1. Vulnerabilities in Apple TV
(HT205795)
[26/02/2016]
Vulnerabilities were identified in the Apple TV
. An attacker could bypass security restrictions, obtain sensitive information,
gain elevated privileges, execute arbitrary code, cause a denial of service
condition and compromise the system. These vulnerabilities affect versions prior
to 7.2.1 of the mentioned product. Security patches are available to resolve
these
vulnerabilities.
URL:support.apple.com/en-us/HT205795
URL:www.hkcert.org/my_url/en/alert/16022601
URL:www.us-cert.gov/ncas/current-activity/2016/02/25/Apple-Releases-Security-Update-Apple-TV
2. Vulnerability in Cisco FirePOWER Management Center
(cisco-sa-20160224-fmc)
[26/02/2016] Vulnerability was identified in the Cisco FirePOWER
Management Center. An attacker could bypass security restrictions and obtain
sensitive information. This vulnerability affects multiple firmware versions of
the mentioned product. Security patches are available to resolve this
vulnerability.
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160224-fmc
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110999
3. Vulnerability ManageEngine Firewall Analyzer
(111009)
[26/02/2016]
Vulnerability was identified in the ManageEngine
Firewall Analyzer. An attacker could bypass security restrictions, execute
arbitrary code and perform cross-site scripting attacks. This vulnerability
affects versions prior to 12.0 of the mentioned product. Security patches are
available to resolve this
vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111009
4. Vulnerabilities in Drupal core
(SA-CORE-2016-001)
[26/02/2016] Vulnerabilities were identified in the Drupal core. An
attacker could bypass security restrictions, obtain sensitive information, gain
elevated privileges, execute arbitrary code and compromise the system. These
vulnerabilities affect multiple versions of the mentioned product. Security
patches are available to resolve these
vulnerabilities.
URL:www.drupal.org/SA-CORE-2016-001
URL:www.us-cert.gov/ncas/current-activity/2016/02/24/Drupal-Releases-Security-Updates
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111018
5. Vulnerabilities in libxml2 (111012,
111013)
[26/02/2016]
Vulnerabilities were identified in the libxml2.
An attacker could bypass security restrictions, execute arbitrary code, cause a
denial of service condition and crash the system. These vulnerabilities affect
version 2.9.3 of the mentioned
product.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111012
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111013
6. Vulnerability in Squid
(111004)
[26/02/2016]
Vulnerability was identified in the Squid. An
attacker could bypass security restrictions, execute arbitrary code, cause a
denial of service condition and crash the system. This vulnerability affects
multiple versions of the mentioned product. Security patches are available to
resolve this
vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/111004
7. Security Updates in Debian (DSA-3491-1, DSA-3492-1,
DSA-3493-1)
[26/02/2016] Debian has
released security update packages for fixing the vulnerabilities identified in
the icedove, gajim and xerces-c packages for multiple versions of Debian
GNU/Linux. Due to multiple errors, an attacker could bypass security
restrictions, obtain sensitive information, gain elevated privileges, execute
arbitrary code, cause a denial of service condition and compromise the
system.
URL:www.debian.org/security/2016/dsa-3491
URL:www.debian.org/security/2016/dsa-3492
URL:www.debian.org/security/2016/dsa-3493
8. Security Updates in Gentoo Linux (GLSA
201602-02)
[26/02/2016]
Gentoo has released security update packages for
fixing the vulnerabilities identified in the glibc packages for multiple
versions of Gentoo Linux. An attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and crash the
system.
URL:security.gentoo.org/glsa/201602-02
9. Security Updates in SUSE (openSUSE-SU-2016:0578-1,
SUSE-SU-2016:0585-1)
[26/02/2016] SUSE has
released security update packages for fixing the vulnerabilities identified in
the postgresql94 and Linux Kernel packages of openSUSE Leap 42.1 and SUSE Linux
Enterprise 11 and 12. Due to multiple errors, an attacker could bypass security
restrictions, obtain sensitive information, gain elevated privileges, execute
arbitrary code, cause a denial of service condition and compromise the
system.
URL:lists.opensuse.org/opensuse-security-announce/2016-02/msg00056.html
URL:lists.opensuse.org/opensuse-security-announce/2016-02/msg00057.html
10.
Information Updates on Microsoft Security
Bulletin (3136082)
[25/02/2016] Microsoft
has updated information on the Security Bulletin for Microsoft Windows.
KB3136082 corrected the Updates Replaced for Windows Server 2012 and Windows
Server 2012 R2 to 3124001 in
MS16-005.
URL:technet.microsoft.com/en-us/library/security/MS16-018
11.
Vulnerability in Cisco ACE 4710
Application Control Engine (cisco-sa-20160224-ace)
[25/02/2016] Vulnerability was identified in the Cisco ACE 4710
Application Control Engine. An attacker could bypass security restrictions, gain
elevated privileges, execute arbitrary code and compromise the system. This
vulnerability affects multiple firmware versions of the mentioned product.
Security patches are available to resolve this
vulnerability.
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160224-ace
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110989
12.
Vulnerabilities in F5 Products
(sol13304944, sol05428062, sol19157044)
[25/02/2016] Vulnerabilities were identified in the F5 BIG-IP LTM, BIG-IP
AAM, BIG-IP AFM, BIG-IP Analytics, BIG-IP APM, BIG-IP ASM, BIG-IP DNS, BIG-IP
Edge Gateway, BIG-IP GTM, BIG-IP Link Controller, BIG-IP PEM, BIG-IP PSM, BIG-IP
WebAccelerator, BIG-IP WOM, ARX, Enterprise Manager, BIG-IQ Cloud, BIG-IQ
Device, BIG-IQ Security, BIG-IQ ADC, BIG-IQ Centralized Management, BIG-IQ Cloud
and Orchestration, LineRate and Traffix SDC. An attacker could bypass security
restrictions, obtain sensitive information, gain elevated privileges, execute
arbitrary code, cause a denial of service condition and crash the system. These
vulnerabilities affect multiple versions of the mentioned products. Security
patches are available to resolve these
vulnerabilities.
URL:support.f5.com/kb/en-us/solutions/public/k/13/sol13304944.html
URL:support.f5.com/kb/en-us/solutions/public/k/05/sol05428062.html
URL:support.f5.com/kb/en-us/solutions/public/k/19/sol19157044.html
13.
Vulnerability in Wireless keyboard/mouse
devices (VU#981271)
[25/02/2016] Vulnerability was identified in the Wireless keyboard and
mouse devices from multiple vendors use proprietary wireless protocols. An
attacker could bypass security restrictions and obtain sensitive information.
This vulnerability affects multiple firmware versions of the mentioned products.
Security patches are available to resolve this vulnerability for Logitech's
devices.
URL:www.kb.cert.org/vuls/id/981271
14. Vulnerabilities in TYPO3 (TYPO3-CORE-SA-2016-005,
TYPO3-CORE-SA-2016-006, TYPO3-CORE-SA-2016-007)
[25/02/2016] Vulnerabilities were identified in the TYPO3. An attacker
could bypass security restrictions, obtain sensitive information, execute
arbitrary code and perform cross-site scripting attacks. These vulnerabilities
affect multiple versions of the mentioned product. Security patches are
available to resolve these
vulnerabilities.
URL:typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-005/
URL:typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-006/
URL:typo3.org/teams/security/security-bulletins/typo3-core/typo3-core-sa-2016-007/
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110920
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110921
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110922
15.
Vulnerability in Extra User Details
plugin for WordPress (110992)
[25/02/2016] Vulnerability was identified in the Extra User Details plugin
for WordPress. An attacker could bypass security restrictions and gain elevated
privileges. This vulnerability affects versions prior to 0.4.2.1 of the
mentioned product. Security patches are available to resolve this
vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110992
16.
Security Updates in Oracle Linux
(ELSA-2016-3521)
[25/02/2016] Oracle has
released security update packages for fixing the vulnerability identified in the
openssh packages for Oracle Linux 5. An attacker could bypass security
restrictions, execute arbitrary code, cause a denial of service condition and
crash the
system.
URL:linux.oracle.com/errata/ELSA-2016-3521.html
17.
Security Updates in Debian (DSA-3489-1,
DSA-3490-1)
[25/02/2016] Debian has
released security update packages for fixing the vulnerabilities identified in
the lighttpd and websvn packages for multiple versions of Debian GNU/Linux. Due
to multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, execute arbitrary code and perform cross-site scripting
attacks.
URL:www.debian.org/security/2016/dsa-3489
URL:www.debian.org/security/2016/dsa-3490
18.
