Voici la liste des derniers avis du CERT-Renater en 2016 :


30 Dec 2016STAT52
26 Dec 2016VULN427Tiki : Security update Tiki 16.1, Tiki 15.3 and Tiki 12.10 released!Systems running Tiki versions prior to 16.1, 15.3,
26 Dec 2016STAT51
23 Dec 2016VULN426Apache Hadoop : CVE-2016-5001 Apache Hadoop Information DisclosureSystems running Apache Hadoop versions 2.7.x,
22 Dec 2016VULN425Samba : Several vulnerabilities fixed in SambaSystems running Samba versions 3, 4 prior to
22 Dec 2016VULN424curl : printf floating point buffer overflowSystems running curl versions 7 prior to 7.52.0.
21 Dec 2016VULN423Squid : Information disclosure in Collapsed ForwardingSystems running Squid Proxy Cache versions 3, 4,
21 Dec 2016VULN422Citrix : Citrix XenServer Multiple Security UpdatesSystems running Citrix XenServer versions 7.0,
21 Dec 2016VULN421Cisco : Cisco CloudCenter Orchestrator Docker Engine Privilege Escalation VulnerabilitySystems running Cisco CloudCenter Orchestrator.
21 Dec 2016VULN420Apache : Apache HTTP Server 2.4.25 fixes several security vulnerabilitiesSystems running Apache HTTP Server versions prior
21 Dec 2016VULN419VMware : vSphere Data Protection (VDP) updates address SSH Key-Based authentication issueSystems running vSphere Data Protection versions
20 Dec 2016VULN418VMware : VMware ESXi updates address a cross-site scripting issueVMware ESXi versions 6.0, 5.5, 5.0.
16 Dec 2016VULN417Adobe : Security updates available for Adobe Flash PlayerSystems running Adobe Flash Player versions prior
16 Dec 2016VULN416Mozilla : Multiple vulnerabilities fixed in FirefoxSystems running Firefox versions prior to 50.1,
16 Dec 2016STAT50
15 Dec 2016VULN415Xen : x86 CMPXCHG8B emulation fails to ignore operand size overrideSystems running Xen versions 3.3 up to and
14 Dec 2016VULN411 (Microsoft : Security Update for Common Log File System Driver (3207328))Windows versions Vista, Server 2008, 7, 8.1, 10,
14 Dec 2016VULN414 (Microsoft : Cumulative Security Update for Microsoft Edge (3204062))Windows versions 10, Server 2016
14 Dec 2016VULN413 (Microsoft : Security Update for .NET Framework (3205640))Windows versions Vista, Server 2008, 7, 8.1, 10,
14 Dec 2016VULN412 (Microsoft : Security Update for Windows Kernel (3199709))Windows versions 10, Server 2016.
14 Dec 2016VULN410 (Microsoft : Critical Cumulative Security Update for Internet Explorer (3204059))Systems running Internet Explorer versions 9, 10,
14 Dec 2016VULN409 (Microsoft : Security Update for Microsoft Windows (3205655))Windows versions Vista, Server 2008, 7, 8.1, 10,
14 Dec 2016VULN408 (Microsoft : Important Security Update for Windows Kernel-Mode Drivers (3205651))Windows versions Vista, Server 2008, 7, 8.1, 10,
14 Dec 2016VULN407 (Microsoft : Security Update for Microsoft Graphics Component (3204066))Windows versions Vista, Server 2008, 7, 8.1, 10,
14 Dec 2016VULN406.1 (Microsoft : Security Update for Microsoft Office (3204068))Systems running Microsoft Office.
14 Dec 2016VULN406 (Microsoft : Security Update for Microsoft Office (3204068))Systems running Microsoft Office.
14 Dec 2016VULN405 (Microsoft : Security Update for Microsoft Uniscribe (3204063))Windows versions Vista, Server 2008, 7, 8.1, 10,
14 Dec 2016VULN404 (Microsoft : Security Update for Windows Secure Kernel Mode (3205642))Windows versions 10, Server 2016 running Secure
9 Dec 2016STAT49
2 Dec 2016STAT48
2 Dec 2016INFO001Vague d'infection par le Ransomware Locky
30 Nov 2016VULN403Xen : ARM guests may induce host asynchronous abortSystems running Xen versions with ARM support.
30 Nov 2016VULN402Apache Subversion : Unrestricted XML entity expansion in mod_dontdothat and Subversion clients using http(s)://Systems running Apache Subversion versions 1 prior
29 Nov 2016VULN401Mozilla : Security vulnerabilities fixed in Firefox 50.0.1Systems running Firefox versions 49, 50 prior to
28 Nov 2016VULN400phpmyadmin : Multiple Vulnerabilities fixed in phpmyadminSystems running phpmyadmin versions 4 prior to
28 Nov 2016VULN399Xen : Privilege Elevation and DoS Vulnerabilities fixed in XenSystems running Xen.
25 Nov 2016STAT47
24 Nov 2016VULN398Foxit : Vulnerabilities fixed in Foxit Reader, Foxit PhantomPDFSystems running Foxit Reader, Foxit PhantomPDF
23 Nov 2016VULN396VMware : VMSA-2016-0022 VMware product updates address information disclosure vulnerabilitiesSystems running VMware vCenter Server versions
23 Nov 2016VULN395VMware : VMSA-2016-0021 VMware product updates address partial information disclosure vulnerabilitySystems running VMware Identity Manager versions
21 Nov 2016VULN394Splunk : Splunk Enterprise 6.5.0, 6.4.4, 6.3.8, 6.2.12, 6.1.12, 6.0.13, and 5.0.17 address multiple vulnerabilitiesSystems running Splunk Enterprise versions 6,
18 Nov 2016STAT46
18 Nov 2016VULN391Jenkins : Jenkins Security Advisory 2016-11-16 Remote code execution vulnerabilitySystems running Jenkins versions 2.32, LTS 2.19.3.
16 Nov 2016VULN390VMware : vRealize Operations update addresses REST API deserialization vulnerabilitySystems running vRealize Operations versions 6.x,
15 Nov 2016VULN389Apache Wicket : Apache Wicket CSRF detection vulnerabilitySystems running Apache Wicket versions 6.x, 7.x,
15 Nov 2016VULN388Apache Openmeetings : Apache Openmeetings RMI Registry Java Deserialization RCESystems running Apache Openmeetings versions 3.1
14 Nov 2016STAT45
14 Nov 2016VULN387Google Chrome : Google Chrome Stable Channel Update for DesktopSystems running Google Chrome versions prior to
14 Nov 2016VULN386PHP : PHP versions 5.6.28, 7.0.13 fixes multiple security vulnerabilitiesSystems running PHP versions prior to 5.6.28,
14 Nov 2016VULN385VMware : VMware Workstation and Fusion updates address critical out-of-bounds memory access vulnerabilitySystems running VMware Workstation,
10 Nov 2016VULN384VMware : VMware product updates address local privilege escalation vulnerability in Linux kernelSystems running VMware Identity Manager,
9 Nov 2016VULN383Adobe : Security updates available for Adobe Flash PlayerSystems running Adobe Flash Player.
9 Nov 2016VULN382Microsoft : Critical Cumulative Security Update for Internet ExplorerSystems running Internet Explorer versions 9, 10,
9 Nov 2016VULN381Microsoft : Important Security Update for Microsoft Virtual Hard Disk DriverWindows versions Vista, Server 2008, 7, 8.1,
9 Nov 2016VULN380Microsoft : Important Security Update for SQL ServerSystems running Microsoft SQL Server versions
9 Nov 2016VULN379Microsoft : Important Security Update for Windows Kernel-Mode DriversWindows versions Vista, Server 2008, 7, 8.1,
9 Nov 2016VULN378Microsoft : Important Security Update for Common Log File System DriverWindows versions Vista, Server 2008, 7, 8.1,
9 Nov 2016VULN377Microsoft : Important Security Update for Microsoft OfficeSystems running Microsoft Office.
9 Nov 2016VULN376Microsoft : Critical Security Update for Microsoft Graphics ComponentWindows version Vista, Server 2008, 7, 8.1,
9 Nov 2016VULN375Microsoft : Critical Security Update for Microsoft Video ControlWindows version Vista, Server 2008, 7, 8.1,
