product
(Huawei-SA-20151118-01-DSM)
[19/11/2015] Vulnerability was identified in the Huawei DSM Product. An
attacker could bypass security restrictions and obtain sensitive information.
This vulnerability affects versions prior to V100R002C05SPC661 of the mentioned
product. Security patches are available to resolve this
vulnerability.
URL:www.huawei.com/en/security/psirt/security-bulletins/security-advisories/archive/hw-462410.htm
16.
Security Updates in Oracle Linux
(ELSA-2015-2078, ELSA-2015-2081, ELSA-2015-2086)
[19/11/2015] Oracle has released security update packages for fixing the
vulnerabilities identified in the postgresql and java-1.6.0-openjdk packages for
Oracle Linux 5, 6 and 7. Due to multiple errors, an attacker could bypass
security restrictions, obtain sensitive information, gain elevated privileges,
execute arbitrary code, cause a denial of service condition and compromise the
system.
URL:linux.oracle.com/errata/ELSA-2015-2078.html
URL:linux.oracle.com/errata/ELSA-2015-2081.html
URL:linux.oracle.com/errata/ELSA-2015-2086.html
17.
Security Updates in Debian
(DSA-3399-1)
[19/11/2015] Debian has
released security update packages for fixing the vulnerabilities identified in
the libpng packages for multiple versions of Debian GNU/Linux. Due to multiple
errors, an attacker could bypass security restrictions, obtain sensitive
information, execute arbitrary code, cause a denial of service condition and
crash the
system.
URL:www.debian.org/security/2015/dsa-3399
18.
Security Updates in Red Hat Enterprise
Linux (RHSA-2015:2068-1, RHSA-2015:2077-1)
[19/11/2015] Red Hat
has released security update packages for fixing the vulnerabilities identified
in the nss, nss-util, nspr and rh-postgresql94-postgresql packages for Red Hat
Enterprise Linux 6, Red Hat Software Collections 2 for RHEL 6 and 7. Due to
multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, execute arbitrary code, cause a denial of service
condition and crash the
system.
URL:rhn.redhat.com/errata/RHSA-2015-2068.html
URL:rhn.redhat.com/errata/RHSA-2015-2077.html
19.
Security Updates in SUSE
(openSUSE-SU-2015:2003-1, SUSE-SU-2015:1898-2)
[19/11/2015] SUSE has
released security update packages for fixing the vulnerabilities identified in
the xen and krb5 packages of openSUSE 13.2 and SUSE Linux Enterprise 11. Due to
multiple errors, an attacker could bypass security restrictions, execute
arbitrary code, cause a denial of service condition and crash the
system.
URL:lists.opensuse.org/opensuse-security-announce/2015-11/msg00023.html
URL:lists.opensuse.org/opensuse-security-announce/2015-11/msg00024.html
20.
Security Updates in Ubuntu GNU/Linux
(USN-2814-1)
[19/11/2015] Ubuntu has
released security update packages for fixing the vulnerability identified in the
nvidia-graphics-drivers-304, nvidia-graphics-drivers-304-updates,
nvidia-graphics-drivers-340, nvidia-graphics-drivers-340-updates,
nvidia-graphics-drivers-352 and nvidia-graphics-drivers-352-updates packages for
versions 12.04 LTS, 14.04 LTS, 15.04 and 15.10. Due to multiple errors, an
attacker could bypass security restrictions, gain elevated privileges and
execute arbitrary
code.
URL:www.ubuntu.com/usn/usn-2814-1/
21. Vulnerabilities in Adobe Products (APSB15-29,
APSB15-30, APSB15-31)
[18/11/2015] Vulnerabilities were identified in the Adobe ColdFusion,
Adobe LiveCycle Data Services and Adobe Premiere Clip. An attacker could bypass
security restrictions, execute arbitrary code and perform cross-site request
forgery (CSRF) attacks. These vulnerabilities affect multiple versions of the
mentioned products. Security patches are available to resolve these
vulnerabilities.
