1. Vulnerability in F5 Traffix SDC
(SOL02004209)
[31/12/2015] Vulnerability was identified in the F5
Traffix SDC. An attacker could bypass security restrictions, obtain sensitive
information and execute arbitrary code on the system. This vulnerability affects
versions 4.1.0 and 4.0.5 of the mentioned product. Security patches are
available to resolve this vulnerability.
URL:support.f5.com/kb/en-us/solutions/public/k/02/sol02004209.html
2.
Vulnerabilities in LibTIFF (109279, 109280)
[31/12/2015]
Vulnerabilities were identified in the LibTIFF. An attacker could bypass
security restrictions and execute arbitrary code on the system. These
vulnerabilities affect version 4.0.6 of the mentioned product.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/109279URL:exchange.xforce.ibmcloud.com/vulnerabilities/109280
3.
Vulnerability in PHP (109282)
[31/12/2015]
Vulnerability was identified in the PHP. An attacker could bypass security
restrictions, execute arbitrary code, cause a denial of service condition and
crash the system. This vulnerability affects versions prior to 7.0.1 of the
mentioned product. Security patches are available to resolve this
vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/109282
4.
Vulnerability in phpMyAdmin (PMASA-2015-6)
[31/12/2015]
Vulnerability was identified in the phpMyAdmin. An attacker could bypass
security restrictions and obtain sensitive information. This vulnerability
affects versions prior to 4.0.10.12, 4.4.15.2 or 4.5.3.1 of the mentioned
product. Security patches are available to resolve this
vulnerability.
URL:www.phpmyadmin.net/security/PMASA-2015-6/URL:exchange.xforce.ibmcloud.com/vulnerabilities/109270
5.
Security Updates in Gentoo Linux (GLSA 201512-06, GLSA 201512-07, GLSA
201512-08, GLSA 201512-09, GLSA 201512-10, GLSA 201512-11, GLSA 201512-12, GLSA
201512-13)
[31/12/2015] Gentoo has released security update packages for
fixing the vulnerabilities identified in the mpfr, gstreamer, clamav, encfs,
firefox, firebird, systemsettings and inspircd packages for multiple versions of
Gentoo Linux. Due to multiple errors, an attacker could bypass security
restrictions, obtain sensitive information, gain elevated privileges, execute
arbitrary code, cause a denial of service condition and compromise the
system.
URL:security.gentoo.org/glsa/201512-06URL:security.gentoo.org/glsa/201512-07URL:security.gentoo.org/glsa/201512-08URL:security.gentoo.org/glsa/201512-09URL:security.gentoo.org/glsa/201512-10URL:security.gentoo.org/glsa/201512-11URL:security.gentoo.org/glsa/201512-12URL:security.gentoo.org/glsa/201512-13
6. Security
Updates in SUSE (SUSE-SU-2015:2399-1, openSUSE-SU-2015:2400-1,
SUSE-SU-2015:2401-1, SUSE-SU-2015:2402-1,
openSUSE-SU-2015:2403-1)
[31/12/2015] SUSE
has released security update packages for fixing the vulnerabilities identified
in the grub2 and flash-player packages of SUSE Linux Enterprise 11 and 12,
openSUSE 13.1 and 13.2, openSUSE Evergreen 11.4. Due to multiple errors, an
attacker could bypass security restrictions, obtain sensitive information, gain
elevated privileges, execute arbitrary code, cause a denial of service condition
and compromise the system.
URL:lists.opensuse.org/opensuse-security-announce/2015-12/msg00044.htmlURL:lists.opensuse.org/opensuse-security-announce/2015-12/msg00045.htmlURL:lists.opensuse.org/opensuse-security-announce/2015-12/msg00046.htmlURL:lists.opensuse.org/opensuse-security-announce/2015-12/msg00047.htmlURL:lists.opensuse.org/opensuse-security-announce/2015-12/msg00048.html
7.
Information Updates on Microsoft Security Advisory (2755801)
[30/12/2015] Microsoft has updated information on the
Security Advisory for Adobe Flash Player in Internet Explorer on all supported
editions of Windows 8, Windows Server 2012, Windows RT, Windows 8.1, Windows
Server 2012 R2, Windows RT 8.1 and Windows 10; and Adobe Flash Player in
Microsoft Edge on all supported editions of Windows 10. KB2755801 added the
3132372 update to the Current Update section.
URL:technet.microsoft.com/library/security/2755801.aspx
8.