9 Nov 2016VULN374Microsoft : Critical Security Update for Microsoft WindowsWindows versions Vista, Server 2008, 7, 8.1,
9 Nov 2016VULN373Microsoft : Critical Cumulative Security Update for Microsoft EdgeSystems running Microsoft Edge.
7 Nov 2016VULN372MariaDB : MariaDB 10.0.28, 10.1.19, 5.5.53 fixes multiple security vulnerabilitiesSystems running MariaDB versions prior to 10.0.28,
7 Nov 2016VULN371cURL : Multiple vulnerabilities fixed in cURLSystems running curl versions prior to 7.51.0.
4 Nov 2016STAT44
28 Oct 2016STAT43
28 Oct 2016VULN370Apache Tomcat : Apache Tomcat multiple vulnerabilitiesSystems running Apache Tomcat versions 9, 8.5,
28 Oct 2016VULN369Shibboleth IdP : Shibboleth Identity Provider Security Advisory [27 October 2016]Systems running Shibboleth IdP versions 3 prior to
27 Oct 2016VULN368Cisco : Cisco IP Interoperability and Collaboration System Universal Media Services Unauthorized Access VulnerabilityCisco IP Interoperability and Collaboration System
27 Oct 2016VULN367Cisco : Cisco Email Security Appliance Denial of Service VulnerabilitiesCisco AsyncOS Software for Cisco Email Security
27 Oct 2016VULN366Adobe : Security updates available for Adobe Flash PlayerSystems running Adobe Flash Player versions prior
26 Oct 2016VULN365VMware : VMware product updates address multiple information disclosure issuesMac OS X running VMware Fusion versions 8.x prior
25 Oct 2016VULN364APPLE : APPLE-SA-2016-10-24-5 watchOS 3.1watchOS versions prior to 3.1.
25 Oct 2016VULN363APPLE : APPLE-SA-2016-10-24-4 tvOS 10.0.1tvOS versions prior to 10.0.1.
25 Oct 2016VULN362APPLE : APPLE-SA-2016-10-24-3 Safari 10.0.1Systems running Safari versions prior to 10.0.1.
25 Oct 2016VULN361APPLE : APPLE-SA-2016-10-24-2 macOS Sierra 10.12.1macOS X versions prior to 10.12.1.
25 Oct 2016VULN360APPLE : APPLE-SA-2016-10-24-1 iOS 10.1iOS versions prior to 10.1.
21 Oct 2016STAT42
20 Oct 2016VULN359Oracle : October 2016 Critical Patch Update ReleasedSystems running Oracle Database Server,
19 Oct 2016VULN358Cisco : Cisco ASA Software Identity Firewall Feature Buffer Overflow VulnerabilityCisco ASA Software.
19 Oct 2016VULN357Cisco : Cisco Firepower Detection Engine HTTP Denial of Service VulnerabilityCisco Firepower System Software.
19 Oct 2016VULN356VeraCrypt : VeraCrypt 1.19 fix vulnerabilitiesSystems running VeraCrypt versions prior to 5.6.27,
19 Oct 2016VULN354Apache Struts : Possible path traversal in the Convention pluginSystems running Apache Struts versions 2.3.20 up
17 Oct 2016VULN353Apache OpenOffice : Windows Installer vulnerabilitiesSystems running Apache OpenOffice versions prior
17 Oct 2016VULN352US-CERT : Heightened DDoS Threat Posed by Mirai and Other BotnetsIoT devices software.
14 Oct 2016STAT41
14 Oct 2016VULN351Microsoft : Critical Security Update for Adobe Flash PlayerWindows versions 8.1, Server 2012, RT 8.1, 10
14 Oct 2016VULN350Microsoft : Moderate Security Update for Microsoft Internet Messaging APIWindows version Vista, Server 2008, 7 running
14 Oct 2016VULN349Microsoft : Important Security Update for,Diagnostics HubWindows versions 10 running Diagnostics Hub.
14 Oct 2016VULN348Microsoft : Important Security Update for Windows RegistryWindows versions Vista, Server 2008, 7, 8.1, 10,
14 Oct 2016VULN347Microsoft : Important Security Update for Windows Kernel-Mode DriversWindows versions Vista, 7, 8.1, RT 8.1, 10
14 Oct 2016VULN346Microsoft : Critical Security Update for Microsoft Video ControlWindows versions Vista, 7, 8.1, RT 8.1, 10
14 Oct 2016VULN345Microsoft : Important Security Update for Microsoft OfficeSystems running Microsoft Office.
14 Oct 2016VULN344Microsoft : Critical Security Update for Microsoft Graphics ComponentWindows running Microsoft Graphics Component,
14 Oct 2016VULN343Microsoft : Critical Cumulative Security Update for Microsoft EdgeSystems running Microsoft Edge.
14 Oct 2016VULN342 (Microsoft : Critical Cumulative Security Update,for Internet Explorer (3192887))Systems running Internet Explorer versions 9, 10,
12 Oct 2016VULN340Adobe : Security Updates Available for Adobe Acrobat and ReaderSystems running Adobe Acrobat, Adobe Reader.
12 Oct 2016VULN341Adobe : Security update available for the Creative Cloud Desktop ApplicationSystems running Creative Cloud Desktop Application.
7 Oct 2016STAT40
30 Sep 2016STAT39
30 Sep 2016VULN339ISC BIND : Assertion Failure in buffer.c While Building Responses to a Specifically Constructed RequestSystems running Bind versions 9 prior to 9.9.9-P3,
28 Sep 2016VULN338Cisco : Cisco IOS Software Common Industrial Protocol Request Denial of Service VulnerabilityCisco IOS Software.
28 Sep 2016VULN337Cisco : Cisco IOS and IOS XE Software Denial of Service and Memory Leak VulnerabilitiesCisco IOS, Cisco IOS XE.
23 Sep 2016VULN336Cisco : Cisco Email Security Appliance Internal Testing Interface VulnerabilityCisco Email Security Appliance software.
23 Sep 2016VULN335Cisco : IKEv1 Information Disclosure Vulnerability in Multiple Cisco ProductsCisco IOS, Cisco IOS XE, Cisco IOS XR.
23 Sep 2016STAT38
22 Sep 2016VULN334Drupal : Drupal Core - Critical - Multiple Vulnerabilities - SA-CORE-2016-004Systems running Drupal Core versions 8.x prior to
16 Sep 2016STAT37
16 Sep 2016VULN333curl : curl escape and unescape integer overflowsSystems running curl, libcurl versions 7.11.1 up
16 Sep 2016VULN332PHP : PHP versions PHP 5.6.26, 7.0.11 fix multiple security bugsSystems running PHP versions prior to 5.6.26,
15 Sep 2016VULN331VMware : VMware ESXi, Workstation, Fusion, and Tools updates address multiple security issuesVMware ESXi,
15 Sep 2016VULN330EMC : EMC Documentum D2 Authentication Bypass VulnerabilitySystems running EMC Documentum D2 version 4.5, 4.6.
14 Sep 2016VULN328Microsoft : Important Security Updates for Microsoft WindowsWindows versions Vista, Server 2008, 7, 8.1,
14 Sep 2016VULN327Microsoft : Critical Security Update in OLE Automation for VBScript Scripting EngineWindows versions Vista, Server 2008, 7, 8.1,
14 Sep 2016VULN326Microsoft : Important Security Update for SilverlightSystems running Microsoft Silverlight versions 5.
14 Sep 2016VULN325Microsoft : Critical Security Update for Microsoft OfficeSystems running Microsoft Office versions 2007,
14 Sep 2016VULN324Microsoft : Critical Cumulative Security Update for Microsoft EdgeSystems running Microsoft Exchange Server versions
14 Sep 2016VULN323Microsoft : Critical Security Update for Microsoft Graphics ComponentWindows versions Vista, Server 2008, 7, 8.1,
14 Sep 2016VULN322Microsoft : Critical Cumulative SecurityUpdate for Microsoft EdgeSystems running Microsoft Edge.
14 Sep 2016VULN321Microsoft : Critical Cumulative SecurityUpdate for Internet ExplorerSystems running Internet Explorer.
14 Sep 2016VULN320Adobe : Security update available forAdobe Digital EditionsWindows, Mac OS X, iOS, Android running
14 Sep 2016VULN319Adobe : Security update available forAdobe AIR SDK & CompilerWindows, Mac OS X running Adobe AIR SDK & Compiler
14 Sep 2016VULN318Adobe : Security updates available forAdobe Flash PlayerWindows, Mac OS X, Linux, ChromeOS running
14 Sep 2016VULN316APPLE : APPLE-SA-2016-09-13-1 iOS 10iOS versions prior to 10.
13 Sep 2016VULN315Percona Server : Percona Server CriticalUpdate CVE-2016-6662Systems running Percona Server versions prior to
13 Sep 2016VULN314MariaDB : MariaDB Server versions andthe Remote Root Code Execution Vulnerability CVE-2016-6662Systems running MariaDB Server versions prior to
12 Sep 2016VULN313Xen : Multiple Vulnerabilities fixrd inXenSystems running Xen.
9 Sep 2016STAT36
9 Sep 2016VULN312Cisco : Cisco ACE30 Application ControlEngine Module and Cisco ACE 4710 Application Control Engine Denial of ServiceVulnerabilityCisco ACE30 software, Cisco ACE 4710 software.