Security Updates in Mageia
(MGASA-2016-0063, MGASA-2016-0064, MGASA-2016-0065, MGASA-2016-0066,
MGASA-2016-0067, MGASA-2016-0068, MGASA-2016-0069, MGASA-2016-0070,
MGASA-2016-0071, MGASA-2016-0072, MGASA-2016-0073, MGASA-2016-0074,
MGASA-2016-0075, MGASA-2016-0076, MGASA-2016-0077, MGASA-2016-0078,
MGASA-2016-0079, MGASA-2016-0080, MGASA-2016-0081,
MGASA-2016-0082)
[25/02/2016] Mageia has
released security update packages for fixing the vulnerabilities identified in
the cpio, libxmp, nginx, python-pillow, claws-mail, cacti, gtk+2.0, eom, thunar,
libgcrypt, pinpoint, eog, gambas3, gnome-photos, firefox, firefox-l10n,
graphite2, thunderbird, thunderbird-l10n, glibc, nodejs, 389-ds-base and libssh
packages for multiple versions of Mageia. Due to multiple errors, an attacker
could bypass security restrictions, obtain sensitive information, gain elevated
privileges, execute arbitrary code, cause a denial of service condition and
compromise the
system.
URL:advisories.mageia.org/MGASA-2016-0063.html
URL:advisories.mageia.org/MGASA-2016-0064.html
URL:advisories.mageia.org/MGASA-2016-0065.html
URL:advisories.mageia.org/MGASA-2016-0066.html
URL:advisories.mageia.org/MGASA-2016-0067.html
URL:advisories.mageia.org/MGASA-2016-0068.html
URL:advisories.mageia.org/MGASA-2016-0069.html
URL:advisories.mageia.org/MGASA-2016-0070.html
URL:advisories.mageia.org/MGASA-2016-0071.html
URL:advisories.mageia.org/MGASA-2016-0072.html
URL:advisories.mageia.org/MGASA-2016-0073.html
URL:advisories.mageia.org/MGASA-2016-0074.html
URL:advisories.mageia.org/MGASA-2016-0075.html
URL:advisories.mageia.org/MGASA-2016-0076.html
URL:advisories.mageia.org/MGASA-2016-0077.html
URL:advisories.mageia.org/MGASA-2016-0078.html
URL:advisories.mageia.org/MGASA-2016-0079.html
URL:advisories.mageia.org/MGASA-2016-0080.html
URL:advisories.mageia.org/MGASA-2016-0081.html
URL:advisories.mageia.org/MGASA-2016-0082.html
19. Security Updates in
Red Hat Enterprise Linux (RHSA-2016:0296-1)
[25/02/2016] Red Hat
has released security update packages for fixing the vulnerability identified in
the rh-ror41-rubygem-actionpack, rh-ror41-rubygem-actionview,
rh-ror41-rubygem-activemodel and rh-ror41-rubygem-activerecord packages for Red
Hat Software Collections for Red Hat Enterprise Linux 6 and 7. Due to multiple
errors, an attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges, execute arbitrary code, cause a denial of
service condition and compromise the
system.
URL:rhn.redhat.com/errata/RHSA-2016-0296.html
20.
Security Updates in SUSE
(SUSE-SU-2016:0554-1, SUSE-SU-2016:0555-1,
SUSE-SU-2016:0564-1)
[25/02/2016] SUSE has
released security update packages for fixing the vulnerabilities identified in
the MozillaFirefox and postgresql94 packages of SUSE Linux Enterprise 11 and 12.
Due to multiple errors, an attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and compromise the
system.
URL:lists.opensuse.org/opensuse-security-announce/2016-02/msg00053.html
URL:lists.opensuse.org/opensuse-security-announce/2016-02/msg00054.html
URL:lists.opensuse.org/opensuse-security-announce/2016-02/msg00055.html
21.
Security Updates in Ubuntu GNU/Linux
(USN-2913-1, USN-2913-2, USN-2913-3, USN-2913-4)
[25/02/2016] Ubuntu has released security update packages for fixing the
vulnerabilities identified in the ca-certificates, glib-networking, openssl and
gnutls26 packages for versions 12.04 LTS, 14.04 LTS and 15.10. Due to multiple
errors, an attacker could bypass security restrictions, obtain sensitive
information, gain elevated privileges, execute arbitrary code, cause a denial of
service condition and compromise the
system.
URL:www.ubuntu.com/usn/usn-2913-1/
URL:www.ubuntu.com/usn/usn-2913-2/
URL:www.ubuntu.com/usn/usn-2913-3/
URL:www.ubuntu.com/usn/usn-2913-4/
22.
Vulnerability in Microsoft Enhanced
Mitigation Experience Toolkit
[24/02/2016] Vulnerability was identified in the Microsoft Enhanced
Mitigation Experience Toolkit (EMET). An attacker could bypass or disable EMET
to take control of an affected system. This vulnerability affects versions prior
to 5.5 of the mentioned product. Security patches are available to resolve this
vulnerability.
URL:www.us-cert.gov/ncas/current-activity/2016/02/23/Microsoft-Releases-Update-EMET
23.
Vulnerability in Cisco Nexus 2000 Series
Fabric Extender (cisco-sa-20160223-nx2000)
[24/02/2016] Vulnerability was identified in the Cisco Nexus 2000 Series
Fabric Extender. An attacker could gain elevated privileges. The affected
version was not
specified.
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160223-nx2000
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110912
24.
Vulnerability in Linux
Kernel
[24/02/2016]
Vulnerability was identified in the Linux
Kernel. An attacker could cause a denial of service condition and execute
arbitrary code. This vulnerability affects multiple versions of the mentioned
product. Security patches are available to resolve this
vulnerability.
URL:www.hkcert.org/my_url/en/alert/16022401
25.
Security Updates in Slackware
(SSA:2016-054-01, SSA:2016-054-02, SSA:2016-054-03,
SSA:2016-054-04)
[24/02/2016] Slackware
has released security update packages for fixing the vulnerabilities identified
in the bind, glibc, libgcrypt and ntp packages for multiple versions of
Slackware Linux. Due to multiple errors, an attacker could cause a denial of
service condition, cause a stack-based buffer overflow, obtain sensitive
information and conduct impersonation
attacks.
URL:www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.520528
URL:www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.569827
URL:www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.519149
URL:www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.546478
26.
Security Updates in Debian (DSA-3487-1,
DSA-3488-1)
[24/02/2016] Debian has
released security update packages for fixing the vulnerabilities identified in
the libssh2 and libssh packages for multiple versions of Debian GNU/Linux. Due
to multiple errors, an attacker could obtain sensitive
information.
URL:www.debian.org/security/2016/dsa-3487
URL:www.debian.org/security/2016/dsa-3488
27.
Security Updates in Red Hat Enterprise
Linux (RHSA-2016:0286-1)
[24/02/2016] Red Hat
has released security update packages for fixing the vulnerability identified in
the chromium-browser packages for Red Hat Enterprise Linux 6. An attacker could
execute arbitrary code, crash the system and obtain sensitive
information.
URL:rhn.redhat.com/errata/RHSA-2016-0286.html
28.
Security Updates in Ubuntu GNU/Linux
(USN-2903-2, USN-2905-1, USN-2912-1)
[24/02/2016] Ubuntu has
released security update packages for fixing the vulnerabilities identified in
the nss, oxide-qt and libssh packages for versions 12.04 LTS, 14.04 LTS and
15.10. Due to multiple errors, an attacker could bypass security restrictions,
obtain sensitive information, cause a denial of service condition and crash the
system.
URL:www.ubuntu.com/usn/usn-2903-2/
URL:www.ubuntu.com/usn/usn-2905-1/
URL:www.ubuntu.com/usn/usn-2912-1/
29.
Vulnerabilities in Apache
Tomcat
[23/02/2016]
Vulnerabilities were identified in the Apache
Tomcat. An attacker could bypass security restrictions, obtain sensitive
information, execute arbitrary code, cause a denial of service condition and
compromise the system. These vulnerabilities affect multiple versions of the
mentioned product. Security patches are available to resolve these
vulnerabilities.
URL:tomcat.apache.org/security-6.html
URL:tomcat.apache.org/security-7.html
URL:tomcat.apache.org/security-8.html
URL:tomcat.apache.org/security-9.html
URL:www.hkcert.org/my_url/en/alert/16022301
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110854
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110855
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110856
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110857
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110858
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110859
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110860
30.
Vulnerabilities in BlackBerry Enterprise
Service (BSRT-2016-001)
[23/02/2016] Vulnerabilities were identified in the BlackBerry Enterprise
Service. An attacker could bypass security restrictions, obtain sensitive
information, execute arbitrary code, perform code injection and cross-site
scripting attacks. These vulnerabilities affect versions prior to BES12 version
12.4 of the mentioned product. Security patches are available to resolve these
vulnerabilities.
URL:support.blackberry.com/kb/articleDetail?articleNumber=000038033
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110861
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110862
31.