Vulnerabilities in F5 Products (SOL20979231, SOL23332326)
[30/12/2015] Vulnerabilities were identified in the F5 BIG-IP
LTM, BIG-IP APM, BIG-IP ASM, BIG-IP Edge Gateway, BIG-IP GTM, BIG-IP Link
Controller, BIG-IP PSM, BIG-IP WebAccelerator, BIG-IP WOM and ARX. An attacker
could bypass security restrictions, obtain sensitive information and execute
arbitrary code on the system. These vulnerabilities affect multiple versions of
the mentioned products. Security patches are available to resolve these
vulnerabilities.
URL:support.f5.com/kb/en-us/solutions/public/k/20/sol20979231.htmlURL:support.f5.com/kb/en-us/solutions/public/k/23/sol23332326.html
9.
Security Updates in Red Hat Enterprise Linux
(RHSA-2015:2697-1)
[30/12/2015] Red
Hat has released security update packages for fixing the vulnerabilities
identified in the Adobe Flash Player packages for Red Hat Enterprise Linux 5 and
6. Due to multiple errors, an attacker could bypass security restrictions,
obtain sensitive information, gain elevated privileges, execute arbitrary code,
cause a denial of service condition and compromise the system.
URL:rhn.redhat.com/errata/RHSA-2015-2697.html
10.
Security Updates in SUSE (SUSE-SU-2015:2385-1, SUSE-SU-2015:2386-1,
SUSE-SU-2015:2387-1, openSUSE-SU-2015:2391-1,
openSUSE-SU-2015:2392-1)
[30/12/2015] SUSE
has released security update packages for fixing the vulnerabilities identified
in the grub2 and bind packages of SUSE Linux Enterprise 11 and 12, openSUSE
Evergreen 11.4. Due to multiple errors, an attacker could bypass security
restrictions, obtain sensitive information, gain elevated privileges, execute
arbitrary code, cause a denial of service condition and crash the system.
URL:lists.opensuse.org/opensuse-security-announce/2015-12/msg00039.htmlURL:lists.opensuse.org/opensuse-security-announce/2015-12/msg00040.htmlURL:lists.opensuse.org/opensuse-security-announce/2015-12/msg00041.htmlURL:lists.opensuse.org/opensuse-security-announce/2015-12/msg00042.htmlURL:lists.opensuse.org/opensuse-security-announce/2015-12/msg00043.html
11.
Vulnerabilities in Adobe Flash Player (APSB16-01)
[29/12/2015]
Vulnerabilities were identified in the Adobe Flash Player. An attacker could
bypass security restrictions, execute arbitrary code and compromise the system.
These vulnerabilities affect multiple versions of the mentioned product.
Security patches are available to resolve these vulnerabilities.
URL:helpx.adobe.com/security/products/flash-player/apsb16-01.htmlURL:www.hkcert.org/my_url/en/alert/15122901URL:www.us-cert.gov/ncas/current-activity/2015/12/28/Adobe-Releases-Security-Updates-Flash-Player
12.
Security Updates in Mageia (MGASA-2015-0483, MGASA-2015-0484, MGASA-2015-0485,
MGASA-2015-0486, MGASA-2015-0487, MGASA-2015-0488, MGASA-2015-0489,
MGASA-2015-490, MGASA-2015-0491, MGASA-2015-0492,
MGASA-2015-0493)
[29/12/2015] Mageia has released security update
packages for fixing the vulnerabilities identified in the keepassx,
php-phpmailer, proftpd, mediawiki, bouncycastle, perl-HTML-Scrubber, libpng12,
subversion, blueman, thunderbird, thunderbird-l10n and flash-player-plugin
packages for multiple versions of Mageia. Due to multiple errors, an attacker
could bypass security restrictions, obtain sensitive information, gain elevated
privileges, execute arbitrary code, cause a denial of service condition and
compromise the system.
URL:advisories.mageia.org/MGASA-2015-0483.htmlURL:advisories.mageia.org/MGASA-2015-0484.htmlURL:advisories.mageia.org/MGASA-2015-0485.htmlURL:advisories.mageia.org/MGASA-2015-0486.htmlURL:advisories.mageia.org/MGASA-2015-0487.htmlURL:advisories.mageia.org/MGASA-2015-0488.htmlURL:advisories.mageia.org/MGASA-2015-0489.htmlURL:advisories.mageia.org/MGASA-2015-0490.htmlURL:advisories.mageia.org/MGASA-2015-0491.htmlURL:advisories.mageia.org/MGASA-2015-0492.htmlURL:advisories.mageia.org/MGASA-2015-0493.html
13.