8 Sep 2016VULN311WordPress : WordPress 4.6.1 Security andMaintenance ReleaseWordPress versions prior to 4.6.1.
8 Sep 2016VULN310Fortinet : FortiWAN MultipleVulnerabilitiesFortiWAN versions prior to 4.2.4.
2 Sep 2016STAT35
2 Sep 2016VULN309APPLE : APPLE-SA-2016-09-01-1 Safari9.1.3Systems running Safari versions prior to 9.1.3.
2 Sep 2016VULN308APPLE : APPLE-SA-2016-09-01-2 SecurityUpdate 2016-001 El Capitan and Security Update 2016-005 YosemiteOS X Yosemite v10.10.5, OS X El Capitan v10.11.6.
1 Sep 2016VULN307Adobe : Hotfixes available forColdFusionSystems running ColdFusion versions 10, 11.
29 Aug 2016VULN303QNAP NAS : Security Alert for ReportedVulnerabilities in QTSQTS firmware versions prior to 4.2.0, 4.2.1, 4.2.2.
29 Aug 2016VULN302Ruby on Rails : XSS and Unsafe QueryGeneration fixed in Rails 5.0.0.1, 4.2.7.1, and 3.2.22.3Systems running Rails versions prior to 5.0.0.1,
26 Aug 2016VULN301APPLE : APPLE-SA-2016-08-25-1 iOS 9.3.5iOS versions prior to 9.3.5.
26 Aug 2016STAT34
24 Aug 2016VULN300VMware : VMware Identity Manager andvRealize Automation updates address multiple security issuesSystems running VMware Identity Manager,
19 Aug 2016STAT33
18 Aug 2016VULN299Fortiguard : Cookie Parser BufferOverflow VulnerabilityFortiOS versions 4.x prior to 4.1.11, 4.2.13,
18 Aug 2016VULN298Cisco : Cisco Application PolicyInfrastructure Controller Enterprise Module Remote Code ExecutionVulnerabilityCisco Application Policy Infrastructure Controller
18 Aug 2016VULN297Cisco : Cisco ASA SNMP Remote CodeExecution VulnerabilityCisco ASA Software.
18 Aug 2016VULN296Cisco : Cisco Firepower ManagementCenter VulnerabilitiesSystems running Cisco Firepower Management Center,
16 Aug 2016VULN295VMware : VMware Photon OS OVA defaultpublic ssh keySystems running VMware Photon OS.
12 Aug 2016VULN294Drupal : Vulnerabilities fixed in GoogleAnalytics, Piwik, OAuth2 Client, Require LoginSystems running Google Analytics for Drupal,
12 Aug 2016VULN293Joomla! : [20160802] - Core - XSSVulnerabilitySystems running Joomla! Core versions 1.6.0 up to
12 Aug 2016VULN292Vmware : vRealize Log Insight updateaddresses directory traversal vulnerabilitySystems running vRealize Log Insight versions 3.x,
12 Aug 2016STAT32
11 Aug 2016VULN291Cisco : Cisco IOS XR Software for CiscoASR 9001 Aggregation Services Routers Fragmented Packet Denial of ServiceVulnerabilityCisco ASR 9001 Aggregation Services Routers.
10 Aug 2016VULN290 (Microsoft : Important Security Updatefor ActiveSyncProvider (3182332))Windows versions 10 running ActiveSyncProvider.
10 Aug 2016VULN289 (Microsoft : Critical Security Update forMicrosoft Windows PDF Library (3182248))Windows versions Vista, Server 2008, 7, 8.1,
10 Aug 2016VULN288 (Microsoft : Important Security Updatefor Windows Authentication Methods (3178465))Windows versions Vista, Server 2008, 7, 8.1,
10 Aug 2016VULN287 (Microsoft : Important Security Updatefor Secure Boot (3179577))Windows versions 8.1, Server 2012, RT 8.1, 10
10 Aug 2016VULN286 (Microsoft : Important Security Updatefor Microsoft Office (3177451))Systems running Microsoft Office versions 2007,
10 Aug 2016VULN285 (Microsoft : Important: Security Updatefor Windows Kernel-Mode Drivers (3178466))Windows versions Vista, Server 2008, 7, 8.1,
10 Aug 2016VULN284 (Microsoft : Critical - Security Updatefor Microsoft Graphics Component (3177393))Systems running Windows, Microsoft Office, Skype
10 Aug 2016VULN283 (Microsoft : Critical Cumulative SecurityUpdate for Microsoft Edge (3177358))Systems running Microsoft Edge.
10 Aug 2016VULN282 (Microsoft : Critical Cumulative SecurityUpdate for Internet Explorer (3177356))Systems running Internet Explorer.
5 Aug 2016STAT31
29 Jul 2016STAT30
22 Jul 2016STAT29
19 Jul 2016VULN281Apple OS X El Capitan: MultiplevulnerabilitiesSystems running Safari web browser
19 Jul 2016VULN280Apple iOS: Multiple vulnerabilitiesSystems running iOS
19 Jul 2016VULN279Apple :Apple watchOS: MultiplevulnerabilitiesSystems running Appple watchOS
19 Jul 2016VULN278Apple :Apple tvOS: MultiplevulnerabilitiesSystems running Apple tvOS
19 Jul 2016VULN277Apple : Safari multiples vulnerabilitesSystems running Safari web browser
15 Jul 2016STAT28
15 Jul 2016VULN276Drupal : Highly Critical - Remote codeexecution Vulnerabilities in modulesSystems running Drupal versions 7.x with RESTWS,
15 Jul 2016VULN275Cisco : Cisco IOS XR for NCS 6000 PacketTimer Leak Denial of Service VulnerabilityCisco IOS XR for Cisco Network Convergence System
8 Jul 2016STAT27
8 Jul 2016VULN274Apache Qpid : deserialization ofuntrusted input while using JMS ObjectMessageSystems running Qpid AMQP 0-x JMS client versions
8 Jul 2016VULN273Samba : Client side SMB2/3 requiredsigning can be downgradedSystems running Samba versions 4.0.0 up to
6 Jul 2016VULN272Apache : X509 Client certificate basedauthentication can be bypassed when HTTP/2 is usedSystems running Apache HTTPD versions 2.4.18 up to
1 Jul 2016STAT26
30 Jun 2016VULN271Cisco : Cisco Prime Infrastructure andEvolved Programmable Network Manager Authentication Bypass API VulnerabilityCisco Prime Infrastructure software,
30 Jun 2016VULN270Cisco : Cisco Prime CollaborationProvisioning Lightweight Directory Access Protocol Authentication BypassVulnerabilityCisco Prime Collaboration Provisioning software.
30 Jun 2016VULN269Cisco : Cisco Firepower System SoftwareStatic Credential VulnerabilityCisco Firepower System Software.
24 Jun 2016STAT25
24 Jun 2016VULN268Phpmyadmin : Multiple Securityvulnerabilities fixed in phpmyadminSystems running phpmyadmin versions 4.6.x, 4.4.x,
23 Jun 2016VULN267WordPress : WordPress 4.5.3 Maintenanceand Security ReleaseSystems running WordPress versions prior to 4.5.3.
