1. Vulnerabilities in OpenSSL
[29/01/2016] Vulnerabilities were identified in the OpenSSL. An attacker
could bypass security restrictions, obtain sensitive information, gain elevated
privileges, execute arbitrary code, cause a denial of service condition and
crash the system. These vulnerabilities affect versions prior to 1.0.1r or
1.0.2f of the mentioned product. Security patches are available to resolve these
vulnerabilities.
URL:www.openssl.org/news/secadv/20160128.txt
URL:www.us-cert.gov/ncas/current-activity/2016/01/28/OpenSSL-Releases-Security-Advisory
URL:www.kb.cert.org/vuls/id/257823
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110234
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110235
2. Vulnerabilities in Cisco Products
(cisco-sa-20160128-sbs, cisco-sa-20160128-uc)
[29/01/2016] Vulnerabilities were identified in Cisco Small Business 500
Series Stackable Managed Switches and Cisco Unity Connection. An attacker could
bypass security restrictions, obtain sensitive information, gain elevated
privileges, execute arbitrary code, cause a denial of service condition and
crash the system. These vulnerabilities affect multiple versions of the
mentioned products. Security patches are available to resolve these
vulnerabilities.
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160128-sbs
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160128-uc
3. Vulnerabilities in Novell Filr (5233170, 5233171,
5233172, 5233550, 5233551, 5233552, 5233670, 5233690)
[29/01/2016] Vulnerabilities were identified in the Novell Identity
Manager, NetIQ eDirectory and Designer for Identity Manager. An attacker could
bypass security restrictions, obtain sensitive information, gain elevated
privileges, execute arbitrary code, cause a denial of service condition and
compromise the system. These vulnerabilities affect multiple versions of the
mentioned products. Security patches are available to resolve these
vulnerabilities.
URL:download.novell.com/Download?buildid=Drw3BqUXIo4~
URL:download.novell.com/Download?buildid=E9m024HXLHw~
URL:download.novell.com/Download?buildid=HTund35qCFk~
URL:download.novell.com/Download?buildid=l6ulyqWxDv8~
URL:download.novell.com/Download?buildid=N63wVOwZf_s~
URL:download.novell.com/Download?buildid=QgHXVOxv310~
URL:download.novell.com/Download?buildid=Rjs_0SapjGg~
URL:download.novell.com/Download?buildid=RYH_EkORvU4~
4. Vulnerability in Westermo industrial switches
(ICSA-16-028-01)
[29/01/2016] Vulnerability was identified in the Westermo industrial
switches. An attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges, execute arbitrary code, cause a denial of
service condition and compromise the system. This vulnerability affects OS
versions prior to 4.19.0 of the mentioned products. Security patches are
available to resolve this
vulnerability.
URL:ics-cert.us-cert.gov/advisories/ICSA-16-028-01
5. Vulnerabilities in KDDI HOME SPOT CUBE (110200,
110201, 110202, 110203, 110204, 110205)
[29/01/2016] Vulnerabilities were identified in the KDDI HOME SPOT CUBE.
An attacker could bypass security restrictions, obtain sensitive information,
gain elevated privileges, execute arbitrary code, cause a denial of service
condition and compromise the system. The affected version was not
specified.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110200
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110201
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110202
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110203
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110204
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110205
6. Vulnerabilities in NetGear Products (110207, 110209,
110213, 110214)
[29/01/2016] Vulnerabilities were identified in multiple NetGear products.
An attacker could bypass security restrictions, obtain sensitive information,
gain elevated privileges, execute arbitrary code, cause a denial of service
condition and compromise the system. These vulnerabilities affect multiple
versions of the mentioned
products.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110207
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110209
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110213
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110214
7. Vulnerability in Linux Kernel
(110242)
[29/01/2016]
Vulnerability was identified in the Linux
Kernel. An attacker could bypass security restrictions, execute arbitrary code,
cause a denial of service condition and crash the system. The affected version
was not specified. Security patches are available to resolve this
vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110242
8. Security Updates in Oracle Linux (ELSA-2016-0082,
ELSA-2016-0083)
[29/01/2016] Oracle has
released security update packages for fixing the vulnerability identified in the
qemu-kvm packages for Oracle Linux 6 and 7. An attacker could bypass security
restrictions, obtain sensitive information, gain elevated privileges, execute
arbitrary code, cause a denial of service condition and crash the
system.
