Notre sélection d'alertes et avis SSI.
Sources : US Cert, Cert EU, Cert FR, Cnil, VulDB.

VMware Security Advisories (VMSA-2014-0003) (CERT-EU Security Advisory 2014-039)

VMware vSphere Client updates address security vulnerabilities
Auteur: Cert EU

Oracle Critical Patch Update Advisory of April 2014 (CERT-EU Security Advisory 2014-038)

Oracle Critical Patch Update Advisory of April 2014 contains 104 new security fixes across the product families.
Auteur: Cert EU

UPDATE OpenSSL CRITICAL vulnerability (CERT-EU Security Advisory 2014-034)

OpenSSL library is vulnerable to a memory leakage. Both servers and clients are affected. It can lead to a leak of the content of the memory allowing access to private keys, credentials, or any other confidential data . There are already some...
Auteur: Cert EU

Apache Tomcat Update (CERT-EU Security Advisory 2014-037)

It was possible to craft a malformed Content-Type header for a multipart request that caused Apache Tomcat to enter an infinite loop. A malicious user could, therefore, craft a malformed request that triggered a denial of service.
Auteur: Cert EU

Microsoft Security Updates (EU Security Advisory 2014-036)

Microsoft has published on a number of new security updates which has been released on April 08, 2014.
Auteur: Cert EU

Security updates available for Adobe Flash Player (CERT-EU Security Advisory 2014-035)

Adobe has released security updates for Adobe Flash Player 12.0.0.77 and earlier versions for Windows and Macintosh and Adobe Flash Player 11.2.202.346 and earlier versions for Linux. These updates address vulnerabilities that could potentially...
Auteur: Cert EU

Multiple vulnerabilities in Cisco IOS (CERT-EU Security Advisory 2014-033)

Cisco released its semiannual Cisco IOS Software Security Advisory Bundled Publication on March 26, 2014.
Auteur: Cert EU

Vulnerability in Microsoft Word could allow remote code execution (CERT-EU Security Advisory 2014-032)

There is a vulnerability affecting multiple versions of Microsoft Word. At this time, we are aware of limited, targeted attacks directed at Microsoft Word 2010. The vulnerability could allow remote code execution if a user opens a specially...
Auteur: Cert EU

Security updates available for Adobe Flash Player (CERT-EU Security Advisory 2014-031)

Adobe has released security updates for Adobe Flash Player 12.0.0.70 and earlier versions for Windows and Macintosh and Adobe Flash Player 11.2.202.341 and earlier versions for Linux. [1]
Auteur: Cert EU

Multiple vulnerabilities in Microsoft products (CERT-EU Security Advisory 2014-030)

Microsoft released five bulletins [1] to address 23 unique CVEs in Microsoft Windows, Internet Explorer and Silverlight.
Auteur: Cert EU

Snake Campaign and Cyber Espionage Toolkit [1] (CERT-EU Security Advisory 2014-029)

BAE Systems have recently published a report on so called Snake Campaign and Cyber Espionage Toolkit [1].
Auteur: Cert EU

Cisco Small Business Router Password Disclosure Vulnerability [1] (CERT-EU Security Advisory 2014-028)

A vulnerability in the web management interface of the Cisco RV110W Wireless-N VPN Firewall, the Cisco RV215W Wireless-N VPN Router, and the Cisco CVR100W Wireless-N VPN Router could allow an unauthenticated, remote attacker to gain...
Auteur: Cert EU

Multiple Vulnerabilities in Cisco Wireless LAN Controllers [1] (CERT-EU Security Advisory 2014-027)

The Cisco Wireless LAN Controller (WLC) product family is affected by the following vulnerabilities
Auteur: Cert EU

JBoss Enterprice Aplication Platform update [1] (CERT-EU Security Advisory 2014-026)

An update for Red Hat JBoss Enterprise Application Platform 6.2.1 is now available from the Red Hat Customer Portal.
Auteur: Cert EU

SSL/TSL implementation security Issues [1] (CERT-EU Security Advisory 2014-025)

Recently have been published a couple of bugs in ssl/tsl protocol from Apple [1] and GNU [2].
Auteur: Cert EU

SOHO routers vulnerabilities leading to man-in-the-middle attack [1] (CERT-EU Security Advisory 2014-024)

Different vulnerabilities and default configuration in several brands of SOHO routers allowed dns misconfiguration in hundreds of thousands of devices.
Auteur: Cert EU

Cisco Prime Infrastructure Command Execution Vulnerability [1] (CERT-EU Security Advisory 2014-023)

A vulnerability in Cisco Prime Infrastructure could allow an authenticated, remote attacker to execute arbitrary commands with root-level privileges.
Auteur: Cert EU

UPDATED Bios update for Hewlett Packard server products (CERT-EU Security Advisory 2014-008)

There is a Bios update for HP Proliant G7 server.
Auteur: Cert EU

SSL Vulnerability in iOS and OS X [1] (CERT-EU Security Advisory 2014-022)

Due to a flaw in authentication logic on iOS and OS X platforms, an attacker can bypass SSL/TLS verification routines upon the initial connection handshake.
Auteur: Cert EU

Microsoft Security Advisory [1] (CERT-EU Security Advisory 2014-021)

Microsoft is aware of limited, targeted attacks that attempt to exploit a vulnerability in Internet Explorer 10.
Auteur: Cert EU

Microsoft Security Advisory related to Adobe Flash Player [1] (CERT-EU Security Advisory 2014-020)

Microsoft is announcing the availability of an update for Adobe Flash Player in Internet Explorer on all supported editions of Windows 8, Windows Server 2012, Windows RT, Windows 8.1, Windows Server 2012 R2, and Windows RT 8.1.
Auteur: Cert EU

Security updates available for Adobe Flash Player (CERT-EU Security Advisory 2014-019)

Adobe has released security updates for Adobe Flash Player 12.0.0.44 and earlier versions for Windows and Macintosh and Adobe Flash Player 11.2.202.336 and earlier versions for Linux.
Auteur: Cert EU

JBoss Enterprice Aplication Platform update [1] (CERT-EU Security Advisory 2014-018)

An update for Red Hat JBoss Enterprise Application Platform 6.2.0, which fixes three security issues, several bugs, and adds various enhancements, is now available from the Red Hat Customer Portal.
Auteur: Cert EU

Title: Cisco Firewall Services Module Cut-Through Proxy Denial of Service Vulnerability [1] (CERT-EU Security Advisory 2014-017)

Cisco Firewall Services Module (FWSM) Software contains a vulnerability that could allow an unauthenticated, remote attacker to cause a reload of an affected system.
Auteur: Cert EU

Multiple Vulnerabilities in Cisco IPS Software [1] (CERT-EU Security Advisory 2014-016)

Cisco Intrusion Prevention System (IPS) Software is affected by the following vulnerabilities
Auteur: Cert EU
First3456789101112Last

Événements SSI