URL:helpx.adobe.com/security/products/coldfusion/apsb15-29.html
URL:helpx.adobe.com/security/products/livecycleds/apsb15-30.html
URL:helpx.adobe.com/security/products/premiereclip/apsb15-31.html
URL:www.hkcert.org/my_url/en/alert/15111801
URL:www.us-cert.gov/ncas/current-activity/2015/11/17/Adobe-Releases-Security-Updates-ColdFusion-LiveCycle-Data-Services
URL:exchange.xforce.ibmcloud.com/vulnerabilities/108102
URL:exchange.xforce.ibmcloud.com/vulnerabilities/108103
URL:exchange.xforce.ibmcloud.com/vulnerabilities/108104
URL:exchange.xforce.ibmcloud.com/vulnerabilities/108105
22.
Vulnerability in Apache
CXF
[18/11/2015] Vulnerability was identified in the Apache CXF. An
attacker could bypass security restrictions, execute arbitrary code and perform
XML wrapping attacks. This vulnerability affects versions prior to 2.7.18, 3.0.7
or 3.1.3 of the mentioned product. Security patches are available to resolve
this
vulnerability.
URL:cxf.apache.org/security-advisories.data/CVE-2015-5253.txt.asc
URL:exchange.xforce.ibmcloud.com/vulnerabilities/108096
23.
Vulnerabilities in Cisco Prime
Collaboration Assurance and Cisco Firepower 9000 Series Switch
(cisco-sa-20151008-pca1, cisco-sa-20151116-fire, cisco-sa-20151116-fire1,
cisco-sa-20151116-firepower, cisco-sa-20151117-firepower1,
cisco-sa-20151117-firepower2, cisco-sa-20151117-firepower3,
cisco-sa-20151117-firepower4)
[18/11/2015] Vulnerabilities were identified in the Cisco Prime
Collaboration Assurance and Cisco Firepower 9000 Series Switch. An attacker
could bypass security restrictions, obtain sensitive information, gain elevated
privileges, execute arbitrary code, perform cross-site request forgery (CSRF)
attacks, clickjacking or phishing attacks, cause a denial of service condition
and compromise the system. These vulnerabilities affect multiple versions of the
mentioned products. Security patches are available to resolve these
vulnerabilities.
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151008-pca1
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151116-fire
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151116-fire1
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151116-firepower
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151117-firepower1
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151117-firepower2
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151117-firepower3
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151117-firepower4
URL:exchange.xforce.ibmcloud.com/vulnerabilities/108040
URL:exchange.xforce.ibmcloud.com/vulnerabilities/108100
URL:exchange.xforce.ibmcloud.com/vulnerabilities/108101
24.
Vulnerability in Huawei P8 smart phone
(HW-462315)
[18/11/2015] Vulnerability was identified in the Huawei P8 smart phone. An
attacker could bypass security restrictions, obtain sensitive information,
execute arbitrary code, cause a denial of service condition and crash the
system. This vulnerability affects multiple versions of the mentioned
product.
URL:www1.huawei.com/en/security/psirt/security-bulletins/security-notices/archive/hw-462315.htm
25.
Vulnerability in Exemys Telemetry Web
Server (ICSA-15-321-01)
[18/11/2015] Vulnerability was identified in the Exemys Telemetry Web
Server. An attacker could bypass security restrictions and execute arbitrary
code on the system. This vulnerability affects multiple versions of the
mentioned
product.
URL:ics-cert.us-cert.gov/advisories/ICSA-15-321-01
26.
Vulnerabilities in TECO Products (108083,
108084, 108086)
[18/11/2015] Vulnerabilities were identified in the TECO TP03-PCLINK, TECO
SG2 FBD Client and ECO AP-PCLINK. An attacker could bypass security restrictions
and execute arbitrary code on the system. These vulnerabilities affect multiple
versions of the mentioned
products.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/108083
URL:exchange.xforce.ibmcloud.com/vulnerabilities/108084
URL:exchange.xforce.ibmcloud.com/vulnerabilities/108086
27.
Vulnerabilities in Xen
(XSA-156)
[18/11/2015]
Vulnerabilities were identified in the Xen. An
attacker could bypass security restrictions, cause a denial of service condition
and crash the system. These vulnerabilities affect multiple versions of the
mentioned product. Security patches are available to resolve these
vulnerabilities.