URL:linux.oracle.com/errata/ELSA-2016-0082.html
URL:linux.oracle.com/errata/ELSA-2016-0083.html
9. Security Updates in Debian (DSA-3457-1, DSA-3458-1,
DSA-3459-1)
[29/01/2016] Debian has
released security update packages for fixing the vulnerabilities identified in
the iceweasel, openjdk-7 and mysql-5.5 packages for multiple versions of Debian
GNU/Linux. Due to multiple errors, an attacker could bypass security
restrictions, obtain sensitive information, gain elevated privileges, execute
arbitrary code, cause a denial of service condition and compromise the
system.
URL:www.debian.org/security/2016/dsa-3457
URL:www.debian.org/security/2016/dsa-3458
URL:www.debian.org/security/2016/dsa-3459
10.
Security Updates in Red Hat Enterprise
Linux (RHSA-2016:0072-1, RHSA-2016:0073-1, RHSA-2016:0074-1, RHSA-2016:0078-1,
RHSA-2016:0079-1, RHSA-2016:0081-1, RHSA-2016:0082-1, RHSA-2016:0083-1,
RHSA-2016:0085-1, RHSA-2016:0086-1, RHSA-2016:0087-1)
[29/01/2016] Red
Hat has released security update packages for fixing the vulnerabilities
identified in the chromium-browser, bind, bind97, qemu-kvm-rhev and qemu-kvm
packages for Red Hat Enterprise Linux 5, 6 and 7, Red Hat Enterprise
Virtualization, Red Hat Enterprise Linux OpenStack Platform for Red Hat
Enterprise Linux 5, 6 and 7. Due to multiple errors, an attacker could bypass
security restrictions, obtain sensitive information, gain elevated privileges,
execute arbitrary code, cause a denial of service condition and compromise the
system.
URL:rhn.redhat.com/errata/RHSA-2016-0072.html
URL:rhn.redhat.com/errata/RHSA-2016-0073.html
URL:rhn.redhat.com/errata/RHSA-2016-0074.html
URL:rhn.redhat.com/errata/RHSA-2016-0078.html
URL:rhn.redhat.com/errata/RHSA-2016-0079.html
URL:rhn.redhat.com/errata/RHSA-2016-0081.html
URL:rhn.redhat.com/errata/RHSA-2016-0082.html
URL:rhn.redhat.com/errata/RHSA-2016-0083.html
URL:rhn.redhat.com/errata/RHSA-2016-0085.html
URL:rhn.redhat.com/errata/RHSA-2016-0086.html
URL:rhn.redhat.com/errata/RHSA-2016-0087.html
11.
Security Updates in Ubuntu GNU/Linux
(USN-2883-1)
[29/01/2016] Ubuntu has
released security update packages for fixing the vulnerability identified in the
openssl package for version 15.10. An attacker could bypass security
restrictions, obtain sensitive information, gain elevated privileges and execute
arbitrary code.
URL:www.ubuntu.com/usn/usn-2883-1/
12.
Vulnerabilities in Cisco Products
(cisco-sa-20160127-ntpd, cisco-sa-20160127-rv220, cisco-sa-20160127-sbms,
cisco-sa-20160127-uc, cisco-sa-20160127-waascifs)
[28/01/2016] Vulnerabilities were identified in multiple Cisco products.
An attacker could bypass security restrictions, obtain sensitive information,
gain elevated privileges, execute arbitrary code, cause a denial of service
condition and compromise the system. These vulnerabilities affect multiple
versions of the mentioned products. Security patches are available to resolve
these
vulnerabilities.
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-ntpd
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-rv220
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-sbms
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-uc
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-waascifs
URL:www.us-cert.gov/ncas/current-activity/2016/01/27/Cisco-Releases-Security-Update
URL:www.hkcert.org/my_url/en/alert/16012801
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110177
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110178
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110179
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110180
13.
Vulnerability in Novell Filr (5233810,
5233830)
[28/01/2016]
Vulnerability was identified in the Novell Filr.