Vulnerability in Avast! Antivirus
(110863)
[23/02/2016]
Vulnerability was identified in the Avast!
Antivirus. An attacker could bypass security restrictions, gain elevated
privileges, execute arbitrary code and compromise the system. This vulnerability
affect versions prior to 11.1.2253 of the mentioned product. Security patches
are available to resolve this
vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110863
32.
Vulnerabilities in F5 Products
(sol01324833, sol05046514, sol06288381, sol21230183, sol32790144, sol71245322,
sol74363721)
[23/02/2016] Vulnerabilities were identified in the F5 BIG-IP LTM, BIG-IP
AAM, BIG-IP AFM, BIG-IP Analytics, BIG-IP APM, BIG-IP ASM, BIG-IP DNS, BIG-IP
Edge Gateway, BIG-IP GTM, BIG-IP Link Controller, BIG-IP PEM, BIG-IP PSM, BIG-IP
WebAccelerator, BIG-IP WOM, ARX, Enterprise Manager, FirePass, BIG-IQ Cloud,
BIG-IQ Device, BIG-IQ Security, BIG-IQ ADC, BIG-IQ Centralized Management,
BIG-IQ Cloud and Orchestration, LineRate and Traffix SDC. An attacker could
bypass security restrictions, obtain sensitive information, gain elevated
privileges, execute arbitrary code, cause a denial of service condition and
crash the system. These vulnerabilities affect multiple versions of the
mentioned products. Security patches are available to resolve these
vulnerabilities.
URL:support.f5.com/kb/en-us/solutions/public/k/01/sol01324833.html
URL:support.f5.com/kb/en-us/solutions/public/k/05/sol05046514.html
URL:support.f5.com/kb/en-us/solutions/public/k/06/sol06288381.html
URL:support.f5.com/kb/en-us/solutions/public/k/21/sol21230183.html
URL:support.f5.com/kb/en-us/solutions/public/k/32/sol32790144.html
URL:support.f5.com/kb/en-us/solutions/public/k/71/sol71245322.html
URL:support.f5.com/kb/en-us/solutions/public/k/74/sol74363721.html
33.
Vulnerability in LINE
(110851)
[23/02/2016]
Vulnerability was identified in the LINE for
Windows and LINE for Mac OS. An attacker could bypass security restrictions,
execute arbitrary code, cause a denial of service condition and crash the
system. This vulnerability affect multiple versions of the mentioned product.
Security patches are available to resolve this
vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110851
34.
Security Updates in Debian (DSA-3479-1,
DSA-3486-1)
[23/02/2016] Debian has
released security update packages for fixing the vulnerabilities identified in
the graphite2 and chromium-browser packages for multiple versions of Debian
GNU/Linux. Due to multiple errors, an attacker could bypass security
restrictions, obtain sensitive information, execute arbitrary code, cause a
denial of service condition and compromise the
system.
URL:www.debian.org/security/2016/dsa-3479
URL:www.debian.org/security/2016/dsa-3486
35.
Security Updates in SUSE
(openSUSE-SU-2016:0537-1, SUSE-SU-2016:0539-1)
[23/02/2016] SUSE has
released security update packages for fixing the vulnerabilities identified in
the kernel and postgresql93 packages of openSUSE 13.2 and SUSE Linux Enterprise
12. Due to multiple errors, an attacker could bypass security restrictions,
obtain sensitive information, gain elevated privileges, execute arbitrary code,
cause a denial of service condition and compromise the
system.
URL:lists.opensuse.org/opensuse-security-announce/2016-02/msg00051.html
URL:lists.opensuse.org/opensuse-security-announce/2016-02/msg00052.html
36.
Security Updates in Ubuntu GNU/Linux
(USN-2906-1, USN-2907-1, USN-2907-2, USN-2908-1, USN-2908-2, USN-2908-3,
USN-2909-1, USN-2910-1, USN-2911-1, USN-2911-2)
[23/02/2016] Ubuntu has released security update packages for fixing the
vulnerabilities identified in the cpio, linux, linux-lts-trusty, linux-lts-wily,
linux-raspi2, linux-lts-utopic, linux-lts-vivid and linux-ti-omap4 packages for
versions 12.04 LTS, 14.04 LTS and 15.10. Due to multiple errors, an attacker
could bypass security restrictions, obtain sensitive information, gain elevated
privileges, execute arbitrary code, cause a denial of service condition and
compromise the
system.
URL:www.ubuntu.com/usn/usn-2906-1/
URL:www.ubuntu.com/usn/usn-2907-1/
URL:www.ubuntu.com/usn/usn-2907-2/
URL:www.ubuntu.com/usn/usn-2908-1/
URL:www.ubuntu.com/usn/usn-2908-2/
URL:www.ubuntu.com/usn/usn-2908-3/
URL:www.ubuntu.com/usn/usn-2909-1/
URL:www.ubuntu.com/usn/usn-2910-1/
URL:www.ubuntu.com/usn/usn-2911-1/
URL:www.ubuntu.com/usn/usn-2911-2/
37.
Vulnerability in Cisco ASR 5000 Series
devices (cisco-sa-20160218-asr)
[22/02/2016] Vulnerability was identified in the Cisco ASR 5000 Series
devices. An attacker could bypass security restrictions and gain elevated
privileges. This vulnerability affect versions prior to 19.3.M0.62771 and prior
to 20.0.M0.62768 of the mentioned product running StarOS. Security patches are
available to resolve this
vulnerability.
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160218-asr
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110803
38.
Vulnerabilities in Novell Identity
Manager (5233670, 5233690)
[22/02/2016] Vulnerabilities were identified in the Novell Identity
Manager. An attacker could bypass security restrictions and compromise the
system. These vulnerabilities affect multiple versions of the mentioned product.
Security patches are available to resolve these
vulnerabilities.
URL:download.novell.com/Download?buildid=E9m024HXLHw~
URL:download.novell.com/Download?buildid=RYH_EkORvU4~
39.
Vulnerabilities in F5 Products
(sol11785283, sol40131068, sol50413110, sol59503294, sol62655427,
sol75253136)
[22/02/2016] Vulnerabilities were identified in the F5 BIG-IP LTM, BIG-IP
AAM, BIG-IP AFM, BIG-IP Analytics, BIG-IP APM, BIG-IP ASM, BIG-IP DNS, BIG-IP
Edge Gateway, BIG-IP GTM, BIG-IP Link Controller, BIG-IP PEM, BIG-IP PSM, BIG-IP
WebAccelerator, BIG-IP WOM, ARX, Enterprise Manager, BIG-IQ Cloud, BIG-IQ
Device, BIG-IQ Security, BIG-IQ ADC, BIG-IQ Centralized Management, BIG-IQ Cloud
and Orchestration. An attacker could bypass security restrictions, obtain
sensitive information, gain elevated privileges, execute arbitrary code, cause a
denial of service condition and crash the system. These vulnerabilities affect
multiple versions of the mentioned products. Security patches are available to
resolve these
vulnerabilities.
URL:support.f5.com/kb/en-us/solutions/public/k/11/sol11785283.html
URL:support.f5.com/kb/en-us/solutions/public/k/40/sol40131068.html
URL:support.f5.com/kb/en-us/solutions/public/k/50/sol50413110.html
URL:support.f5.com/kb/en-us/solutions/public/k/59/sol59503294.html
URL:support.f5.com/kb/en-us/solutions/public/k/62/sol62655427.html
URL:support.f5.com/kb/en-us/solutions/public/k/75/sol75253136.html
40.
Vulnerability in SAP 3D Visual Enterprise
Viewer (110808)
[22/02/2016] Vulnerability was identified in the SAP 3D Visual Enterprise
Viewer. An attacker could bypass security restrictions, execute arbitrary code,
cause a denial of service condition and crash the system. The affected version
was not
specified.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110808
41.
Security Updates in Debian (DSA-3483-1,
DSA-3484-1, DSA-3485-1)
[22/02/2016] Debian has
released security update packages for fixing the vulnerabilities identified in
the cpio, xdelta3 and didiwiki packages for multiple versions of Debian
GNU/Linux. Due to multiple errors, an attacker could bypass security
restrictions, obtain sensitive information, execute arbitrary code, cause a
denial of service condition and crash the
system.
URL:www.debian.org/security/2016/dsa-3483
URL:www.debian.org/security/2016/dsa-3484
URL:www.debian.org/security/2016/dsa-3485
42.
Security Updates in Red Hat Enterprise
Linux (RHSA-2016:0277-1)
[22/02/2016] Red Hat
has released security update packages for fixing the vulnerability identified in
the rhev-hypervisor packages for Red Hat Enterprise Virtualization 3. An
attacker could bypass security restrictions, execute arbitrary code, cause a
denial of service condition and crash the
system.