URL:xenbits.xen.org/xsa/advisory-156.html
URL:www.hkcert.org/my_url/en/alert/15111701
28.
Security Updates in Gentoo Linux (GLSA
201511-02)
[18/11/2015]
Gentoo has released security update packages for
fixing the vulnerabilities identified in the Adobe Flash Player packages for
multiple versions of Gentoo Linux. Due to multiple errors, an attacker could
bypass security restrictions, obtain sensitive information, gain elevated
privileges, execute arbitrary code, cause a denial of service condition and
compromise the
system.
URL:security.gentoo.org/glsa/201511-02
29.
Security Updates in Ubuntu GNU/Linux
(USN-2813-1)
[18/11/2015] Ubuntu has
released security update packages for fixing the vulnerabilities identified in
the lxcfs packages for versions 15.04 and 15.10. Due to multiple errors, an
attacker could bypass security restrictions, gain elevated privileges and
execute arbitrary
code.
URL:www.ubuntu.com/usn/usn-2813-1/
30. Vulnerability in Cisco FireSIGHT Management Center
(cisco-sa-20151116-fmc)
[17/11/2015] Vulnerability was identified in the Cisco FireSIGHT
Management Center (MC). An attacker could bypass security restrictions, obtain
sensitive information, execute arbitrary code on the system. This vulnerability
affects versions 5.2, 5.3, and 5.4 of the mentioned product. Security patches
are available to resolve this
vulnerability.
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151116-fmc
31.
Vulnerability in ESET Antivirus
(108038)
[17/11/2015]
Vulnerability was identified in the ESET
Antivirus. An attacker could bypass security restrictions, gain elevated
privileges, execute arbitrary code and compromise the system. The affected
version was not
specified.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/108038
32.
Security Updates in Oracle Linux
(ELSA-2015-2065)
[17/11/2015] Oracle has
released security update packages for fixing the vulnerability identified in the
xen packages for Oracle Linux 5. An attacker could bypass security restrictions,
execute arbitrary code, cause a denial of service condition and crash the
system.
URL:linux.oracle.com/errata/ELSA-2015-2065.html
33.
Security Updates in Debian
(DSA-3398-1)
[17/11/2015] Debian has
released security update packages for fixing the vulnerability identified in the
strongswan packages for multiple versions of Debian GNU/Linux. An attacker could
bypass security restrictions and execute arbitrary code on the
system.
URL:www.debian.org/security/2015/dsa-3398
34.
Security Updates in Mageia
(MGASA-2015-0445, MGASA-2015-0446, MGASA-2015-0447,
MGASA-2015-0448)
[17/11/2015] Mageia has
released security update packages for fixing the vulnerabilities identified in
the mariadb, krb5, iceape and chromium-browser-stable packages for multiple
versions of Mageia. Due to multiple errors, an attacker could bypass security
restrictions, obtain sensitive information, gain elevated privileges, execute
arbitrary code, cause a denial of service condition and compromise the
system.
URL:advisories.mageia.org/MGASA-2015-0445.html
URL:advisories.mageia.org/MGASA-2015-0446.html
URL:advisories.mageia.org/MGASA-2015-0447.html
URL:advisories.mageia.org/MGASA-2015-0448.html
35.
Security Updates in SUSE
(SUSE-SU-2015:1952-1)
[17/11/2015] SUSE has
released security update packages for fixing the vulnerabilities identified in
the krb5 packages of openSUSE Leap 42.1. Due to multiple errors, an attacker
could bypass security restrictions, execute arbitrary code, cause a denial of
service condition and crash the
system.
URL:lists.opensuse.org/opensuse-security-announce/2015-11/msg00022.html
36.
Security Updates in Ubuntu GNU/Linux
(USN-2811-1, USN-2812-1)
[17/11/2015] Ubuntu has
released security update packages for fixing the vulnerabilities identified in
the strongSwan and libxml2 packages for versions 12.04 LTS, 14.04 LTS, 15.04 and
15.10. Due to multiple errors, an attacker could bypass security restrictions,
obtain sensitive information, gain elevated privileges, execute arbitrary code,
cause a denial of service condition and compromise the
system.