An attacker could bypass security restrictions, obtain sensitive information,
gain elevated privileges, execute arbitrary code, cause a denial of service
condition and compromise the system. This vulnerability affects versions 1.1 and
1.2 of the mentioned product. Security patches are available to resolve this
vulnerability.
URL:download.novell.com/Download?buildid=GGjGx_IhcY4~
URL:download.novell.com/Download?buildid=Sww_cAfKic0~
14.
Vulnerabilities in F5 Products
(SOL05013313, SOL13145361)
[28/01/2016] Vulnerabilities were identified in the F5 BIG-IP LTM, BIG-IP
AAM, BIG-IP AFM, BIG-IP Analytics, BIG-IP APM, BIG-IP ASM, BIG-IP DNS, BIG-IP
Edge Gateway, BIG-IP GTM, BIG-IP Link Controller, BIG-IP PEM, BIG-IP PSM, BIG-IP
WebAccelerator, BIG-IP WOM, Enterprise Manager, BIG-IQ Cloud, BIG-IQ Device,
BIG-IQ Security, BIG-IQ ADC, BIG-IQ Centralized Management and BIG-IQ Cloud and
Orchestration. An attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges, execute arbitrary code, cause a denial of
service condition and crash the system. These vulnerabilities affect multiple
versions of the mentioned products. Security patches are available to resolve
these
vulnerabilities.
URL:support.f5.com/kb/en-us/solutions/public/k/05/sol05013313.html
URL:support.f5.com/kb/en-us/solutions/public/k/13/sol13145361.html
15.
Security Updates in Oracle Linux
(ELSA-2016-0071, ELSA-2016-0073, ELSA-2016-0074)
[28/01/2016] Oracle has released security update packages for fixing the
vulnerabilities identified in the firefox, bind and bind97 packages for Oracle
Linux 5, 6 and 7. Due to multiple errors, an attacker could bypass security
restrictions, obtain sensitive information, gain elevated privileges, execute
arbitrary code, cause a denial of service condition and compromise the
system.
URL:linux.oracle.com/errata/ELSA-2016-0071.html
URL:linux.oracle.com/errata/ELSA-2016-0073.html
URL:linux.oracle.com/errata/ELSA-2016-0074.html
16.
Security Updates in Debian (DSA-3454-1,
DSA-3455-1, DSA-3456-1)
[28/01/2016] Debian has
released security update packages for fixing the vulnerability identified in the
virtualbox, curl and chromium-browser packages for multiple versions of Debian
GNU/Linux. Due to multiple errors, an attacker could bypass security
restrictions, obtain sensitive information, gain elevated privileges, execute
arbitrary code, cause a denial of service condition and compromise the
system.
URL:www.debian.org/security/2016/dsa-3454
URL:www.debian.org/security/2016/dsa-3455
URL:www.debian.org/security/2016/dsa-3456
17.
Security Updates in FreeBSD
(FreeBSD-SA-16:08.bind, FreeBSD-SA-16:09.ntp,
FreeBSD-SA-16:10.linux)
[28/01/2016] FreeBSD
has released security update packages for fixing the vulnerability identified in
the bind, ntp and kernel packages for multiple versions of FreeBSD Linux. Due to
multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and compromise the
system.
URL:www.freebsd.org/security/advisories/FreeBSD-SA-16:08.bind.asc
URL:www.freebsd.org/security/advisories/FreeBSD-SA-16:09.ntp.asc
URL:www.freebsd.org/security/advisories/FreeBSD-SA-16:10.linux.asc
18.
Security Updates in Gentoo Linux (GLSA
201601-02, GLSA 201601-03, GLSA 201601-04)
[28/01/2016] Gentoo has
released security update packages for fixing the vulnerabilities identified in
the webkit-gtk, adobe-flash and opensmtpd packages for multiple versions of
Gentoo Linux. Due to multiple errors, an attacker could bypass security
restrictions, obtain sensitive information, gain elevated privileges, execute
arbitrary code, cause a denial of service condition and compromise the
system.
URL:security.gentoo.org/glsa/201601-02
URL:security.gentoo.org/glsa/201601-03
URL:security.gentoo.org/glsa/201601-04
19.