URL:rhn.redhat.com/errata/RHSA-2016-0277.html
43.
Security Updates in SUSE
(openSUSE-SU-2016:0511-1, openSUSE-SU-2016:0512-1, openSUSE-SU-2016:0520-1,
openSUSE-SU-2016:0521-1, openSUSE-SU-2016:0525-1, openSUSE-SU-2016:0529-1,
openSUSE-SU-2016:0531-1, openSUSE-SU-2016:0536-1)
[22/02/2016] SUSE has released security update packages for fixing the
vulnerabilities identified in the glibc, chromium, obs-service-download_files,
obs-service-extract_file, obs-service-recompress, obs-service-source_validator,
obs-service-verify_file, postgresql93 and qemu packages of openSUSE Evergreen
11.4, openSUSE 13.1, 13.2 and Leap 42.1, and SUSE Package Hub for SUSE Linux
Enterprise 12. Due to multiple errors, an attacker could bypass security
restrictions, obtain sensitive information, gain elevated privileges, execute
arbitrary code, cause a denial of service condition and compromise the
system.
URL:lists.opensuse.org/opensuse-security-announce/2016-02/msg00043.html
URL:lists.opensuse.org/opensuse-security-announce/2016-02/msg00044.html
URL:lists.opensuse.org/opensuse-security-announce/2016-02/msg00045.html
URL:lists.opensuse.org/opensuse-security-announce/2016-02/msg00046.html
URL:lists.opensuse.org/opensuse-security-announce/2016-02/msg00047.html
URL:lists.opensuse.org/opensuse-security-announce/2016-02/msg00048.html
URL:lists.opensuse.org/opensuse-security-announce/2016-02/msg00049.html
URL:lists.opensuse.org/opensuse-security-announce/2016-02/msg00050.html
Sunday, February 28, 2016
Tuesday, February 23, 2016
IT Security Alerts Weekly Digest (14 Feb ~ 20 Feb 2016)
1. Vulnerability
in Adobe Flash Player (110714)
[19/02/2016] Vulnerability was identified in the Adobe Flash Player. An attacker could bypass security restrictions and execute arbitrary code on the system. The affected version was not specified.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110714
2. Vulnerability in Cisco ASA (110718)
[19/02/2016] Vulnerability was identified in the Cisco ASA. An attacker could bypass security restrictions, execute arbitrary code and perform cross-site scripting attacks. The affected version was not specified.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110718
3. Vulnerabilities in Symantec Encryption Management Server (SYM16-002)
[19/02/2016] Vulnerabilities were identified in the Symantec Encryption Management Server. An attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, cause a denial of service condition and compromise the system. These vulnerabilities affect versions prior to 3.3.2 MP12 of the mentioned product. Security patches are available to resolve these vulnerabilities.
URL:www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2016&suid=20160218_00
4. Vulnerabilities in Google Chrome
[19/02/2016] Vulnerabilities were identified in the Google Chrome. An attacker could bypass security restrictions and execute arbitrary code. These vulnerabilities affect versions prior to 48.0.2564.116 of the mentioned product. Security patches are available to resolve these vulnerabilities.
URL:googlechromereleases.blogspot.hk/
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110753
5. Vulnerability in B+B SmartWorx VESP211 serial servers (ICSA-16-049-01)
[19/02/2016] Vulnerability was identified in the B+B SmartWorx VESP211 serial servers. An attacker could bypass security restrictions, obtain sensitive information and compromise the system. This vulnerability affects multiple firmware versions of the mentioned product.
URL:ics-cert.us-cert.gov/advisories/ICSA-16-049-01
6. Vulnerabilities in AMX Products (ICSA-16-049-02)
[19/02/2016] Vulnerabilities were identified in the multiple AMX Multiple Products. An attacker could bypass security restrictions, obtain sensitive information and compromise the system. These vulnerabilities affect multiple firmware versions of the mentioned products. Security patches are available to resolve these vulnerabilities.
URL:ics-cert.us-cert.gov/advisories/ICSA-16-049-02
7. Vulnerability in LibreOffice
[19/02/2016] Vulnerability was identified in the LibreOffice. An attacker could bypass security restrictions, execute arbitrary code, cause a denial of service condition and crash the system. This vulnerability affect versions 5.1.0 and prior of the mentioned product.
URL:www.hkcert.org/my_url/en/alert/16021801
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110712
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110713
8. Security Updates in Oracle Linux (ELSA-2016-0258, ELSA-2016-3519)
[19/02/2016] Oracle has released security update packages for fixing the vulnerabilities identified in the thunderbird and kernel packages for Oracle Linux 5, 6 and 7. Due to multiple errors, an attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, cause a denial of service condition and crash the system.
URL:linux.oracle.com/errata/ELSA-2016-0258.html
URL:linux.oracle.com/errata/ELSA-2016-3519.html
9. Security Updates in Debian (DSA-3482-1)
[19/02/2016] Debian has released security update packages for fixing the vulnerabilities identified in the libreoffice packages for multiple versions of Debian GNU/Linux. Due to multiple errors, an attacker could bypass security restrictions, execute arbitrary code, cause a denial of service condition and crash the system.
URL:www.debian.org/security/2016/dsa-3482
10. Security Updates in Red Hat Enterprise Linux (RHSA-2016:0258-1)
[19/02/2016] Red Hat has released security update packages for fixing the vulnerabilities identified in the thunderbird packages for Red Hat Enterprise Linux 6. Due to multiple errors, an attacker could bypass security restrictions, gain elevated privileges, execute arbitrary code, cause a denial of service condition and crash the system.
URL:rhn.redhat.com/errata/RHSA-2016-0258.html
11. Security Updates in SUSE (openSUSE-SU-2016:0510-1)
[19/02/2016] SUSE has released security update packages for fixing the vulnerabilities identified in the glibc package of openSUSE 13.2. Due to multiple errors, an attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, cause a denial of service condition and crash the system.
URL:lists.opensuse.org/opensuse-security-announce/2016-02/msg00042.html
12. Security Updates in Ubuntu GNU/Linux (USN-2895-1, USN-2903-1)
[19/02/2016] Ubuntu has released security update packages for fixing the vulnerabilities identified in the oxide-qt and nss packages for versions 12.04 LTS, 14.04 LTS and 15.10. Due to multiple errors, an attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, cause a denial of service condition and compromise the system.
URL:www.ubuntu.com/usn/usn-2895-1/
URL:www.ubuntu.com/usn/usn-2903-1/
13. Vulnerabilities in ManageEngine OpUtils (110677, 110678, 110679, 110680)
[18/02/2016] Vulnerabilities were identified in the ManageEngine OpUtils. An attacker could gain elevated privileges, bypass security restrictions, perform cross-site scripting and web cache poisoning attacks. These vulnerabilities affects version 8.0 of the mentioned product. Security patches are available to resolve these vulnerabilities.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110677
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110678
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110679
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110680
14. Vulnerability in NTP (110676)
[18/02/2016] Vulnerability was identified in the NTP. An attacker could cause a denial of service condition. This vulnerability affect versions 4.2.6p5 and prior of the mentioned product.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110676
15. Security Updates in Red Hat Enterprise Linux (RHSA-2016:0241-1)
[18/02/2016] Red Hat has released security update packages for fixing the vulnerabilities identified in the chromium-browser packages for Red Hat Enterprise Linux 6. Due to multiple errors, an attacker could crash the application, execute arbitrary code and obtain sensitive information.
URL:rhn.redhat.com/errata/RHSA-2016-0241.html
16. Security Updates in SUSE (openSUSE-SU-2016:0490-1)
[18/02/2016] SUSE has released security update packages for fixing the vulnerabilities identified in the glibc packages of openSUSE Leap 42.1. An attacker could execute arbitrary code, bypass security restrictions, obtain sensitive information, cause a denial of service condition and crash the system.
URL:lists.opensuse.org/opensuse-security-announce/2016-02/msg00041.html
17. Security Updates in Ubuntu GNU/Linux (USN-2901-1, USN-2902-1, USN-2903-1)
[18/02/2016] Ubuntu has released security update packages for fixing the vulnerabilities identified in the xdelta3, graphite2 and nss packages for versions 12.04 LTS, 14.04 LTS and 15.10. Due to multiple errors, an attacker could execute arbitrary code, ause a denial of service condition, crash the system and obtain sensitive information.
URL:www.ubuntu.com/usn/usn-2901-1/
URL:www.ubuntu.com/usn/usn-2902-1/
URL:www.ubuntu.com/usn/usn-2903-1/
18. Vulnerabilities in Cisco Products (cisco-sa-20160216-grid, cisco-sa-20160216-wap)
[17/02/2016] Vulnerabilities were identified in the Cisco 1000 Series Connected Grid Routers and Cisco Small Business 500 Series Wireless Access Point devices. An attacker could bypass security restrictions, execute arbitrary code, cause a denial of service condition and crash the system. These vulnerabilities affects multiple versions of the mentioned products. Security patches are available to resolve these vulnerabilities.
