資安新聞及事件週報 2016/10/24 ~ 2016/10/28

資安新聞及事件週報  2016/10/24 ~ 2016/10/28

**1.重大弱點漏洞：**
  臟牛漏洞Dirty COW CVE-2016-5195 2.6.22 < 3.9 (x86/x64)
  http://www.bkjia.com/Linuxjc/1167392.html


  Adobe搶修已遭攻擊的Flash漏洞
  http://www.ithome.com.tw/news/109272


  Apache Tomcat 多個漏洞
  https://www.auscert.org.au/render.html?it=40038


  Android Rowhammer 攻擊漏洞(Drammer)
  https://www.seebug.org/vuldb/ssvid-92489


  Palo Alto PAN-OS JavaScript 執行和輸入驗證漏洞
  http://securityadvisories.paloaltonetworks.com/Home/Detail/64
  http://securityadvisories.paloaltonetworks.com/Home/Detail/62

資安新聞及事件週報 2016/10/17 ~ 2016/10/21

資安新聞及事件週報  2016/10/17 ~ 2016/10/21

**1.重大弱點漏洞：**
  phpMyAdmin 跨站腳本漏洞 CVE-2016-6607
  https://www.phpmyadmin.net/security/PMASA-2016-30/


  Juniper Junos Space 安全漏洞 CVE-2016-4927
  https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10760&cat=SIRT_1&actp=LIST


  甲骨文大舉修補253個安全漏洞，含15個重大漏洞
  http://www.ithome.com.tw/news/109162


  VMware Horizon View 存在安全性弱點
  http://www.vmware.com/security/advisories/VMSA-2016-0015.html

資安新聞及事件週報 2016/10/10 ~ 2016/10/14

**1.重大弱點漏洞：**
  Palo Alto PAN-OS 敏感資訊洩露漏洞
  http://securityadvisories.paloaltonetworks.com/


  Apache Tomcat 緩衝區滿溢漏洞
  http://tomcat.apache.org/security-jk.html#Fixed_in_Apache_Tomcat_JK_Connector_1.2.42


  F5 BIG-IP 漏洞 CVE-2016-5700
  https://support.f5.com/kb/en-us/solutions/public/k/35/sol35520031.html


  Winhex Editor DLL劫持漏洞
  https://cxsecurity.com/issue/WLB-2016020001


  VMware Horizon View 漏洞
  http://securitytracker.com/id/1036972

資安新聞及事件週報 2016/10/03 ~ 2016/10/07

**1.重大弱點漏洞：**
  Apache Tomcat 緩衝區滿溢漏洞 CVE-2016-6808
  http://tomcat.apache.org/security-jk.html#Fixed_in_Apache_Tomcat_JK_Connector_1.2.42


  Palo Alto PAN-OS 敏感資訊洩露漏洞
  http://securitytracker.com/id/1036968


  MariaDB 漏洞   CVE-2016-6662
  http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-6662


  Cisco發佈多項產品安全更新，部分漏洞可能導致認證繞過
  https://www.us-cert.gov/ncas/current-activity/2016/10/05/Cisco-Releases-Security-Updates