23 Jun 2016VULN266EMC Documentum : EMC Documentum WebTopand WebTop Clients Improper Authorization VulnerabilitySystems running EMC Documentum WebTop,
23 Jun 2016VULN265Cisco : Cisco Email Security Appliance.zip File Scanning Security Bypass VulnerabilityCisco Email Security Appliance software version
23 Jun 2016VULN264Libarchive : Libarchive 3.2.1 SecurityReleaseSystems running Libarchive version prior to 3.2.1.
23 Jun 2016VULN263Apache Tomcat : CVE-2016-3092 ApacheTomcat Denial of ServiceSystems running Apache Tomcat version prior to
21 Jun 2016VULN262APPLE : AirPort Base Station FirmwareUpdate 7.6.7 and,7.7.7AirPort Base Station Firmware version prior to
20 Jun 2016VULN261QNAP : Security vulnerabilitiesaddressed in QTS 4.2.1 Build 20160601QTS version prior to 4.2.1 Build
20 Jun 2016VULN260Apache Struts : Multiple vulnerabilitiesfixed in Apache StrutsSystems running Apache Struts versions 2 prior to
17 Jun 2016STAT24
17 Jun 2016VULN259Google Chrome : Google Chrome stablechannel updated to 51.0.2704.103Systems running Google Chrome version prior to
17 Jun 2016VULN258IBM : Vulnerabilities in IBM NotesKeyView PDF FiltersSystems running IBM Notes version 8.5, 8.5.1.5,
16 Jun 2016VULN257RSA : RSA Archer GRC Platform SensitiveInformation Disclosure,VulnerabilitySystems running RSA Archer version 5.5.x
16 Jun 2016VULN256DRUPAL : Drupal Core - ModeratelyCritical - Multiple Vulnerabilities - SA-CORE-2016-002Systems running DRUPAL core version 7.x, 8.x prior
16 Jun 2016VULN255Cisco : Cisco RV110W, RV130W, and RV215WRouters Arbitrary Code Execution VulnerabilityCisco Wireless VPN Firewall/Routers software.
15 Jun 2016VULN254Adobe : Security update available forthe Creative Cloud Desktop ApplicationSystems running Adobe Creative Cloud Desktop
15 Jun 2016VULN253Microsoft : Security Update forMicrosoft Exchange ServerSystems running Microsoft Exchange Server versions
15 Jun 2016VULN252Microsoft : Security Updates forMicrosoft WindowsWindows version Vista, Server 2008, 7, 8.1,
15 Jun 2016VULN251 (Microsoft : Security Update forMicrosoft Office (3163610))Systems running Microsoft Office versions 2007,
15 Jun 2016VULN250Microsoft : Cumulative Security Updatefor JScript and VBScriptSystems running VBScript versions 5.7, 5.8,
15 Jun 2016VULN249Microsoft : Cumulative Security Updatefor Microsoft EdgeSystems running Microsoft Edge.
15 Jun 2016VULN248Microsoft : Cumulative Security Updatefor Internet ExplorerSystems running Internet Explorer versions 9, 10,
15 Jun 2016VULN247Microsoft : Security Update forMicrosoft Windows DNS ServerWindows version Server 2012.
15 Jun 2016VULN246Adobe : Hotfixes available forColdFusionSystems running ColdFusion versions 10, 11, 2016
15 Jun 2016VULN245Adobe : Critical vulnerability in AdobeFlash PlayerSystems running Adobe Flash Player versions
15 Jun 2016VULN244VMware : VMware vCenter Server updatesaddress an important reflective cross-site scripting issueSystems running vCenter Server versions prior to
10 Jun 2016STAT23
3 Jun 2016STAT22
3 Jun 2016VULN236Apache Struts : Two securityvulnerabilities reportedSystems running Apache Struts versions prior to
3 Jun 2016VULN235Xen : Unsanitised inputs in libxl devicehandling codeSystems running Xen.
2 Jun 2016VULN234Cisco : Cisco Prime Network AnalysisModule multiple vulnerabilitiesCisco Prime Network Analysis Module (NAM) releases,
1 Jun 2016VULN233 (Nginx : nginx security advisory(CVE-2016-4450))Systems running nginx versions prior to 1.11.1,
1 Jun 2016VULN232GraphicsMagick : GraphicsMagick 1.3.24fixes two possible shell exploitsSystems running GraphicsMagick versions prior to
1 Jun 2016VULN231cURL : Windows DLL hijackingSystems running libcurl versions 7.11.1 up to and
24 May 2016VULN222Xen : Unrestricted qemu loggingSystems running Xen.
27 May 2016STAT21
26 May 2016VULN230phpMyAdmin : Multiple Vulnerabilitiesfixed in phpMyAdminSystems running phpMyAdmin versions prior to 4.6.2,
26 May 2016VULN229Cisco : Cisco Products IPv6 NeighborDiscovery Crafted Packet Denial of Service VulnerabilityCisco IOS XR Software, Cisco IOS XE Software.
25 May 2016VULN228Cisco : Cisco UCS Invicta SoftwareDefault GPG Key VulnerabilitySystems running Cisco UCS Invicta Software
25 May 2016VULN227ZDI : Trend Micro InterScan Web Securitymultiple vulnerabilitiesSystems running Trend Micro InterScan Web Security.
25 May 2016VULN226IBM : Apache Tomcat as used in IBMQRadar SIEM is susceptible to multiple vulnerabilitiesSystems running IBM Security QRadar SIEM versions
25 May 2016VULN225Apache : CVE-2016-3088 - ActiveMQFileserver web application vulnerabilitiesSystems running Apache ActiveMQ versions 5.0.0 up
25 May 2016VULN224TYPO3 : Missing Access Check in TYPO3CMSSystems running TYPO3 CMS versions 4.3.0 up to and
25 May 2016VULN223VMware : VMware vCenter Server updatesaddress an important cross-site scripting issueSystems running VMware vCenter Server versions 6,
20 May 2016VULN221 (IBM : InstallAnywhere generatesinstallation executables,which are vulnerable to an DLL-plantingvulnerability (CVE-2016-4560))Systems running IBM Security AppScan Source
20 May 2016STAT20
20 May 2016VULN220 (IBM Domino : Vulnerability identified inIBM Domino Java Console,(CVE-2016-0304))Systems running IBM Domino versions 9.0.x, 8.5.x.
19 May 2016VULN219Cisco : Cisco Web Security Appliancemultiple VulnerabilitiesCisco AsyncOS.
18 May 2016VULN218cURL : TLS certificate check bypass withmbedTLS/PolarSSLSystems running libcurl versions 7.21.0 up to and
18 May 2016VULN217Bugzilla : 4.4.11 and 5.0.2 SecurityAdvisorySystems running Bugzilla versions prior to 4.4.12,
18 May 2016VULN216Xen : Arbitrary memory mappings, DoS andarbitrary code execution fixedSystems running Xen.
18 May 2016VULN215Moodle : Multiple vulnerabilities fixedin MoodleSystems running Moodle versions prior to 3.0.4,
17 May 2016VULN214APPLE : APPLE-SA-2016-05-16-3 watchOS2.2.1watchOS versions prior to 2.2.1.
17 May 2016VULN213APPLE : APPLE-SA-2016-05-16-1 tvOS9.2.1tvOS versions prior to 9.2.1.
17 May 2016VULN212APPLE : APPLE-SA-2016-05-16-6 iTunes12.4Systems running iTunes versions prior to 12.4.
17 May 2016VULN211APPLE : APPLE-SA-2016-05-03-1 Xcode7.3.1Systems running Xcode versions prior to 7.3.1.
17 May 2016VULN210APPLE : APPLE-SA-2016-05-16-2 iOS 9.3.2iOS versions prior to 9.3.2.
17 May 2016VULN209APPLE : APPLE-SA-2016-05-16-5 Safari9.1.1Systems running Safari versions prior to 9.1.1.
17 May 2016VULN208APPLE : APPLE-SA-2016-05-16-4 OS X ElCapitan 10.11.5 and Security Update 2016-003Mac OS X versions prior to 10.11.5.
17 May 2016VULN207VMware : VMware product updates addresscritical and important security issuesSystems running vCenter Server versions prior to
13 May 2016STAT19
11 May 2016VULN205US-CERT : Exploitation of SAP BusinessApplicationsSystems running SAP Business Applications.
11 May 2016VULN204Adobe : Security Updates Available forAdobe Acrobat and ReaderSystems running Adobe Acrobat, Adobe Reader
11 May 2016VULN203Adobe : Security Advisory for AdobeFlash PlayerSystems running Adobe Flash Player versions up to
11 May 2016VULN202Microsoft : Important Security Updatefor Volume Manager DriverWindows version Server 2008, 8.1, RT 8.1,
11 May 2016VULN201Microsoft : Important Security Updatefor Virtual Secure ModeWindows version 10 running Virtual Secure Mode.
