Oracle Solaris Critical Patch Update : jul2015_SRU11_2_10_5_0

This Solaris system is missing necessary patches to address critical security updates : - Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: NFSv4. Supported versions that are affected are 10 and 11.2. Difficult to exploit vulnerability requiring logon to...

Oracle Solaris Critical Patch Update : jul2015_SRU11_2_11_5_0

This Solaris system is missing necessary patches to address critical security updates : - Vulnerability in the Solaris component of Oracle Sun Systems Products Suite subcomponent: S10 Branded Zone. Supported versions that are affected are 10 and 11.2. Easily exploitable vulnerability requiring...

Oracle E-Business Multiple Vulnerabilities (July 2015 CPU)

The version of Oracle E-Business installed on the remote host is missing the July 2015 Oracle Critical Patch Update CPU. It is, therefore, affected by affected by vulnerabilities in the following components : - Oracle Application Object Library CVE-2015-2618 - Oracle Application Object Library...

Oracle Releases July 2015 Security Advisory

Oracle has released security fixes to address 193 vulnerabilities as part of its quarterly Critical Patch Update. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the Oracle July 2015...

Oracle Critical Patch Update Advisory - July 2015

A Critical Patch Update CPU is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update...

OpenEMR vulnerable to authentication bypass

Overview OpenEMR is an electronic health records and medical practice management application. OpenEMR contains an authentication bypass vulnerability CWE-302. Shoji Baba reported this vulnerability to IPA. JPCERT/CC coordinated with the developer under Information Security Early Warning...

Important: Red Hat Security Advisory: kvm security update

Updated kvm packages that fix one security issue are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available from t...

CVE-2015-2360

CVE-2015-2360 is a local privilege-escalation in Windows kernel-mode driver Win32k.sys affecting multiple Windows versions (Server 2003 SP2/R2 SP2, Vista SP2, Server 2008 SP2/R2 SP1, Windows 7 SP1, 8/8.1, Server 2012/2012 R2, RT/RT 8.1). The underlying issue is in Win32k.sys that allows crafted a...

Updated mariadb packages fix security vulnerabilities

Updated mariadb packages fix security vulnerabilities: This update provides MariaDB 5.5.43, which fixes several security issues and other bugs. Please refer to the Oracle Critical Patch Update Advisories and the Release Notes for MariaDB for further information regarding the security...

RHEL 5 / 6 / 7 : java-1.6.0-sun (RHSA-2015:0858)

Updated java-1.6.0-sun packages that fix several security issues are now available for Oracle Java for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Important security impact. Common Vulnerability Scoring System CVSS base scores, which give detaile...

Critical: Red Hat Security Advisory: java-1.7.0-oracle security update

Updated java-1.7.0-oracle packages that fix several security issues are now available for Oracle Java for Red Hat Enterprise Linux 5, 6, and 7. Red Hat Product Security has rated this update as having Critical security impact. Common Vulnerability Scoring System CVSS base scores, which give...

Debian DSA-3229-1 : mysql-5.5 - security update

Several issues have been discovered in the MySQL database server. The vulnerabilities are addressed by upgrading MySQL to the new upstream version 5.5.43. Please see the MySQL 5.5 Release Notes and Oracle's Critical Patch Update advisory for further details : -...

Secunia Research: Oracle Outside In ibpsd2.dll PSD File Processing Buffer Overflow Vulnerability

====================================================================== Secunia Research 16/04/2015 Oracle Outside In ibpsd2.dll PSD File Processing Buffer Overflow Vulnerability ====================================================================== Table of Contents Affected...

Oracle Enterprise Manager Cloud Control Unspecified Vulnerability (April 2015 CPU)

The version of Oracle Enterprise Manager Cloud Control installed on the remote host is affected by an unspecified flaw in the My Oracle Support Plugin subcomponent of the Enterprise Manager Base Platform component. A remote attacker can exploit this to impact the integrity of the system. Note tha...

Multiple vulnerabilites in Java 1.7.0_15

The version of Java we bundle with Confluence is badly out of date, and well behind the security baseline Oracle defines see http://www.oracle.com/technetwork/java/javase/7u80-relnotes-2494162.html for example, which says we should be running update 79 for security fixes, and update 80 for...

Oracle E-Business Multiple Vulnerabilities (April 2015 CPU)

The version of Oracle E-Business installed on the remote host is missing the April 2015 Oracle Critical Patch Update CPU. It is, therefore, affected by vulnerabilities in the following components : - A unspecified flaw exists related to the Configurator DMZ rules subcomponent in the Applications...

Oracle Patch Update Delivers 98 Fixes

Released alongside patches from Microsoft and Adobe yesterday, Oracle’s regularly scheduled Critical Patch Update fixed 98 issues across a handful of products, including Oracle’s Database, Fusion Middleware, Java SE, and MySQL, to name a few. One of the most pressing issues the update resolves is...

Oracle Releases April 2015 Security Advisory

Oracle has released security fixes to address 98 vulnerabilities as part of its quarterly Critical Patch Update. Exploitation of some of these vulnerabilities may allow a remote attacker to take control of an affected system. Users and administrators are encouraged to review the Oracle April 2015...

Oracle Critical Patch Update - April 2015

A Critical Patch Update CPU is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update...

Oracle Critical Patch Update Advisory - January 2015

A Critical Patch Update CPU is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update...