Security Updates in SUSE (openSUSE-SU-2015:2380-1)
[29/12/2015] SUSE
has released security update packages for fixing the vulnerabilities identified
in the xulrunner packages of openSUSE Leap 42.1. Due to multiple errors, an
attacker could bypass security restrictions, obtain sensitive information, gain
elevated privileges, execute arbitrary code, cause a denial of service condition
and compromise the system.
URL:lists.opensuse.org/opensuse-security-announce/2015-12/msg00038.html
14.
Vulnerability in Cisco Jabber (cisco-sa-20151224-jab)
[28/12/2015]
Vulnerability was identified in the Cisco Jabber for Windows client. An attacker
could perform a man-in-the-middle attack and obtain sensitive information. This
vulnerability affects multiple versions of the mentioned product. Security
patches are available to resolve this vulnerability.
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151224-jab
15.
Vulnerability in IBM OpenPages GRC Platform (1970590)
[28/12/2015]
Vulnerability was identified in the IBM OpenPages GRC Platform. An attacker
could perform code injection attack. This vulnerability affects versions 7.0 and
7.1 of the mentioned product. Security patches are available to resolve this
vulnerability.
URL:www-01.ibm.com/support/docview.wss?uid=swg21970590URL:exchange.xforce.ibmcloud.com/vulnerabilities/106946
16.
Vulnerability in ESET NOD32 Antivirus (109194)
[28/12/2015]
Vulnerability was identified in the ESET NOD32 Antivirus. An attacker could
execute arbitrary code. The affected version was not specified.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/109194
17.
Vulnerability in Joomla (109182)
[28/12/2015]
Vulnerability was identified in the Joomla Jomestate component. An attacker
could perform code injection attack. This vulnerability affects version 1.0 of
the mentioned product.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/109182
18.
Vulnerabilities in Grawlix (109168, 109169, 109170)
[28/12/2015]
Vulnerabilities were identified in the Grawlix. An attacker could execute
arbitrary code, perform cross-site scripting attack and web cache poisoning.
These vulnerabilities affect version 1.0.3 of the mentioned
product.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/109168URL:exchange.xforce.ibmcloud.com/vulnerabilities/109169URL:exchange.xforce.ibmcloud.com/vulnerabilities/109170
19.
Vulnerabilities in CouchCMS (109203, 109204, 109205)
[28/12/2015]
Vulnerabilities were identified in the CouchCMS. An attacker could perform
cross-site scripting and phishing attacks and execute arbitrary code. These
vulnerabilities affect version 1.4.5 of the mentioned product. Security patches
are available to resolve these vulnerabilities.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/109203URL:exchange.xforce.ibmcloud.com/vulnerabilities/109204URL:exchange.xforce.ibmcloud.com/vulnerabilities/109205
20.
Vulnerability in NPPFtp Plugin for Notepad++ (109208)
[28/12/2015]
Vulnerability was identified in the NPPFtp Plugin for Notepad++. An attacker
could cause a buffer overflow, execute arbitrary code and crash the application.
This vulnerability affects version 0.26.3 of the mentioned
product.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/109208
21.
Security Updates in SUSE (openSUSE-SU-2015:2354-1, openSUSE-SU-2015:2356-1,
SUSE-SU-2015:2359-1, openSUSE-SU-2015:2364-1, openSUSE-SU-2015:2365-1,
openSUSE-SU-2015:2375-1)
[28/12/2015] SUSE
has released security update packages for fixing the vulnerabilities identified
in the ldb, samba, talloc, tdb, tevent and bind packages for openSUSE Leap 42.1,
openSUSE 13.1 and 13.2, and SUSE Linux Enterprise 12. Due to multiple errors, an
attacker could bypass security restrictions, obtain sensitive information, gain
elevated privileges, execute arbitrary code, cause a denial of service condition
and compromise the system.
URL:lists.opensuse.org/opensuse-security-announce/2015-12/msg00032.htmlURL:lists.opensuse.org/opensuse-security-announce/2015-12/msg00033.htmlURL:lists.opensuse.org/opensuse-security-announce/2015-12/msg00034.htmlURL:lists.opensuse.org/opensuse-security-announce/2015-12/msg00035.htmlURL:lists.opensuse.org/opensuse-security-announce/2015-12/msg00036.htmlURL:lists.opensuse.org/opensuse-security-announce/2015-12/msg00037.html
No comments:
Post a Comment