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160216-grid
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160216-wap
19. Vulnerability in Hirschmann "Classic Platform" switches (VU#507216)
[17/02/2016] Vulnerability was identified in the Hirschmann "Classic Platform" switches. An attacker could bypass security restrictions, obtain sensitive information and compromise the system. This vulnerability affects versions L2E 09.0.05, L2P 09.0.05, L3E 09.0.05 and L3P 09.0.05, of the mentioned product.
URL:www.kb.cert.org/vuls/id/507216
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110668
20. Vulnerability in GNU C Library (110662)
[17/02/2016] Vulnerability was identified in the GNU C Library (glibc). An attacker could bypass security restrictions, execute arbitrary code, cause a denial of service condition and crash the system. This vulnerability affect version 2.21 of the mentioned product. Security patches are available to resolve this vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110662
21. Vulnerability in Squid (110669)
[17/02/2016] Vulnerability was identified in the Squid. An attacker could bypass security restrictions, cause a denial of service condition and crash the system. This vulnerability affect version 3.5.13 of the mentioned product. Security patches are available to resolve this vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110669
22. Security Updates in Oracle Linux (ELSA-2016-0175, ELSA-2016-0176, ELSA-2016-0185, ELSA-2016-0188, ELSA-2016-0189, ELSA-2016-0197, ELSA-2016-0204, ELSA-2016-3515, ELSA-2016-3516)
[17/02/2016] Oracle has released security update packages for fixing the vulnerabilities identified in the glibc, kernel, sos, polkit, firefox and 389-ds-base packages for Oracle Linux 5, 6 and 7. Due to multiple errors, an attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, cause a denial of service condition and compromise the system.
URL:linux.oracle.com/errata/ELSA-2016-0175.html
URL:linux.oracle.com/errata/ELSA-2016-0176.html
URL:linux.oracle.com/errata/ELSA-2016-0185.html
URL:linux.oracle.com/errata/ELSA-2016-0188.html
URL:linux.oracle.com/errata/ELSA-2016-0189.html
URL:linux.oracle.com/errata/ELSA-2016-0197.html
URL:linux.oracle.com/errata/ELSA-2016-0204.html
URL:linux.oracle.com/errata/ELSA-2016-3515.html
URL:linux.oracle.com/errata/ELSA-2016-3516.html
23. Security Updates in Debian (DSA-3478-1, DSA-3480-1, DSA-3481-1)
[17/02/2016] Debian has released security update packages for fixing the vulnerabilities identified in the libgcrypt11, eglibc and glibc packages for multiple versions of Debian GNU/Linux. Due to multiple errors, an attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, cause a denial of service condition and compromise the system.
URL:www.debian.org/security/2016/dsa-3478
URL:www.debian.org/security/2016/dsa-3480
URL:www.debian.org/security/2016/dsa-3481
24. Security Updates in SUSE (SUSE-SU-2016:0470-1, SUSE-SU-2016:0471-1, SUSE-SU-2016:0472-1, SUSE-SU-2016:0473-1, openSUSE-SU-2016:0476-1)
[17/02/2016] SUSE has released security update packages for fixing the vulnerabilities identified in the glibc and vlc packages of SUSE Linux Enterprise 11 and 12 and openSUSE Leap 42.1. Due to multiple errors, an attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, cause a denial of service condition and crash the system.
URL:lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html
URL:lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html
URL:lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html
URL:lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html
URL:lists.opensuse.org/opensuse-security-announce/2016-02/msg00040.html
25. Security Updates in Ubuntu GNU/Linux (USN-2855-2, USN-2899-1, USN-2900-1)
[17/02/2016] Ubuntu has released security update packages for fixing the vulnerabilities identified in the samba, libreoffice, eglibc and glibc packages for versions 12.04 LTS, 14.04 LTS and 15.10. Due to multiple errors, an attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, cause a denial of service condition and compromise the system.
URL:www.ubuntu.com/usn/usn-2855-2/
URL:www.ubuntu.com/usn/usn-2899-1/
URL:www.ubuntu.com/usn/usn-2900-1/
26. Vulnerability in Apache Hadoop (110609)
[16/02/2016] Vulnerability was identified in the Apache Hadoop. An attacker could bypass security restrictions and obtain sensitive information. This vulnerability affects versions prior to 2.7 of the mentioned product. Security patches are available to resolve this vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110609
27. Vulnerabilities in Cisco Universal Small Cell devices (cisco-sa-20160215-er, cisco-sa-20160215-ie2000)
[16/02/2016] Vulnerabilities were identified in the Cisco Emergency Responder and Cisco IOS Software for Cisco Industrial Ethernet 2000 Series Switches. An attacker could bypass security restrictions, execute arbitrary code, perform cross-site scripting attacks, cause a denial of service condition and crash the system. These vulnerabilities affects multiple versions of the mentioned products. Security patches are available to resolve these vulnerabilities.
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160215-er
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160215-ie2000
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110610
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110611
28. Vulnerabilities in F5 Products (SOL02201365, SOL61570943)
[16/02/2016] Vulnerabilities were identified in the F5 BIG-IP LTM, BIG-IP AAM, BIG-IP AFM, BIG-IP Analytics, BIG-IP APM, BIG-IP ASM, BIG-IP Edge Gateway, BIG-IP GTM, BIG-IP Link Controller, BIG-IP PEM, BIG-IP PSM, BIG-IP WebAccelerator, BIG-IP WOM, Enterprise Manager, BIG-IQ Cloud, BIG-IQ Device, BIG-IQ Security, BIG-IQ ADC, BIG-IQ Centralized Management, BIG-IQ Cloud and Orchestration and Traffix SDC. An attacker could bypass security restrictions, obtain sensitive information, execute arbitrary code, cause a denial of service condition and crash the system. These vulnerabilities affect multiple versions of the mentioned products. Security patches are available to resolve these vulnerabilities.
URL:support.f5.com/kb/en-us/solutions/public/k/02/sol02201365.html
URL:support.f5.com/kb/en-us/solutions/public/k/61/sol61570943.html
29. Vulnerability in FireEye Operating System (110608)
[16/02/2016] Vulnerability was identified in the FireEye Operating System. An attacker could bypass security restrictions. This vulnerability affects multiple versions of the mentioned product. Security patches are available to resolve this vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110608
30. Vulnerability in Kamailio (110603)
[16/02/2016] Vulnerability was identified in the Kamailio. An attacker could bypass security restrictions, execute arbitrary code, cause a denial of service condition and crash the system. This vulnerability affects version 4.3.4 of the mentioned product. Security patches are available to resolve this vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110603
31. Vulnerability in Foomatic (110606)
[16/02/2016] Vulnerability was identified in the Foomatic. An attacker could bypass security restrictions, execute arbitrary code, cause a denial of service condition and crash the system. This vulnerability affect version 4.0.6 of the mentioned product. Security patches are available to resolve this vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110606
32. Vulnerabilities in Xymon (110590, 110591, 110592, 110593, 110594)
[16/02/2016] Vulnerabilities were identified in the Xymon. An attacker could bypass security restrictions, obtain sensitive information, execute arbitrary code, perform cross-site scripting attacks, cause a denial of service condition and crash the system. These vulnerabilities affect versions prior to 4.3.25 of the mentioned product. Security patches are available to resolve these vulnerabilities.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110590
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110591
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110592
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110593
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110594
33. Security Updates in Gentoo Linux (GLSA 201602-01)
[16/02/2016] Gentoo has released security update packages for fixing the vulnerabilities identified in the qemu packages for multiple versions of Gentoo Linux. An attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, cause a denial of service condition and crash the system.
URL:security.gentoo.org/glsa/201602-01
34. Security Updates in Mageia (MGASA-2016-0043, MGASA-2016-0044, MGASA-2016-0045, MGASA-2016-0046, MGASA-2016-0047, MGASA-2016-0048, MGASA-2016-0049, MGASA-2016-0050, MGASA-2016-0051, MGASA-2016-0052, MGASA-2016-0053, MGASA-2016-0054, MGASA-2016-0055, MGASA-2016-0056, MGASA-2016-0057, MGASA-2016-0058, MGASA-2016-0059, MGASA-2016-0060, MGASA-2016-0061, MGASA-2016-0062)
[16/02/2016] Mageia has released security update packages for fixing the vulnerabilities identified in the docker, golang, cakephp, cyrus-imapd, gajim, python-nbxmpp, cgit, copy-jdk-configs, java-1.8.0-openjdk, lua-lunit, lua-posix, imlib2, curl, phpmyadmin, phpseclib, krb5, socat, mbedtls, hiawatha, belle-sip, linphone, pdns, privoxy, openssl, radicale, php, jasper, ffmpeg, nettle2.7, nettle and flash-player-plugin packages for multiple versions of Mageia. Due to multiple errors, an attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, cause a denial of service condition and compromise the system.