Security Updates in Red Hat Enterprise
Linux (RHSA-2016:0071-1)
[28/01/2016] Red Hat
has released security update packages for fixing the vulnerabilities identified
in the firefox packages for Red Hat Enterprise Linux 5, 6 and 7. Due to multiple
errors, an attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges, execute arbitrary code, cause a denial of
service condition and compromise the
system.
URL:rhn.redhat.com/errata/RHSA-2016-0071.html
20.
Security Updates in SUSE
(openSUSE-SU-2016:0255-1, SUSE-SU-2016:0256-1, openSUSE-SU-2016:0261-1,
SUSE-SU-2016:0262-1, openSUSE-SU-2016:0263-1, SUSE-SU-2016:0265-1,
openSUSE-SU-2016:0268-1, SUSE-SU-2016:0269-1, openSUSE-SU-2016:0270-1,
openSUSE-SU-2016:0271-1, openSUSE-SU-2016:0272-1)
[28/01/2016] SUSE has released security update packages for fixing the
vulnerabilities identified in the openldap2, java-1_8_0-openjdk,
java-1_7_0-openjdk, Chromium and Java7 packages of SUSE Linux Enterprise 11 and
12, SUSE Studio Onsite 1.3, openSUSE Leap 42.1, openSUSE 13.1 and 13.2. Due to
multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and compromise the
system.
URL:lists.opensuse.org/opensuse-security-announce/2016-01/msg00035.html
URL:lists.opensuse.org/opensuse-security-announce/2016-01/msg00036.html
URL:lists.opensuse.org/opensuse-security-announce/2016-01/msg00037.html
URL:lists.opensuse.org/opensuse-security-announce/2016-01/msg00038.html
URL:lists.opensuse.org/opensuse-security-announce/2016-01/msg00039.html
URL:lists.opensuse.org/opensuse-security-announce/2016-01/msg00040.html
URL:lists.opensuse.org/opensuse-security-announce/2016-01/msg00041.html
URL:lists.opensuse.org/opensuse-security-announce/2016-01/msg00042.html
URL:lists.opensuse.org/opensuse-security-announce/2016-01/msg00043.html
URL:lists.opensuse.org/opensuse-security-announce/2016-01/msg00044.html
URL:lists.opensuse.org/opensuse-security-announce/2016-01/msg00045.html
URL:lists.opensuse.org/opensuse-security-announce/2016-01/msg00046.html
URL:lists.opensuse.org/opensuse-security-announce/2016-01/msg00047.html
21.
Security Updates in Ubuntu GNU/Linux
(USN-2877-1, USN-2880-1, USN-2882-1)
[28/01/2016] Ubuntu has
released security update packages for fixing the vulnerabilities identified in
the oxide-qt, firefox and curl packages for versions 12.04 LTS, 14.04 LTS, 15.04
and 15.10. Due to multiple errors, an attacker could bypass security
restrictions, obtain sensitive information, gain elevated privileges, execute
arbitrary code, cause a denial of service condition and compromise the
system.
URL:www.ubuntu.com/usn/usn-2877-1/
URL:www.ubuntu.com/usn/usn-2880-1/
URL:www.ubuntu.com/usn/usn-2882-1/
22.
Vulnerabilities in Mozilla Firefox (MFSA
2016-01, MFSA 2016-02, MFSA 2016-03, MFSA 2016-04, MFSA 2016-05, MFSA 2016-06,
MFSA 2016-07, MFSA 2016-08, MFSA 2016-09, MFSA 2016-10, MFSA 2016-11, MFSA
2016-12)
[27/01/2016]
Vulnerabilities were identified in the Mozilla
Firefox. An attacker could execute arbitrary code, cause integer overflow, crash
the application, perform spoofing attacks and obtain sensitive information.
These vulnerabilities affect multiple versions of the mentioned product.
Security patches are available to resolve these
vulnerabilities.
