Current Security Information
The following is a list of links to current security threats, vulnerabilities and advisories from Secunia, SANS and Microsoft.
The The Consensus Security Alert from SANS lists vulnerabilities detected in a variety of software including Open Source applications, device firmware and proprietary code. These are vulnerabilities that may or may not have been fixed, please see each announcement for more information. To establish whether a vulnerability has been fixed see the application vendor's website.
The Microsoft security bulletins are announcements that updates addressing reported or unreported vulnerabilities have been issued. Each bulletin may cover one or more updates and discusses the vulnerability fixed. It is not a comprehensive announcement of vulnerabilities, and vulnerabilities may exist that are not listed and have not been disclosed.
The Virus alerts from Secunia list current viral threats of varying severity.
- The Consensus Security Alert from SANS
- Current Microsoft Security Bulletins
- Current Virus Alerts from Secunia
The Consensus Security Alert from SANS
- SANS Network Security 2010
- (1) HIGH: Google Chrome Multiple Vulnerabilities
- (2) HIGH: Adobe Shockwave Player Code Execution Vulnerabilities
- 10.35.8 FreeBSD "setusercontext()" Local Security Bypass Issue
- 10.35.9 PHP "ibase_gen_id()" Function off-by-one Buffer Overflow
- 10.35.10 Serv-U Denial of Service and Security Bypass Vulnerabilities
- 10.35.11 Apple iTunes Log File Insecure File Operation Local Privilege Escalation
- 10.35.12 IBM Tivoli Storage Manager FastBack Remote Code Execution and Denial of Service Vulnerabilities
- 10.35.13 Google Chrome Multiple Security Vulnerabilities
- 10.35.14 Novell iPrint Client Multiple Security Vulnerabilities
- 10.35.15 QEMU KVM Multiple Issues
- 10.35.16 libHX "HX_split()" Remote Heap-Based Buffer Overflow Issue
- 10.35.17 Oracle MySQL "TEMPORARY InnoDB" Tables Denial of Service
- 10.35.4 Red Hat VDSM Module SSL Connection Denial of Service Issue
- 10.35.5 Linux Kernel KVM Intel VT-x Extension NULL Pointer Denial of Service
- 10.35.6 Linux Kernel Controller Area Network Protocol Local Privilege Escalation
- 10.35.7 Linux Kernel JFS xattr Namespace Rules Security Bypass Issue
- 10.35.32 Blue Coat ProxySG Read Only Administrator Security Bypass Issue
- 10.35.33 SonicWALL E-Class SSL-VPN Format String Issue
- 10.35.1 Adersoft VbsEdit ".vbs" File Denial Of Service Issue
- 10.35.2 UiPlayer "UiCheck.dll" ActiveX Buffer Overflow
- 10.35.3 Tuniac ".m3u" File Buffer Overflow
- 10.35.25 PHPCMS2008 "download.php" Information Disclosure Issue
- 10.35.26 Mollify Authentication Bypass Vulnerability and Multiple Information Disclosure Weaknesses
- 10.35.27 MAXcms Multiple Remote File Include Issues
- 10.35.28 DotNetNuke Syndication Handler Remote Denial of Service Issue
- 10.35.29 Netpet CMS "confirm.php" Local File Include
- 10.35.30 In-Portal CMS "index.php" Local File Include
- 10.35.31 phpMyAdmin Configuration File PHP Code Injection
- 10.35.18 LXR Cross Referencer TITLE Element Cross-Site Scripting Issue
- 10.35.19 ACCESSGUARDIAN Unspecified Cross-Site Scripting Issue
- 10.35.20 Online Work Order Suite Lite Edition Multiple Cross-Site Scripting Vulnerabilities
- 10.35.21 Drupal Simplenews Content Selection Module Cross-Site Scripting Issue
- 10.35.22 ViArt Helpdesk Multiple Cross-Site Scripting Vulnerabilities
- 10.35.23 phpMyAdmin Multiple Cross-Site Scripting Vulnerabilities
- 10.35.24 PHP City Portal "login.php" Multiple SQL Injection Issues
Current Security Bulletins from Microsoft
- MS10-060 - Critical: Vulnerabilities in the Microsoft .NET Common Language Runtime and in Microsoft Silverlight Could Allow Remote Code Execution (2265906)
- MS10-059 - Important: Vulnerabilities in the Tracing Feature for Services Could Allow Elevation of Privilege (982799)
- MS10-058 - Important: Vulnerabilities in TCP/IP Could Allow Elevation of Privilege (978886)
- MS10-057 - Important: Vulnerability in Microsoft Office Excel Could Allow Remote Code Execution (2269707)
- MS10-056 - Critical: Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (2269638)
- MS10-055 - Critical: Vulnerability in Cinepak Codec Could Allow Remote Code Execution (982665)
- MS10-054 - Critical: Vulnerabilities in SMB Server Could Allow Remote Code Execution (982214)
- MS10-053 - Critical: Cumulative Security Update for Internet Explorer (2183461)
- MS10-052 - Critical: Vulnerability in Microsoft MPEG Layer-3 Codecs Could Allow Remote Code Execution (2115168)
- MS10-051 - Critical: Vulnerability in Microsoft XML Core Services Could Allow Remote Code Execution (2079403)
- MS10-050 - Important: Vulnerability in Windows Movie Maker Could Allow Remote Code Execution (981997)
- MS10-049 - Critical: Vulnerabilities in SChannel could allow Remote Code Execution (980436)
- MS10-048 - Important: Vulnerabilities in Windows Kernel-Mode Drivers Could Allow Elevation of Privilege (2160329)
- MS10-047 - Important: Vulnerabilities in Windows Kernel Could Allow Elevation of Privilege (981852)
- MS10-046 - Critical: Vulnerability in Windows Shell Could Allow Remote Code Execution (2286198)
- MS10-045 - Important: Vulnerability in Microsoft Office Outlook Could Allow Remote Code Execution (978212)
- MS10-044 - Critical: Vulnerabilities in Microsoft Office Access ActiveX Controls Could Allow Remote Code Execution (982335)
- MS10-043 - Critical: Vulnerability in Canonical Display Driver Could Allow Remote Code Execution (2032276)
- MS10-042 - Critical: Vulnerability in Help and Support Center Could Allow Remote Code Execution (2229593)
- MS10-041 - Important: Vulnerability in Microsoft .NET Framework Could Allow Tampering (981343)
- MS10-040 - Important: Vulnerability in Internet Information Services Could Allow Remote Code Execution (982666)
- MS10-039 - Important: Vulnerabilities in Microsoft SharePoint Could Allow Elevation of Privilege (2028554)
- MS10-038 - Important: Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (2027452)
- MS10-037 - Important: Vulnerability in the OpenType Compact Font Format (CFF) Driver Could Allow Elevation of Privilege (980218)
- MS10-036 - Important: Vulnerability in COM Validation in Microsoft Office Could Allow Remote Code Execution (983235)
Current Virus Alerts from Secunia
- Error: It's not possible to reach RSS file...
© “The