URL:advisories.mageia.org/MGASA-2016-0043.html
URL:advisories.mageia.org/MGASA-2016-0044.html
URL:advisories.mageia.org/MGASA-2016-0045.html
URL:advisories.mageia.org/MGASA-2016-0046.html
URL:advisories.mageia.org/MGASA-2016-0047.html
URL:advisories.mageia.org/MGASA-2016-0048.html
URL:advisories.mageia.org/MGASA-2016-0049.html
URL:advisories.mageia.org/MGASA-2016-0050.html
URL:advisories.mageia.org/MGASA-2016-0051.html
URL:advisories.mageia.org/MGASA-2016-0052.html
URL:advisories.mageia.org/MGASA-2016-0053.html
URL:advisories.mageia.org/MGASA-2016-0054.html
URL:advisories.mageia.org/MGASA-2016-0055.html
URL:advisories.mageia.org/MGASA-2016-0056.html
URL:advisories.mageia.org/MGASA-2016-0057.html
URL:advisories.mageia.org/MGASA-2016-0058.html
URL:advisories.mageia.org/MGASA-2016-0059.html
URL:advisories.mageia.org/MGASA-2016-0060.html
URL:advisories.mageia.org/MGASA-2016-0061.html
URL:advisories.mageia.org/MGASA-2016-0062.html
35. Security Updates in SUSE (SUSE-SU-2016:0459-1)
[16/02/2016] SUSE has released security update packages for fixing the vulnerabilities identified in the qemu packages of SUSE Linux Enterprise 12. Due to multiple errors, an attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, cause a denial of service condition and crash the system.
URL:lists.opensuse.org/opensuse-security-announce/2016-02/msg00035.html
36. Security Updates in Ubuntu GNU/Linux (USN-2896-1, USN-2897-1, USN-2898-1, USN-2898-2)
[16/02/2016] Ubuntu has released security update packages for fixing the vulnerabilities identified in the libgcrypt11, libgcrypt20, nettle, gtk+2.0, gtk+3.0 and eog packages for versions 12.04 LTS, 14.04 LTS and 15.10. Due to multiple errors, an attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, cause a denial of service condition and compromise the system.
URL:www.ubuntu.com/usn/usn-2896-1/
URL:www.ubuntu.com/usn/usn-2897-1/
URL:www.ubuntu.com/usn/usn-2898-1/
URL:www.ubuntu.com/usn/usn-2898-2/
37. Vulnerability in Cisco Universal Small Cell devices (cisco-sa-20160212-usc)
[15/02/2016] Vulnerability was identified in multiple Cisco Universal Small Cell devices. An attacker could bypass security restrictions, obtain sensitive information and execute arbitrary code. This vulnerability affects multiple versions of the mentioned products. Security patches are available to resolve this vulnerability.
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160212-usc
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110573
38. Vulnerability in ManageEngine EventLog Analyzer (110566)
[15/02/2016] Vulnerability was identified in the ManageEngine EventLog Analyzer. An attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, cause a denial of service condition and compromise the system. This vulnerability affects versions prior to 10.8 of the mentioned product. Security patches are available to resolve this vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110566
39. Vulnerability in Deepin Linux (110527)
[15/02/2016] Vulnerability was identified in the Deepin Linux. An attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code and compromise the system. This vulnerability affect versions 15 and 15.01 of the mentioned product.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110527
40. Vulnerabilities in Linux Kernel (110459, 110480, 110574, 110582)
[15/02/2016] Vulnerabilities were identified in the Linux Kernel. An attacker could bypass security restrictions, obtain sensitive information, execute arbitrary code, cause a denial of service condition and compromise the system. These vulnerabilities affect multiples versions of the mentioned product. Security patches are available to resolve these vulnerabilities.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110459
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110480
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110574
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110582
41. Security Updates in Debian (DSA-3473-1, DSA-3474-1, DSA-3475-1, DSA-3476-1, DSA-3477-1)
[15/02/2016] Debian has released security update packages for fixing the vulnerabilities identified in the nginx, libgcrypt20, postgresql-9.1, postgresql-9.4 and iceweasel packages for multiple versions of Debian GNU/Linux. Due to multiple errors, an attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, cause a denial of service condition and compromise the system.
URL:www.debian.org/security/2016/dsa-3473
URL:www.debian.org/security/2016/dsa-3474
URL:www.debian.org/security/2016/dsa-3475
URL:www.debian.org/security/2016/dsa-3476
URL:www.debian.org/security/2016/dsa-3477
42. Security Updates in Slackware (SSA:2016-045-01)
[15/02/2016] Slackware has released security update packages for fixing the vulnerabilities identified in the mozilla-thunderbird packages for multiple versions of Slackware Linux. Due to multiple errors, an attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, cause a denial of service condition and compromise the system.
URL:www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.360335
[19/02/2016] Vulnerability was identified in the Adobe Flash Player. An attacker could bypass security restrictions and execute arbitrary code on the system. The affected version was not specified.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110714
2. Vulnerability in Cisco ASA (110718)
[19/02/2016] Vulnerability was identified in the Cisco ASA. An attacker could bypass security restrictions, execute arbitrary code and perform cross-site scripting attacks. The affected version was not specified.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110718
3. Vulnerabilities in Symantec Encryption Management Server (SYM16-002)
[19/02/2016] Vulnerabilities were identified in the Symantec Encryption Management Server. An attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, cause a denial of service condition and compromise the system. These vulnerabilities affect versions prior to 3.3.2 MP12 of the mentioned product. Security patches are available to resolve these vulnerabilities.
URL:www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=2016&suid=20160218_00
4. Vulnerabilities in Google Chrome
[19/02/2016] Vulnerabilities were identified in the Google Chrome. An attacker could bypass security restrictions and execute arbitrary code. These vulnerabilities affect versions prior to 48.0.2564.116 of the mentioned product. Security patches are available to resolve these vulnerabilities.
URL:googlechromereleases.blogspot.hk/
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110753
5. Vulnerability in B+B SmartWorx VESP211 serial servers (ICSA-16-049-01)
[19/02/2016] Vulnerability was identified in the B+B SmartWorx VESP211 serial servers. An attacker could bypass security restrictions, obtain sensitive information and compromise the system. This vulnerability affects multiple firmware versions of the mentioned product.
URL:ics-cert.us-cert.gov/advisories/ICSA-16-049-01
6. Vulnerabilities in AMX Products (ICSA-16-049-02)
[19/02/2016] Vulnerabilities were identified in the multiple AMX Multiple Products. An attacker could bypass security restrictions, obtain sensitive information and compromise the system. These vulnerabilities affect multiple firmware versions of the mentioned products. Security patches are available to resolve these vulnerabilities.
URL:ics-cert.us-cert.gov/advisories/ICSA-16-049-02
7. Vulnerability in LibreOffice
[19/02/2016] Vulnerability was identified in the LibreOffice. An attacker could bypass security restrictions, execute arbitrary code, cause a denial of service condition and crash the system. This vulnerability affect versions 5.1.0 and prior of the mentioned product.
URL:www.hkcert.org/my_url/en/alert/16021801
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110712
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110713
8. Security Updates in Oracle Linux (ELSA-2016-0258, ELSA-2016-3519)
[19/02/2016] Oracle has released security update packages for fixing the vulnerabilities identified in the thunderbird and kernel packages for Oracle Linux 5, 6 and 7. Due to multiple errors, an attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, cause a denial of service condition and crash the system.
URL:linux.oracle.com/errata/ELSA-2016-0258.html
URL:linux.oracle.com/errata/ELSA-2016-3519.html
9. Security Updates in Debian (DSA-3482-1)
[19/02/2016] Debian has released security update packages for fixing the vulnerabilities identified in the libreoffice packages for multiple versions of Debian GNU/Linux. Due to multiple errors, an attacker could bypass security restrictions, execute arbitrary code, cause a denial of service condition and crash the system.
URL:www.debian.org/security/2016/dsa-3482
10. Security Updates in Red Hat Enterprise Linux (RHSA-2016:0258-1)
[19/02/2016] Red Hat has released security update packages for fixing the vulnerabilities identified in the thunderbird packages for Red Hat Enterprise Linux 6. Due to multiple errors, an attacker could bypass security restrictions, gain elevated privileges, execute arbitrary code, cause a denial of service condition and crash the system.