URL:www.mozilla.org/en-US/security/advisories/mfsa2016-01/
URL:www.mozilla.org/en-US/security/advisories/mfsa2016-02/
URL:www.mozilla.org/en-US/security/advisories/mfsa2016-03/
URL:www.mozilla.org/en-US/security/advisories/mfsa2016-04/
URL:www.mozilla.org/en-US/security/advisories/mfsa2016-05/
URL:www.mozilla.org/en-US/security/advisories/mfsa2016-06/
URL:www.mozilla.org/en-US/security/advisories/mfsa2016-07/
URL:www.mozilla.org/en-US/security/advisories/mfsa2016-08/
URL:www.mozilla.org/en-US/security/advisories/mfsa2016-09/
URL:www.mozilla.org/en-US/security/advisories/mfsa2016-10/
URL:www.mozilla.org/en-US/security/advisories/mfsa2016-11/
URL:www.mozilla.org/en-US/security/advisories/mfsa2016-12/
URL:www.hkcert.org/my_url/en/alert/16012701
URL:www.us-cert.gov/ncas/current-activity/2016/01/26/Mozilla-Releases-Security-Updates
23.
Vulnerability in Buffalo NAS device
(110079)
[27/01/2016]
Vulnerability was identified in Buffalo NAS
device. An attacker could cause a denial of service condition. This
vulnerability affects multiple versions of the mentioned
product.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110079
24.
Vulnerability in Rockwell Automation
Allen-Bradley MicroLogix (ICSA-16-026-02)
[27/01/2016] Vulnerability was identified in the Rockwell Automation
Allen-Bradley MicroLogix 1100 programmable logic controller systems. An attacker
could cause a stack-based buffer overflow. This vulnerability affects multiple
versions of the mentioned product. Security patches are available to resolve the
vulnerability in Allen-Bradley MicroLogix 1100 controller, hardware Series B, in
firmware Version
15.002.
URL:ics-cert.us-cert.gov/advisories/ICSA-16-026-02
25.
Security Updates in Oracle Linux
(ELSA-2016-0067)
[27/01/2016] Oracle has
released security update packages for fixing the vulnerabilities identified in
the java-1.6.0-openjdk packages for Oracle Linux 5, 6 and 7. Due to multiple
errors, an attacker could bypass security restrictions, obtain sensitive
information and cause a denial of service
condition.
URL:linux.oracle.com/errata/ELSA-2016-0067.html
26.
Security Updates in Debian
(DSA-3453-1)
[27/01/2016] Debian has
released security update packages for fixing the vulnerabilities identified in
the mariadb-10.0 packages for multiple versions of Debian GNU/Linux. An attacker
could perform man-in-the-middle
attacks.
URL:www.debian.org/security/2016/dsa-3453
27.
Security Updates in Red Hat Enterprise
Linux (RHSA-2016:0067-1, RHSA-2016:0068-1)
[27/01/2016] Red Hat
has released security update packages for fixing the vulnerabilities identified
in the java-1.6.0-openjdk and kernel-rt packages for Red Hat Enterprise Linux 5,
6 and 7. Due to multiple errors, an attacker could bypass security restrictions,
gain escalated privileges and execute arbitrary
code.
URL:rhn.redhat.com/errata/RHSA-2016-0067.html
URL:rhn.redhat.com/errata/RHSA-2016-0068.html
28.
Security Updates in Ubuntu GNU/Linux
(USN-2888-1)
[27/01/2016] Ubuntu has
released security update packages for fixing the vulnerabilities identified in
the mysql-5.5 and mysql-5.6 packages for versions 12.04 LTS, 14.04 LTS, 15.04
and 15.10. An attacker could cause buffer
overflow.
URL:www.ubuntu.com/usn/usn-2888-1/
29.
Vulnerabilities in Apple tvOS
(HT205729)
[26/01/2016]
Vulnerabilities were identified in the Apple
tvOS. An attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges, execute arbitrary code, cause a denial of
service condition and compromise the system. These vulnerabilities affect
versions 9.1.1 of the mentioned product. Security patches are available to
resolve these
vulnerabilities.
URL:support.apple.com/en-hk/HT205729
30.
Vulnerabilities in Cisco Products
(cisco-sa-20160125-api, cisco-sa-20160125-ucce)
[26/01/2016] Vulnerabilities were identified in the Cisco Application
Policy Infrastructure Controller Enterprise Module (APIC-EM) and Cisco Unified
Contact Center Express. An attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and compromise the system. These vulnerabilities
affect multiple versions of the mentioned products. Security patches are
available to resolve these
vulnerabilities.