11 May 2016VULN200Microsoft : Important Security Updatefor .NET FrameworkWindows version Vista, Server 2008, 7, 8.1, RT 8.1,
11 May 2016VULN199Microsoft : Important Security Updatefor Microsoft RPCWindows version Vista, Server 2008, 7, 8.1, RT,
11 May 2016VULN198Microsoft : Important Security Updatefor Windows Kernel-Mode DriversWindows version Vista, Server 2008, 7, 8.1, RT,
11 May 2016VULN197Microsoft : Important Security Updatefor Windows IISWindows version Vista, Server 2008 running
11 May 2016VULN196Microsoft : Critical Security Update forWindows ShellWindows version Server 2012, 8.1, RT 8.1, 10
11 May 2016VULN195Microsoft : Critical Security Update forWindows JournalWindows version Vista, 7, 8.1, RT 8.1, 10
11 May 2016VULN194Microsoft : Critical Security Update forMicrosoft Graphics ComponentWindows version Vista, 7, 8.1, RT 8.1, 10, Server
11 May 2016VULN193Microsoft : Critical Security Update forMicrosoft OfficeSystems running Microsoft Office versions 2007,
11 May 2016VULN192Microsoft : Critical Cumulative SecurityUpdate for Microsoft EdgeSystems running Microsoft Edge.
11 May 2016VULN191Microsoft : Critical Cumulative SecurityUpdate for Internet ExplorerSystems running Internet Explorer versions 9, 10,
11 May 2016VULN190Microsoft : Critical Security Update forJScript and VBScriptWindows version Vista, Server 2008.
9 May 2016VULN189RSA : Patch 14 for RSA AuthenticationManager 8.1 SP1 to Address Multiple VulnerabilitiesSystems running RSA Authentication Manager
9 May 2016VULN188WordPress : WordPress 4.5.2 SecurityRelease and ImageMagick Vulnerability InformationSystems running WordPress versions prior to 4.5.2.
9 May 2016VULN187Shibboleth : Shibboleth SP software feature implemented incorrectlySystems running Shibboleth Service Provider.
6 May 2016STAT18
4 May 2016VULN186ImageMagick : ImageMagick SecurityIssueSystems running ImageMagick version prior to
4 May 2016VULN185OpenSSL : Multiple vulnerabilities fixedin OpenSSLSystems running OpenSSL version 1.0.2.x , 1.0.1.x
3 May 2016VULN184Apache Subversion : Authentication andDoS vulnerabilities fixedSystems running Apache Subversion version prior to
2 May 2016VULN183NTP : April 2016 NTP-4.2.8p7 SecurityVulnerability AnnouncementSystems running NTP version prior to 4.2.8p7.
29 Apr 2016STAT17
26 Apr 2016VULN182Apache Struts : Possible Remote CodeExecution vulnerabilities fixedSystems running Apache Struts version 2 prior to
22 Apr 2016STAT16
22 Apr 2016VULN181Roundcube : Updates 1.1.5 and 1.0.9publishedSystems running Roundcube version prior to 1.1.5,
22 Apr 2016VULN180Squid : Buffer overflow and denial ofservice issue fixedSystems running Squid versions 2.x, 3.x, 4.x prior
21 Apr 2016VULN179Cisco : Multiple Cisco Products libSRTPDenial of Service VulnerabilityCisco products running SRTP version prior to 1.5.3.
21 Apr 2016VULN178Cisco : Cisco Adaptive SecurityAppliance Software DHCPv6 Relay Denial of Service VulnerabilityCisco Adaptive Security Appliance Software.
21 Apr 2016VULN177Cisco : Cisco Wireless LAN ControllerManagement Interface Denial of Service VulnerabilityCisco AireOS Software.
20 Apr 2016VULN176Oracle : April 2016 Critical PatchUpdate ReleasedSystems running Oracle Database Server,
15 Apr 2016STAT15
15 Apr 2016VULN175Asterisk : Crash/Denial of Servicevulnerabilities fixedSystems running Asterisk Open Source versions 13.x
15 Apr 2016VULN174Xen : hugetlbfs use may crash PV LinuxguestsSystems running Xen.
15 Apr 2016VULN173VMware : VMware product updates addressa critical security issue in the VMware Client Integration PluginSystems running vCenter Server versions 6.0,
13 Apr 2016VULN172Cisco : Cisco Unified Computing SystemCentral Software Arbitrary Command Execution VulnerabilityCisco Unified Computing System Central Software.
13 Apr 2016VULN171Microsoft : Update to Improve WirelessMouse Input FilteringWindows version 8.1, 7, 10.
13 Apr 2016VULN170 (Microsoft : Security Update for AdobeFlash Player (3154132))Windows 8.1, Server 2012, RT 8.1, 10
13 Apr 2016VULN169 (Microsoft : Security Update for HTTP.sys(3148795))Windows versions 10 running HTTP.sys.
13 Apr 2016VULN168.1 (Microsoft : Security Update for CSRSS(3148528))Windows versions 8.1, Server 2012, RT 8.1, 10.
13 Apr 2016VULN168 (Microsoft : Security Update for CSRSS(3148528))Windows versions 8.1, Server 2012, 10
13 Apr 2016VULN167 (Microsoft : Security Update for SAM andLSAD Remote Protocols (3148527))Windows versions Vista, Server 2008, 7, 8.1,
13 Apr 2016VULN166 (Microsoft : Security Update forSecondary Logon (3148538))Windows version 10.
13 Apr 2016VULN165 (Microsoft : Security Update for WindowsHyper-V (3143118))Windows versions 8.1, Server 2012, 10
13 Apr 2016VULN164 (Microsoft : Security Update for WindowsOLE (3146706))Windows versions Vista, Server 2008, 7, 8.1,
13 Apr 2016VULN163 (Microsoft : Security Update forMicrosoft Office -Critical (3148775))Systems running Microsoft Office versions 2007,
13 Apr 2016VULN162 (Microsoft : Security Update for .NETFramework(3148789))Systems running .NET Framework.
13 Apr 2016VULN161 (Microsoft : Security Update forMicrosoft XML Core Services (3148541))Windows versions Vista, Server 2008, 7, 8.1, 10,
13 Apr 2016VULN160 (Microsoft : Critical Security Update forMicrosoft Graphics Component (3148522))Windows versions Vista, Server 2008, 7, 8.1, 10, RT,
13 Apr 2016VULN159 (Microsoft : Cumulative Security Updatefor Microsoft Edge (3148532))Cisco IOS XR Software versions 4.2.3, 4.3.0,
13 Apr 2016VULN158 (Microsoft : Cumulative Security Updatefor Internet Explorer (3148531))Systems running Internet Explorer versions 9, 10,
13 Apr 2016VULN157Cisco : Cisco IOS XR for Cisco ASR 9000Series Aggregation Services Routers Interface Flap VulnerabilityCisco IOS XR Software versions 4.2.3, 4.3.0,
13 Apr 2016VULN156Adobe : Security hotfix available forRoboHelp ServerSystems running RoboHelp Server versions 9.0.1.
13 Apr 2016VULN155Adobe : Security update available forthe Creative Cloud Desktop ApplicationSystems running Creative Cloud Desktop Application
13 Apr 2016VULN154TYPO3 : Multiple vulnerabilities fixedin TYPO3Systems running Samba versions prior to 4.4.2,
13 Apr 2016VULN153Samba : Samba 4.4.2, 4.3.8 and 4.2.11Security Releases Available for DownloadSystems running Samba version prior to 4.4.2,
11 Apr 2016VULN152PostgreSQL : 2016-03-31 Security UpdateReleaseSystems running PostgreSQL version prior to 9.5.2,
11 Apr 2016VULN151Citrix : Persistent Cross-Site ScriptingVulnerability in Citrix XenMobile Server 10.x Web User InterfaceSystems running Citrix XenMobile Server versions
8 Apr 2016STAT14
7 Apr 2016VULN150US-CERT : Autodesk Backburner Managercontains a stack-based buffer overflow vulnerabilitySystems running Autodesk Backburner version 2016.