URL:rhn.redhat.com/errata/RHSA-2016-0258.html
11. Security Updates in SUSE (openSUSE-SU-2016:0510-1)
[19/02/2016] SUSE has released security update packages for fixing the vulnerabilities identified in the glibc package of openSUSE 13.2. Due to multiple errors, an attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, cause a denial of service condition and crash the system.
URL:lists.opensuse.org/opensuse-security-announce/2016-02/msg00042.html
12. Security Updates in Ubuntu GNU/Linux (USN-2895-1, USN-2903-1)
[19/02/2016] Ubuntu has released security update packages for fixing the vulnerabilities identified in the oxide-qt and nss packages for versions 12.04 LTS, 14.04 LTS and 15.10. Due to multiple errors, an attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, cause a denial of service condition and compromise the system.
URL:www.ubuntu.com/usn/usn-2895-1/
URL:www.ubuntu.com/usn/usn-2903-1/
13. Vulnerabilities in ManageEngine OpUtils (110677, 110678, 110679, 110680)
[18/02/2016] Vulnerabilities were identified in the ManageEngine OpUtils. An attacker could gain elevated privileges, bypass security restrictions, perform cross-site scripting and web cache poisoning attacks. These vulnerabilities affects version 8.0 of the mentioned product. Security patches are available to resolve these vulnerabilities.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110677
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110678
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110679
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110680
14. Vulnerability in NTP (110676)
[18/02/2016] Vulnerability was identified in the NTP. An attacker could cause a denial of service condition. This vulnerability affect versions 4.2.6p5 and prior of the mentioned product.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110676
15. Security Updates in Red Hat Enterprise Linux (RHSA-2016:0241-1)
[18/02/2016] Red Hat has released security update packages for fixing the vulnerabilities identified in the chromium-browser packages for Red Hat Enterprise Linux 6. Due to multiple errors, an attacker could crash the application, execute arbitrary code and obtain sensitive information.
URL:rhn.redhat.com/errata/RHSA-2016-0241.html
16. Security Updates in SUSE (openSUSE-SU-2016:0490-1)
[18/02/2016] SUSE has released security update packages for fixing the vulnerabilities identified in the glibc packages of openSUSE Leap 42.1. An attacker could execute arbitrary code, bypass security restrictions, obtain sensitive information, cause a denial of service condition and crash the system.
URL:lists.opensuse.org/opensuse-security-announce/2016-02/msg00041.html
17. Security Updates in Ubuntu GNU/Linux (USN-2901-1, USN-2902-1, USN-2903-1)
[18/02/2016] Ubuntu has released security update packages for fixing the vulnerabilities identified in the xdelta3, graphite2 and nss packages for versions 12.04 LTS, 14.04 LTS and 15.10. Due to multiple errors, an attacker could execute arbitrary code, ause a denial of service condition, crash the system and obtain sensitive information.
URL:www.ubuntu.com/usn/usn-2901-1/
URL:www.ubuntu.com/usn/usn-2902-1/
URL:www.ubuntu.com/usn/usn-2903-1/
18. Vulnerabilities in Cisco Products (cisco-sa-20160216-grid, cisco-sa-20160216-wap)
[17/02/2016] Vulnerabilities were identified in the Cisco 1000 Series Connected Grid Routers and Cisco Small Business 500 Series Wireless Access Point devices. An attacker could bypass security restrictions, execute arbitrary code, cause a denial of service condition and crash the system. These vulnerabilities affects multiple versions of the mentioned products. Security patches are available to resolve these vulnerabilities.
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160216-grid
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160216-wap
19. Vulnerability in Hirschmann "Classic Platform" switches (VU#507216)
[17/02/2016] Vulnerability was identified in the Hirschmann "Classic Platform" switches. An attacker could bypass security restrictions, obtain sensitive information and compromise the system. This vulnerability affects versions L2E 09.0.05, L2P 09.0.05, L3E 09.0.05 and L3P 09.0.05, of the mentioned product.
URL:www.kb.cert.org/vuls/id/507216
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110668
20. Vulnerability in GNU C Library (110662)
[17/02/2016] Vulnerability was identified in the GNU C Library (glibc). An attacker could bypass security restrictions, execute arbitrary code, cause a denial of service condition and crash the system. This vulnerability affect version 2.21 of the mentioned product. Security patches are available to resolve this vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110662
21. Vulnerability in Squid (110669)
[17/02/2016] Vulnerability was identified in the Squid. An attacker could bypass security restrictions, cause a denial of service condition and crash the system. This vulnerability affect version 3.5.13 of the mentioned product. Security patches are available to resolve this vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110669
22. Security Updates in Oracle Linux (ELSA-2016-0175, ELSA-2016-0176, ELSA-2016-0185, ELSA-2016-0188, ELSA-2016-0189, ELSA-2016-0197, ELSA-2016-0204, ELSA-2016-3515, ELSA-2016-3516)
[17/02/2016] Oracle has released security update packages for fixing the vulnerabilities identified in the glibc, kernel, sos, polkit, firefox and 389-ds-base packages for Oracle Linux 5, 6 and 7. Due to multiple errors, an attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, cause a denial of service condition and compromise the system.
URL:linux.oracle.com/errata/ELSA-2016-0175.html
URL:linux.oracle.com/errata/ELSA-2016-0176.html
URL:linux.oracle.com/errata/ELSA-2016-0185.html
URL:linux.oracle.com/errata/ELSA-2016-0188.html
URL:linux.oracle.com/errata/ELSA-2016-0189.html
URL:linux.oracle.com/errata/ELSA-2016-0197.html
URL:linux.oracle.com/errata/ELSA-2016-0204.html
URL:linux.oracle.com/errata/ELSA-2016-3515.html
URL:linux.oracle.com/errata/ELSA-2016-3516.html
23. Security Updates in Debian (DSA-3478-1, DSA-3480-1, DSA-3481-1)
[17/02/2016] Debian has released security update packages for fixing the vulnerabilities identified in the libgcrypt11, eglibc and glibc packages for multiple versions of Debian GNU/Linux. Due to multiple errors, an attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, cause a denial of service condition and compromise the system.
URL:www.debian.org/security/2016/dsa-3478
URL:www.debian.org/security/2016/dsa-3480
URL:www.debian.org/security/2016/dsa-3481
24. Security Updates in SUSE (SUSE-SU-2016:0470-1, SUSE-SU-2016:0471-1, SUSE-SU-2016:0472-1, SUSE-SU-2016:0473-1, openSUSE-SU-2016:0476-1)
[17/02/2016] SUSE has released security update packages for fixing the vulnerabilities identified in the glibc and vlc packages of SUSE Linux Enterprise 11 and 12 and openSUSE Leap 42.1. Due to multiple errors, an attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, cause a denial of service condition and crash the system.
URL:lists.opensuse.org/opensuse-security-announce/2016-02/msg00036.html
URL:lists.opensuse.org/opensuse-security-announce/2016-02/msg00037.html
URL:lists.opensuse.org/opensuse-security-announce/2016-02/msg00038.html
URL:lists.opensuse.org/opensuse-security-announce/2016-02/msg00039.html
URL:lists.opensuse.org/opensuse-security-announce/2016-02/msg00040.html
25. Security Updates in Ubuntu GNU/Linux (USN-2855-2, USN-2899-1, USN-2900-1)
[17/02/2016] Ubuntu has released security update packages for fixing the vulnerabilities identified in the samba, libreoffice, eglibc and glibc packages for versions 12.04 LTS, 14.04 LTS and 15.10. Due to multiple errors, an attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, cause a denial of service condition and compromise the system.
URL:www.ubuntu.com/usn/usn-2855-2/
URL:www.ubuntu.com/usn/usn-2899-1/
URL:www.ubuntu.com/usn/usn-2900-1/
26. Vulnerability in Apache Hadoop (110609)
[16/02/2016] Vulnerability was identified in the Apache Hadoop. An attacker could bypass security restrictions and obtain sensitive information. This vulnerability affects versions prior to 2.7 of the mentioned product. Security patches are available to resolve this vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110609
27. Vulnerabilities in Cisco Universal Small Cell devices (cisco-sa-20160215-er, cisco-sa-20160215-ie2000)
[16/02/2016] Vulnerabilities were identified in the Cisco Emergency Responder and Cisco IOS Software for Cisco Industrial Ethernet 2000 Series Switches. An attacker could bypass security restrictions, execute arbitrary code, perform cross-site scripting attacks, cause a denial of service condition and crash the system. These vulnerabilities affects multiple versions of the mentioned products. Security patches are available to resolve these vulnerabilities.