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160125-api
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160125-ucce
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110049
31.
Vulnerabilities in Atlassian Bamboo
(110015, 110016, 110017)
[26/01/2016] Vulnerabilities were identified in the Atlassian Bamboo . An
attacker could bypass security restrictions, obtain sensitive information, gain
elevated privileges, execute arbitrary code, cause a denial of service condition
and compromise the system. These vulnerabilities affect versions prior to 5.9.9
or 5.10.0 of the mentioned products. Security patches are available to resolve
these
vulnerabilities.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110015
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110016
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110017
32.
Vulnerabilities in Buffalo Products
(110035, 110038)
[26/01/2016] Vulnerabilities were identified in multiple Buffalo network
devices. An attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges, execute arbitrary code, cause a denial of
service condition and compromise the system. These vulnerabilities affect
multiple versions of the mentioned products. Security patches are available to
resolve these
vulnerabilities.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110035
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110038
33.
Vulnerability in WiX Toolset installer
(110032)
[26/01/2016]
Vulnerability was identified in the WiX Toolset
installer. An attacker could bypass security restrictions and execute arbitrary
code on the system. The affected version was not
specified.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110032
34.
Vulnerability in OpenSSH
(110030)
[26/01/2016]
Vulnerability was identified in the OpenSSH. An
attacker could bypass security restrictions and execute arbitrary code on the
system. This vulnerability affects versions prior to 7.1p2 of the mentioned
product. Security patches are available to resolve this
vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110030
35.
Vulnerability in OpenVAS Greenbone
Security Assistant (110029)
[26/01/2016] Vulnerability was identified in the OpenVAS Greenbone
Security Assistant (GSA). An attacker could bypass security restrictions, obtain
sensitive information and execute arbitrary code on the system. This
vulnerability affects version 6.0.8 of the mentioned product. Security patches
are available to resolve this
vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110029
36.
Vulnerabilities in Quick CMS (110047,
110048)
[26/01/2016]
Vulnerabilities were identified in the Quick
CMS. An attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges, execute arbitrary code, cause a denial of
service condition and compromise the system. These vulnerabilities affect
version 6.1 of the mentioned
product.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110047
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110048
37.
Vulnerabilities in Linux Kernel (110050,
110051, 110052)
[26/01/2016] Vulnerabilities were identified in the Linux Kernel. An
attacker could bypass security restrictions, obtain sensitive information, gain
elevated privileges, execute arbitrary code, cause a denial of service condition
and compromise the system. These vulnerabilities affect multiple versions of the
mentioned
product.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110050
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110051
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110052
38.
Vulnerability in Ubuntu xwpe
(110034)
[26/01/2016]
Vulnerability was identified in the Ubuntu xwpe.
An attacker could bypass security restrictions and execute arbitrary code on the
system. This vulnerability affects version 1.5.30a-2.1 of the mentioned
product.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110034
39.
Security Updates in Oracle Linux
(ELSA-2016-0063, ELSA-2016-0064)
[26/01/2016] Oracle has
released security update packages for fixing the vulnerabilities identified in
the ntp and kernel packages for Oracle Linux 6 and 7. Due to multiple errors, an
attacker could bypass security restrictions, gain elevated privileges, execute
arbitrary code, cause a denial of service condition and crash the
system.
URL:linux.oracle.com/errata/ELSA-2016-0063.html
URL:linux.oracle.com/errata/ELSA-2016-0064.html
40.
Security Updates in Debian
(DSA-3452-1)
[26/01/2016] Debian has
released security update packages for fixing the vulnerability identified in the
claws-mail packages for multiple versions of Debian GNU/Linux. An attacker could
bypass security restrictions, gain elevated privileges and execute arbitrary
code on the
system.
URL:www.debian.org/security/2016/dsa-3452
41.