URL:www.ubuntu.com/usn/usn-2811-1/
URL:www.ubuntu.com/usn/usn-2812-1/
37.
Vulnerability in Apache Commons
Collections Java library (VU#576313)
[16/11/2015] Vulnerability was identified in the Apache Commons
Collections Java library. An attacker could bypass security restrictions and
execute arbitrary code. This vulnerability affects multiple versions of the
mentioned
product.
URL:www.kb.cert.org/vuls/id/576313
URL:www.us-cert.gov/ncas/current-activity/2015/11/13/Apache-Commons-Collections-Java-Library-Vulnerability
38.
Vulnerabilities in Cisco Products
(cisco-sa-20151112-ios1, cisco-sa-20151112-vds,
cisco-sa-20151113-aironet)
[16/11/2015] Vulnerabilities were identified in the Cisco IOS Software,
Cisco Videoscape Distribution Suite Service Manager and Cisco Aironet 1800
Series Access Points. An attacker could bypass security restrictions, obtain
sensitive information, execute arbitrary code, cause a denial of service
condition and compromise the system. These vulnerabilities affect multiple
versions of the mentioned products. Security patches are available to resolve
these
vulnerabilities.
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151112-ios1
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151112-vds
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151113-aironet
URL:exchange.xforce.ibmcloud.com/vulnerabilities/108014
URL:exchange.xforce.ibmcloud.com/vulnerabilities/108015
URL:exchange.xforce.ibmcloud.com/vulnerabilities/108016
39.
Vulnerability in Checkpoint.com
sub-domains (107974)
[16/11/2015] Vulnerability was identified in the Checkpoint.com
sub-domains. An attacker could bypass security restrictions, obtain sensitive
information, execute arbitrary code and perform cross-site scripting attacks.
The affected version was not
specified.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/107974
40.
Vulnerability in Fastest Cache plugin for
WordPress (107971)
[16/11/2015] Vulnerability was identified in the Fastest Cache plugin for
WordPress. An attacker could bypass security restrictions, execute arbitrary
code and perform SQL injection attacks on the system. This vulnerability affects
versions prior to 0.8.4.9 of the mentioned product. Security patches are
available to resolve this
vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/107971
41.
Vulnerability in Mayo theme for Drupal
(DRUPAL-SA-CONTRIB-2015-164)
[16/11/2015] Vulnerability was identified in the Mayo theme for Drupal. An
attacker could bypass security restrictions, obtain sensitive information,
execute arbitrary code and perform cross-site scripting attacks on the system.
This vulnerability affects multiple versions of the mentioned product. Security
patches are available to resolve this
vulnerability.
URL:www.drupal.org/node/2613424
URL:exchange.xforce.ibmcloud.com/vulnerabilities/107971
42.
Vulnerability in libpng
(108010)
[16/11/2015]
Vulnerability was identified in the libpng. An
attacker could bypass security restrictions and execute arbitrary code on the
system. This vulnerability affects versions prior to 1.6.19, 1.5.24, 1.4.17,
1.2.54 and 1.0.64 of the mentioned product. Security patches are available to
resolve this
vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/108010
43.
Security Updates in Oracle Linux
(ELSA-2015-3098)
[16/11/2015] Oracle has
released security update packages for fixing the vulnerabilities identified in
the kernel packages for Oracle Linux 6 and 7. Due to multiple errors, an
attacker could bypass security restrictions, obtain sensitive information, gain
elevated privileges, execute arbitrary code, cause a denial of service condition
and compromise the
system.
URL:linux.oracle.com/errata/ELSA-2015-3098.html
44.
Security Updates in Slackware
(SSA:2015-318-01)
[16/11/2015] Slackware
has released security update packages for fixing the vulnerabilities identified
in the seamonkey packages for multiple versions of Slackware Linux. Due to
multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and compromise the
system.
URL:www.slackware.com/security/viewer.php?l=slackware-security&y=2015&m=slackware-security.412318
Source(s)
of above information:
No comments:
Post a Comment