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160215-er
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160215-ie2000
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110610
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110611
28. Vulnerabilities in F5 Products (SOL02201365, SOL61570943)
[16/02/2016] Vulnerabilities were identified in the F5 BIG-IP LTM, BIG-IP AAM, BIG-IP AFM, BIG-IP Analytics, BIG-IP APM, BIG-IP ASM, BIG-IP Edge Gateway, BIG-IP GTM, BIG-IP Link Controller, BIG-IP PEM, BIG-IP PSM, BIG-IP WebAccelerator, BIG-IP WOM, Enterprise Manager, BIG-IQ Cloud, BIG-IQ Device, BIG-IQ Security, BIG-IQ ADC, BIG-IQ Centralized Management, BIG-IQ Cloud and Orchestration and Traffix SDC. An attacker could bypass security restrictions, obtain sensitive information, execute arbitrary code, cause a denial of service condition and crash the system. These vulnerabilities affect multiple versions of the mentioned products. Security patches are available to resolve these vulnerabilities.
URL:support.f5.com/kb/en-us/solutions/public/k/02/sol02201365.html
URL:support.f5.com/kb/en-us/solutions/public/k/61/sol61570943.html
29. Vulnerability in FireEye Operating System (110608)
[16/02/2016] Vulnerability was identified in the FireEye Operating System. An attacker could bypass security restrictions. This vulnerability affects multiple versions of the mentioned product. Security patches are available to resolve this vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110608
30. Vulnerability in Kamailio (110603)
[16/02/2016] Vulnerability was identified in the Kamailio. An attacker could bypass security restrictions, execute arbitrary code, cause a denial of service condition and crash the system. This vulnerability affects version 4.3.4 of the mentioned product. Security patches are available to resolve this vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110603
31. Vulnerability in Foomatic (110606)
[16/02/2016] Vulnerability was identified in the Foomatic. An attacker could bypass security restrictions, execute arbitrary code, cause a denial of service condition and crash the system. This vulnerability affect version 4.0.6 of the mentioned product. Security patches are available to resolve this vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110606
32. Vulnerabilities in Xymon (110590, 110591, 110592, 110593, 110594)
[16/02/2016] Vulnerabilities were identified in the Xymon. An attacker could bypass security restrictions, obtain sensitive information, execute arbitrary code, perform cross-site scripting attacks, cause a denial of service condition and crash the system. These vulnerabilities affect versions prior to 4.3.25 of the mentioned product. Security patches are available to resolve these vulnerabilities.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110590
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110591
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110592
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110593
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110594
33. Security Updates in Gentoo Linux (GLSA 201602-01)
[16/02/2016] Gentoo has released security update packages for fixing the vulnerabilities identified in the qemu packages for multiple versions of Gentoo Linux. An attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, cause a denial of service condition and crash the system.
URL:security.gentoo.org/glsa/201602-01
34. Security Updates in Mageia (MGASA-2016-0043, MGASA-2016-0044, MGASA-2016-0045, MGASA-2016-0046, MGASA-2016-0047, MGASA-2016-0048, MGASA-2016-0049, MGASA-2016-0050, MGASA-2016-0051, MGASA-2016-0052, MGASA-2016-0053, MGASA-2016-0054, MGASA-2016-0055, MGASA-2016-0056, MGASA-2016-0057, MGASA-2016-0058, MGASA-2016-0059, MGASA-2016-0060, MGASA-2016-0061, MGASA-2016-0062)
[16/02/2016] Mageia has released security update packages for fixing the vulnerabilities identified in the docker, golang, cakephp, cyrus-imapd, gajim, python-nbxmpp, cgit, copy-jdk-configs, java-1.8.0-openjdk, lua-lunit, lua-posix, imlib2, curl, phpmyadmin, phpseclib, krb5, socat, mbedtls, hiawatha, belle-sip, linphone, pdns, privoxy, openssl, radicale, php, jasper, ffmpeg, nettle2.7, nettle and flash-player-plugin packages for multiple versions of Mageia. Due to multiple errors, an attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, cause a denial of service condition and compromise the system.
URL:advisories.mageia.org/MGASA-2016-0043.html
URL:advisories.mageia.org/MGASA-2016-0044.html
URL:advisories.mageia.org/MGASA-2016-0045.html
URL:advisories.mageia.org/MGASA-2016-0046.html
URL:advisories.mageia.org/MGASA-2016-0047.html
URL:advisories.mageia.org/MGASA-2016-0048.html
URL:advisories.mageia.org/MGASA-2016-0049.html
URL:advisories.mageia.org/MGASA-2016-0050.html
URL:advisories.mageia.org/MGASA-2016-0051.html
URL:advisories.mageia.org/MGASA-2016-0052.html
URL:advisories.mageia.org/MGASA-2016-0053.html
URL:advisories.mageia.org/MGASA-2016-0054.html
URL:advisories.mageia.org/MGASA-2016-0055.html
URL:advisories.mageia.org/MGASA-2016-0056.html
URL:advisories.mageia.org/MGASA-2016-0057.html
URL:advisories.mageia.org/MGASA-2016-0058.html
URL:advisories.mageia.org/MGASA-2016-0059.html
URL:advisories.mageia.org/MGASA-2016-0060.html
URL:advisories.mageia.org/MGASA-2016-0061.html
URL:advisories.mageia.org/MGASA-2016-0062.html
35. Security Updates in SUSE (SUSE-SU-2016:0459-1)
[16/02/2016] SUSE has released security update packages for fixing the vulnerabilities identified in the qemu packages of SUSE Linux Enterprise 12. Due to multiple errors, an attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, cause a denial of service condition and crash the system.
URL:lists.opensuse.org/opensuse-security-announce/2016-02/msg00035.html
36. Security Updates in Ubuntu GNU/Linux (USN-2896-1, USN-2897-1, USN-2898-1, USN-2898-2)
[16/02/2016] Ubuntu has released security update packages for fixing the vulnerabilities identified in the libgcrypt11, libgcrypt20, nettle, gtk+2.0, gtk+3.0 and eog packages for versions 12.04 LTS, 14.04 LTS and 15.10. Due to multiple errors, an attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, cause a denial of service condition and compromise the system.
URL:www.ubuntu.com/usn/usn-2896-1/
URL:www.ubuntu.com/usn/usn-2897-1/
URL:www.ubuntu.com/usn/usn-2898-1/
URL:www.ubuntu.com/usn/usn-2898-2/
37. Vulnerability in Cisco Universal Small Cell devices (cisco-sa-20160212-usc)
[15/02/2016] Vulnerability was identified in multiple Cisco Universal Small Cell devices. An attacker could bypass security restrictions, obtain sensitive information and execute arbitrary code. This vulnerability affects multiple versions of the mentioned products. Security patches are available to resolve this vulnerability.
URL:tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160212-usc
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110573
38. Vulnerability in ManageEngine EventLog Analyzer (110566)
[15/02/2016] Vulnerability was identified in the ManageEngine EventLog Analyzer. An attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, cause a denial of service condition and compromise the system. This vulnerability affects versions prior to 10.8 of the mentioned product. Security patches are available to resolve this vulnerability.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110566
39. Vulnerability in Deepin Linux (110527)
[15/02/2016] Vulnerability was identified in the Deepin Linux. An attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code and compromise the system. This vulnerability affect versions 15 and 15.01 of the mentioned product.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110527
40. Vulnerabilities in Linux Kernel (110459, 110480, 110574, 110582)
[15/02/2016] Vulnerabilities were identified in the Linux Kernel. An attacker could bypass security restrictions, obtain sensitive information, execute arbitrary code, cause a denial of service condition and compromise the system. These vulnerabilities affect multiples versions of the mentioned product. Security patches are available to resolve these vulnerabilities.
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110459
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110480
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110574
URL:exchange.xforce.ibmcloud.com/vulnerabilities/110582
41. Security Updates in Debian (DSA-3473-1, DSA-3474-1, DSA-3475-1, DSA-3476-1, DSA-3477-1)
[15/02/2016] Debian has released security update packages for fixing the vulnerabilities identified in the nginx, libgcrypt20, postgresql-9.1, postgresql-9.4 and iceweasel packages for multiple versions of Debian GNU/Linux. Due to multiple errors, an attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, cause a denial of service condition and compromise the system.
URL:www.debian.org/security/2016/dsa-3473
URL:www.debian.org/security/2016/dsa-3474
URL:www.debian.org/security/2016/dsa-3475
URL:www.debian.org/security/2016/dsa-3476
URL:www.debian.org/security/2016/dsa-3477
42. Security Updates in Slackware (SSA:2016-045-01)
[15/02/2016] Slackware has released security update packages for fixing the vulnerabilities identified in the mozilla-thunderbird packages for multiple versions of Slackware Linux. Due to multiple errors, an attacker could bypass security restrictions, obtain sensitive information, gain elevated privileges, execute arbitrary code, cause a denial of service condition and compromise the system.
URL:www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.360335
Subscribe to:
Posts (Atom)