7 Apr 2016VULN149Cisco : Cisco Prime Infrastructure andEvolved Programmable Network Manager VulnerabilitiesSystems running Cisco Prime Infrastructure,
7 Apr 2016VULN148Cisco : Cisco TelePresence Server Denialof Service VulnerabilitiesCisco TelePresence Server sofware versions 3, 4.
7 Apr 2016VULN147Cisco : Cisco UCS Invicta Default SSHKey VulnerabilityCisco UCS Invicta Software.
4 Apr 2016VULN146PHP : PHP 7.0.5, 5.6.20, 5.5.34 fixessecurity issuesSystems running PHP version prior to 7.0.5, 5.6.20,
4 Apr 2016VULN145Squid : Buffer overrun in pinger ICMPv6and DoS issue in HTTP Response processingSystems running Squid version 3, 4 prior to 4.0.8,
1 Apr 2016STAT13
31 Mar 2016VULN144Cisco : Cisco Firepower Malware BlockBypass VulnerabilitySystems running Cisco Firepower System Software .
31 Mar 2016VULN143Open vSwitch : CVE-2016-2074 MPLS bufferoverflow vulnerabilities in Open vSwitchSystems running Open vSwitch version 2.4.x, 2.3.x,
31 Mar 2016VULN142Apache Openmeetings : Multiplevulnerabilities fixed in Openmeetings 3.1.1Systems running Apache Openmeetings versions
31 Mar 2016VULN141Red Hat : Important Red Hat JBoss BPMSuite 6.2.2 updateSystems running Red Hat JBoss BPM Suite versions
30 Mar 2016VULN140Xen : broken AMD FPU FIP/FDP/FOP leak workaroundSystems running Xen versions 4.
29 Mar 2016VULN139Npm : Package install scriptsvulnerabilitySystems running npm.
24 Mar 2016VULN138Cisco : Cisco IOS Software Wide AreaApplication Services Express Denial of Service VulnerabilityCisco IOS Software.
25 Mar 2016STAT12
24 Mar 2016VULN137Cisco : Cisco IOS and NX-OS SoftwareLocator/ID Separation Protocol Packet Denial of Service VulnerabilityCisco IOS, Cisco NX-OS Software.
24 Mar 2016VULN136Cisco : Cisco IOS and IOS XE SoftwareDenial of Service VulnerabilitiesCisco IOS XE, Cisco IOS.
24 Mar 2016VULN135Cisco : Cisco IOS and IOS XE and CiscoUnified Communications Manager Software Session Initiation Protocol MemoryLeak VulnerabilityCisco IOS, Cisco IOS XE, Cisco Unified
24 Mar 2016VULN134Oracle : Oracle Security Alert forCVE-2016-0636Systems running Oracle Java SE.
22 Mar 2016VULN133US-CERT : Solarwinds Dameware RemoteMini Controller Windows service vulnerable to stack buffer overflowWindows running Dameware Remote Mini Controller.
22 Mar 2016VULN132Moodle : Multiple vulnerabilities fixedin MoodleSystems running Moodle version prior to 3.0.3,
22 Mar 2016VULN128APPLE : APPLE-SA-2016-03-21-7 OS XServer 5.1Mac OS X Server version prior to 5.1.
22 Mar 2016VULN126APPLE : APPLE-SA-2016-03-21-5 OS X ElCapitan 10.11.4 and Security Update,2016-002Mac OS X versions prior to El Capitan 10.11.4.
22 Mar 2016VULN131APPLE : APPLE-SA-2016-03-21-2 watchOS2.2watchOS version prior to 2.2.
22 Mar 2016VULN130APPLE : APPLE-SA-2016-03-21-3 tvOS 9.2tvOS versions prior to 9.2.
22 Mar 2016VULN129APPLE : APPLE-SA-2016-03-21-4 Xcode 7.3Mac OS X running Xcode version prior to 7.3.
22 Mar 2016VULN125APPLE : APPLE-SA-2016-03-21-1 iOS 9.3iOS versions prior to 9.3.
22 Mar 2016VULN127APPLE : APPLE-SA-2016-03-21-6 Safari9.1Systems running Safari version prior to 9.1.
21 Mar 2016VULN124GitLab : What Git vulnerabilitiesCVE-2016-2324 and 2315 mean for GitLab and youSystems running GitLab version prior to 8.2.4,
21 Mar 2016VULN123Git : Git v2.7.4 fix a heap corruption -buffer overflow vulnerabilitySystems running Git versions prior to 2.7.4.
18 Mar 2016STAT11
18 Mar 2016VULN122US-CERT : Quagga bgpd with BGP peersenabled for VPNv4 contains a buffer overflow vulnerabilitySystems running Quagga version prior to
18 Mar 2016VULN121HP : ArcSight ESM and ESM Express,Remote Arbitrary File Download, Local Arbitrary Command ExecutionSystems running ArcSight ESM versions 5.x, 6.5.x
18 Mar 2016VULN120Symantec : Symantec Endpoint ProtectionMultiple Security IssuesSystems running Symantec Endpoint Protection
17 Mar 2016VULN119Xen : I/O port access privilegeescalation in x86-64 LinuxLinux running Xen.
16 Mar 2016VULN118Apache Struts : Possible Remote CodeExecution and XSS vulnerabilities fixedSystems running Apache Struts versions prior to
16 Mar 2016VULN117Red Hat : Important kernel securityupdateRed Hat Enterprise Linux versions 5.
16 Mar 2016VULN116VMware : VMware vRealize Automation andvRealize Business Advanced and Enterprise address Cross-Site Scripting (XSS)issuesSystems running VMware vRealize Automation
15 Mar 2016VULN115Apache ActiveMQ : ActiveMQ Web Console -Cross-Site Scripting and ClickjackingSystems running Apache ActiveMQ versions 5 prior
15 Mar 2016VULN114Exim : Security release forCVE-2016-1531: 4.84.2, 4.85.2, 4.86.2, 4.87 RC5Systems running Exim versions prior to 4.84.2,
11 Mar 2016STAT10
11 Mar 2016VULN113SPIP : Mise à jour CRITIQUE de sécurité - Sortie de SPIP 3.1.1, SPIP 3.0.22 et SPIP 2.1.29Systems running SPIP versions prior to 3.1.1,
11 Mar 2016VULN112OpenSSH : OpenSSH 7.2p2 fix possiblecommand injection in xauthSystems running OpenSSH versions prior to 7.2p2.
10 Mar 2016VULN111Microsoft : Security Update forMicrosoft Windows to Address Elevation of PrivilegeWindows versions Vista, Server 2008, 7.
10 Mar 2016VULN110Microsoft : Important Security Updatefor Windows OLE to Address Remote Code ExecutionWindows version Vista, Server 2008, 7, 8.1,
10 Mar 2016VULN109 (Microsoft : Important Security Updatefor Microsoft Office to Address Remote Code Execution (3141806))Systems running Microsoft Office,
10 Mar 2016VULN108 (Microsoft : Security Update forMicrosoft Windows PDF Library to Address Remote Code Execution (3143081))Windows versions 8.1, 10, Server 2012 running
10 Mar 2016VULN107 (Microsoft : Security Update for WindowsMedia to Address Remote Code Execution (3143146))Windows versions 7, 8.1, Server 2008, Server 2012,
10 Mar 2016VULN105 (Microsoft : Critical Security Update forGraphic Fonts to Address Remote Code Execution (3143148))Windows versions Vista, 7, 8.1, 10, Server 2008,
10 Mar 2016VULN106 (Microsoft : Important Security Updatefor Windows Library Loading to Address Remote Code Execution (3140709))Windows versions Vista, Server 2008.
10 Mar 2016VULN104Cisco : Cisco Cable Modem with DigitalVoice Remote Code Execution VulnerabilityCisco Cable Modem with Digital Voice Model DPC2203
10 Mar 2016VULN103Cisco : Cisco Wireless ResidentialGateway Vulnerabilities fixedCisco Wireless Residential Gateway software.
10 Mar 2016VULN102Cisco : Cisco ASA Content Security andControl Security Services Module Denial of Service VulnerabilityCisco ASA Content Security and Control Security
10 Mar 2016VULN101BIND : DoS vulnerability related to DNScookies fixedSystems running BIND 9 versions prior to 9.10.3-P4.
9 Mar 2016VULN100 (Microsoft : Cumulative Security Updatefor Microsoft Edge (3142019))Windows version 10 running Microsoft Edge.