Security Updates in Red Hat Enterprise
Linux (RHSA-2016:0063-1, RHSA-2016:0064-1)
[26/01/2016] Red Hat
has released security update packages for fixing the vulnerabilities identified
in the ntp and kernel packages for Red Hat Enterprise Linux 6 and 7. Due to
multiple errors, an attacker could bypass security restrictions, gain elevated
privileges, execute arbitrary code, cause a denial of service condition and
crash the
system.
URL:rhn.redhat.com/errata/RHSA-2016-0063.html
URL:rhn.redhat.com/errata/RHSA-2016-0064.html
42.
Security Updates in SUSE
(SUSE-SU-2016:0224-1, openSUSE-SU-2016:0226-1, SUSE-SU-2016:0227-1,
openSUSE-SU-2016:0243-1)
[26/01/2016] SUSE has
released security update packages for fixing the vulnerabilities identified in
the openldap2, bind and ffmpeg packages of SUSE Linux Enterprise 10 and 12,
openSUSE Leap 42.1 and openSUSE 13.2. Due to multiple errors, an attacker could
bypass security restrictions, obtain sensitive information, gain elevated
privileges, execute arbitrary code, cause a denial of service condition and
compromise the
system.
URL:lists.opensuse.org/opensuse-security-announce/2016-01/msg00031.html
URL:lists.opensuse.org/opensuse-security-announce/2016-01/msg00032.html
URL:lists.opensuse.org/opensuse-security-announce/2016-01/msg00033.html
URL:lists.opensuse.org/opensuse-security-announce/2016-01/msg00034.html
43.
Vulnerability in Avast! Antivirus
(110013)
[25/01/2016]
Vulnerability was identified in the Avast!
Antivirus. An attacker could bypass security restrictions and gain elevated
privileges. The affected version was not
specified.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110013
44.
Security Updates in Debian
(DSA-3451-1)
[25/01/2016] Debian has
released security update packages for fixing the vulnerability identified in the
fuse packages for multiple versions of Debian GNU/Linux. Due to multiple errors,
an attacker could bypass security restrictions, obtain sensitive information and
gain elevated
privileges.
URL:www.debian.org/security/2016/dsa-3451
45.
Security Updates in Mageia
(MGASA-2016-0035)
[25/01/2016] Mageia has
released security update packages for fixing the vulnerability identified in the
virtualbox, kmod-virtualbox and kmod-vboxadditions packages for multiple
versions of Mageia. Due to multiple errors, an attacker could bypass security
restrictions, execute arbitrary code, cause a denial of service condition and
crash the
system.
URL:advisories.mageia.org/MGASA-2016-0035.html
46.
Security Updates in SUSE
(openSUSE-SU-2016:0197-1, openSUSE-SU-2016:0199-1, SUSE-SU-2016:0200-1,
openSUSE-SU-2016:0204-1, SUSE-SU-2016:0205-1, openSUSE-SU-2016:0207-1,
openSUSE-SU-2016:0210-1, openSUSE-SU-2016:0213-1,
openSUSE-SU-2016:0214-1)
[25/01/2016] SUSE has
released security update packages for fixing the vulnerabilities identified in
the bind, kernel, giflib and roundcubemail packages of openSUSE Leap 42.1,
openSUSE 13.1 and 13.2, SUSE Linux Enterprise 11 and 12. Due to multiple errors,
an attacker could bypass security restrictions, obtain sensitive information,
gain elevated privileges, execute arbitrary code, cause a denial of service
condition and compromise the
system.
URL:lists.opensuse.org/opensuse-security-announce/2016-01/msg00022.html
URL:lists.opensuse.org/opensuse-security-announce/2016-01/msg00023.html
URL:lists.opensuse.org/opensuse-security-announce/2016-01/msg00024.html
URL:lists.opensuse.org/opensuse-security-announce/2016-01/msg00025.html
URL:lists.opensuse.org/opensuse-security-announce/2016-01/msg00026.html
URL:lists.opensuse.org/opensuse-security-announce/2016-01/msg00027.html
URL:lists.opensuse.org/opensuse-security-announce/2016-01/msg00028.html
URL:lists.opensuse.org/opensuse-security-announce/2016-01/msg00029.html
URL:lists.opensuse.org/opensuse-security-announce/2016-01/msg00030.html
No comments:
Post a Comment