9 Mar 2016VULN099Samba : Two vulnerabilities fixedSystems running Samba versions 3, 4 prior to
9 Mar 2016VULN098 (Microsoft : Cumulative Security Updatefor Internet Explorer (3142015))Systems running Internet Explorer versions 9, 10,
8 Mar 2016VULN097ISC DHCP : CVE-2016-2774 DoSvulnerability fixedSystems running ISC DHCP versions prior to
8 Mar 2016VULN096PuTTY : PuTTY 0.67 released fixing aremote code execution vulnerabilitySystems running PuTTY versions prior to 0.67.
4 Mar 2016STAT09
4 Mar 2016VULN095Ruby on Rails : Rails 4.2.5.2, 4.1.14.2and 3.2.22.2 have been released!Systems running Rails versions prior to 4.2.5.2,
4 Mar 2016VULN094Apache Wicket : Apache Wicket XSSvulnerabilitiesSystems running Apache Wicket versions 1.5.x, 6.x,
4 Mar 2016VULN093Django : Django security releases issued1.9.3 and 1.8.10Systems running Django versions prior to 1.9.3,
3 Mar 2016VULN092phpMyAdmin : XSS and man-in-the-middlevulnerabilities fixedSystems running phpMyAdmin versions 4.5.x, 4.4.x,
3 Mar 2016VULN091Google Chrome : Chrome 49.0.2623.75fixes several vulnerabilitiesSystems running Google Chrome versions prior to
3 Mar 2016VULN090Cisco : Cisco Web Security ApplianceHTTPS Packet Processing Denial of Service VulnerabilityCisco WSA Software.
3 Mar 2016VULN089Cisco : Cisco NX-OS Software TCPNetstack Denial of Service VulnerabilityCisco NX-OS Software.
3 Mar 2016VULN088Cisco : Cisco Nexus 3000 Series and 3500Platform Switches Insecure Default Credentials VulnerabilityCisco NX-OS Software.
3 Mar 2016VULN087Cisco : Cisco NX-OS Software SNMP PacketDenial of Service VulnerabilityCisco NX-OS Software.
3 Mar 2016VULN086Cisco : Multiple Vulnérabilises in OpenSSL Affecting Cisco Products March 2016Cisco software running SSL versions 2.
1 Mar 2016VULN085OpenSSL : OpenSSL Security Advisory [1stMarch 2016]Systems running OpenSSL versions prior to 1.0.2g,
29 Feb 2016VULN084Wireshark : Multiple vulnerabilitiesfixed in Wireshark. Systems running Wireshark versions 1, 2 prior to
26 Feb 2016STAT08
26 Feb 2016VULN083IBM : IBM QRadar SIEM and IncidentForensics fix for Glibc and IBM Java SDK vulnerabilitiesSystems running IBM Security QRadar SIEM
26 Feb 2016VULN082 (Palo Alto : ESM Console XSSvulnerability (CVE-2015-2223) (PAN-SA-2016-0001))Traps ESM Console versions prior to 3.1.5.3691,
26 Feb 2016VULN081Palo Alto : Palo Alto Networks PAN-OSmultiple vulnerabilitiesPAN-OS versions prior to 5.0.18, 6.0.13, 6.1.10,
26 Feb 2016VULN080APPLE : APPLE-SA-2016-02-25-1 Apple TV7.2.1Apple TV Software versions prior to 7.2.1.
25 Feb 2016VULN079Apache : Apache Xerces-C XML ParserCrashes on Malformed InputSystems running Apache Xerces-C XML Parser library
25 Feb 2016VULN078Cisco : Cisco FirePOWER ManagementCenter Unauthenticated Information Disclosure VulnerabilityCisco FirePOWER Management Center versions 5.x,
25 Feb 2016VULN077Cisco : Cisco ACE 4710 ApplicationControl Engine Command Injection VulnerabilityCISCO ACE A5 software versions up to A5(3.0).
25 Feb 2016VULN076Jenkins : Multiple vulnerabilities fixedin JenkinsSystems running Jenkins versions prior to 1.650,
25 Feb 2016VULN075Squid : Multiple Denial of Serviceissues in HTTP Response processingSystems running Squid versions 3.x, 4.x prior to
25 Feb 2016VULN074Drupal Core : Critical - MultipleVulnerabilities - SA-CORE-2016-001Systems running Drupal Core versions 6.x, 7.x, 8.x
24 Feb 2016VULN073Blackberry : BSRT-2016-001Vulnerabilities in BES12 Management Console impacts BES12Systems running BES versions prior to 12.4.
24 Feb 2016VULN072Cisco : Cisco Nexus 2000 Series FabricExtender Software Default Credential VulnerabilityCisco Nexus 2000 Series Fabric Extender Software.
24 Feb 2016VULN071TYPO3 : Multiple Vulnerabilities fixedin TYPO3Systems running TYPO3 versions 6.2, 7.6
23 Feb 2016VULN070Apache Tomcat : Vulnerabilities fixed inApache TomcatSystems running Apache Tomcat versions 6, 7, 8, 9
22 Feb 2016VULN069LibreOffice : LotusWordPro Multiplebounds overflowsSystems running versions prior to 5.0.5, 5.1.0.
22 Feb 2016VULN068Cisco : Vulnerability in GNU glibcAffecting Cisco Products February 2016Cisco software with GNU glibc.
22 Feb 2016VULN067Cisco : Cisco ASR 5000 Series StarOS SSHSubsystem Privilege Escalation VulnerabilityCisco ASR 5000 Series StarOS prior to
22 Feb 2016VULN066Symantec : Symantec EncryptionManagement Server Multiple Security IssuesSystems running Symantec Encryption Management
22 Feb 2016VULN065Novell : CVE-2015-5970 ZCM ZENworksChangePassword XPath Injection Information Disclosure VulnerabilitySystems running Novell ZENworks CM version 11.4,
22 Feb 2016VULN064VMware : VMware product updates addressa critical glibc security vulnerabilitySystems running VMware ESXi version 5.5, 6.0,
19 Feb 2016STAT07
19 Feb 2016VULN063Squid : Remote Denial of service issuein SSL/TLS processingSystems running Squid.
19 Feb 2016VULN062Xen : VMX guest user mode may crashguest with non-canonical RIPSystems running Xen.
17 Feb 2016VULN061Google : Glibc getaddrinfo stack-basedbuffer overflow CVE-2015-7547Systems running glibc.
16 Feb 2016VULN060Postgresql : 2016-02-11 Security UpdateReleaseSystems running Postgresql versions prior to
12 Feb 2016VULN058Microsoft : Important Security Updatefor Microsoft Office to Address Remote Code ExecutionSystems running Microsoft Office versions 2007,
12 Feb 2016VULN059 (Microsoft : Important Security Updatefor WebDAV to Address Elevation of Privilege (3136041))Windows versions Vista, Server 2008, 7, 8.1, 10,
12 Feb 2016VULN057Microsoft : Critical Security Update forMicrosoft Windows to Address Remote Code ExecutionWindows versions Vista, Server 2008, 7, 8.1, 10,
12 Feb 2016VULN056Apache : CVE-2015-3251 Apache CloudStackVM Credential ExposureSystems running Apache CloudStack versions 4.4.4,
12 Feb 2016VULN055EMC Documentum : EMC Documentum xCPSecurity Update for Multiple VulnerabilitiesSystems running EMC Documentum xCP versions 2.1,
12 Feb 2016STAT06
11 Feb 2016VULN053 (Microsoft : Security Update forMicrosoft Windows PDF Library to Address Remote Code Execution (3138938))Cisco ASA Software.
11 Feb 2016VULN054 (Microsoft : Security Update for WindowsJournal to Address Remote Code Execution (3134811))Windows versions Vista, Server 2008, 7, 8.1,
11 Feb 2016VULN051Microsoft : Cumulative Security Updatefor Internet Explorer (3134220Systems running Internet Explorer versions 9, 10,
11 Feb 2016VULN052 (Microsoft : Cumulative Security Updatefor Microsoft Edge (3134225))Windows version 10 running Microsoft Edge.
11 Feb 2016VULN050Cisco : Cisco ASA Software IKEv1 andIKEv2 Buffer Overflow VulnerabilityCisco ASA Software.
9 Feb 2016VULN049Oracle Java : Security AlertCVE-2016-0603 ReleasedWindows running Java versions 6, 7, 8 prior to
5 Feb 2016STAT05
4 Feb 2016VULN048Cisco : Cisco Application PolicyInfrastructure Controller Access Control VulnerabilityCisco Application Policy Infrastructure
4 Feb 2016VULN047Cisco : Cisco ASA-CX and Cisco PrimeSecurity Manager Privilege Escalation VulnerabilityCisco ASA-CX software, Cisco Prime Security
4 Feb 2016VULN046Cisco : Cisco Nexus 9000 Series ACI ModeSwitch ICMP Record Route VulnerabilityCisco Nexus 9000 software.
4 Feb 2016VULN045Asterisk : Vulnerabilities fixed inAsteriskSystems running Asterisk versions prior to 11.21.1,
29 Jan 2016STAT04
29 Jan 2016VULN044OpenSSL : OpenSSL Security Advisory[28th Jan 2016]Systems running OpenSSL versions prior to 1.0.2f,
29 Jan 2016VULN042Phpmyadmin : Multiple vulnerabilitiesfixed in PhpmyadminSystems running phpmyadmin versions 4.0.x prior to
29 Jan 2016VULN043Apache Hive : CVE-2015-7521 Apache Hiveauthorization bug disclosureSystems running Apache Hive versions 1.0, 1.1, 1.2.
28 Jan 2016VULN041Rails : Rails 5.0.0.beta1.1, 4.2.5.1,4.1.14.1, 3.2.22.1, and rails-html-sanitizer 1.0.3Systems running Rails versions prior to
27 Jan 2016VULN040Cisco : Cisco RV220W ManagementAuthentication Bypass VulnerabilityCisco RV220W Wireless Network Security Firewall
27 Jan 2016VULN039Cisco : Cisco Wide Area ApplicationService CIFS Denial of Service VulnerabilityCisco Wide Area Application Service software.
27 Jan 2016VULN038Xen : Vulnerabilities fixed in XenXen versions 3.3, 3.4.0, 3.4.1, from 4.1 onwards.
27 Jan 2016VULN037cURL : NTLM credentials not-checked forproxy connection re-useSystems running libcurl versions 7.10.7 up to and
27 Jan 2016VULN036NTP : January 2016 NTP-4.2.8p6 SecurityVulnerability AnnouncementSystems running NTP versions prior to 4.2.8p6.
22 Jan 2016VULN035Cisco : Cisco Unified Computing SystemManager and Cisco Firepower 9000 Remote Command Execution VulnerabilityCisco UCS Manager software, Cisco Firepower 9000
22 Jan 2016VULN034Cisco : Cisco Modular Encoding PlatformD9036 Software Default Credentials VulnerabilityCisco Modular Encoding Platform D9036 Software.
22 Jan 2016VULN033Debian : fuse security updateDebian running fuse versions prior to
22 Jan 2016VULN032Google Chrome : Google Chrome48.0.2564.82 fixes multiple vulnerabilitiesSystems running Google Chrome versions prior to
22 Jan 2016VULN031Cisco : Cisco Web Security ApplianceSecurity Bypass VulnerabilityCisco Web Security Appliance (WSA) versions
22 Jan 2016STAT03
20 Jan 2016VULN030Debian : Local privilege escalation andother vulnerabilities fixed in DebianLinux,
20 Jan 2016VULN029Oracle : January 2016 Critical PatchUpdate ReleasedSystems running Oracle Database Server,
20 Jan 2016VULN028APPLE : APPLE-SA-2016-01-19-3 Safari9.0.3Systems running Safari versions 9 prior to 9.0.3.
20 Jan 2016VULN027APPLE : OS X El Capitan 10.11.3 andSecurity Update 2016-001OS X versions prior to El Capitan 10.11.3.
20 Jan 2016VULN026APPLE : APPLE-SA-2016-01-19-1 iOS 9.2.1iOS versions 9 prior 9.2.1.
20 Jan 2016VULN025BIND : Vulnerabilities fixed in BIND9.9.8-P3, 9.10.3-P3Systems running BIND versions 9 prior to 9.9.8-P3,
19 Jan 2016VULN024Moodle : Vulnerabilities fixed in Moodle2.7.12, 2.8.10, 2.9.4, 3.0.2Systems running Moodle versions prior to 2.7.12,
18 Jan 2016VULN023Cisco : Cisco FireSIGHT ManagementCenter Cross-Site Scripting VulnerabilitiesCisco FireSIGHT software.
15 Jan 2016STAT02
14 Jan 2016VULN022OpenSSH : Vulnerabilities fixed inOpenSSH clientsOpenSSH clients versions between 5.4 and 7.1.
14 Jan 2016VULN021Juniper : Multiple vulnerabilities fixedin JunosJunos versions prior to 12.1X44-D60, 12.1X46-D45,
14 Jan 2016VULN020Cisco : Cisco Aironet 1800 Series AccessPoint Denial of Service VulnerabilityCisco Aironet 1800 Series Access Point software.
14 Jan 2016VULN019Cisco : Cisco Identity Services EngineUnauthorized Access VulnerabilitySystems running Cisco Identity Services Engine
14 Jan 2016VULN018Cisco : Cisco Wireless LAN ControllerUnauthorized Access VulnerabilitySystems running Cisco Wireless LAN Controller
13 Jan 2016VULN017Cisco : Cisco Aironet 1800 Series AccessPoint Default Static Account Credentials VulnerabilityCisco Aironet 1800 Series Access Point software.
13 Jan 2016VULN016Adobe : Security Updates Available forAdobe Acrobat and ReaderSystems running Adobe Acrobat, Adobe Reader
13 Jan 2016VULN015 (Microsoft : Important Security Updatefor Microsoft Exchange Server to Address Spoofing (3124557))Systems running Microsoft Exchange Server version
13 Jan 2016VULN014 (Microsoft : Important Security Updatefor Windows Kernel to Address Elevation of Privilege (3124605))Windows version Vista, Server 2008, 7, 8, 8.1,
13 Jan 2016VULN013 (Microsoft : Important Security Updatefor Microsoft Windows to Address Remote Code Execution (3124901))Windows version Vista, Server 2008, 7, 8, 8.1,
13 Jan 2016VULN012 (Microsoft : Critical Security Update forSilverlight to Address Remote Code Execution (3126036))Systems running Silverlight version 5.
13 Jan 2016VULN011 (Microsoft : Critical Security Update forWindows Kernel-Mode Drivers to Address Remote Code Execution (3124584))Windows version Vista, Server 2008, 7, 8, 8.1,
13 Jan 2016VULN010 (Microsoft : Critical Security Update forMicrosoft Office to Address Remote Code Execution (3124585))Systems running Microsoft Office versions 2007,
13 Jan 2016VULN009 (Microsoft : Critical Cumulative SecurityUpdate for JScript and VBScript to Address Remote Code Execution (3125540))Windows version Vista, Server 2008 running
13 Jan 2016VULN008 (Microsoft : Critical Cumulative SecurityUpdate for Microsoft Edge (3124904))Windows version 10 running Microsoft Edge.
13 Jan 2016VULN007Microsoft : Critical Cumulative SecurityUpdate for Internet ExplorerSystems running Internet Explorer versions 7, 8,
13 Jan 2016VULN006Cisco : Cisco Adaptive SecurityAppliance Non-DCERPC Traffic Bypass VulnerabilityCisco ASA Software versions 9.4.1 up to and
13 Jan 2016VULN005Fortiguard : FortiOS SSH UndocumentedInteractive Login VulnerabilityFortiOS versions 4.3.x, 5.0.x prior to 4.3.17,
13 Jan 2016VULN004ISC DHCP : CVE-2015-8605 UDP payloadlength not properly checkedSystems running ISC DHCP versions 4, 3 prior to
11 Jan 2016VULN003WordPress : WordPress 4.4.1 Security andMaintenance ReleaseSystems running WordPress versions prior to 4.4.1.
8 Jan 2016STAT01
8 Jan 2016VULN002APPLE : APPLE-SA-2016-01-07-1 QuickTime7.7.9Systems running QuickTime versions prior to 7.7.9.
8 Jan 2016VULN001VMware : VMware ESXi, Workstation,Player and Fusion updates address important guest privilege escalationvulnerabilitySystems running VMware ESXi versions 6.0, 5.5,




      
Conception & développement : D.O.S.I. - Dernière mise à jour : 30/12/2016