Energy.gov

This update addresses vulnerabilities that could allow an attacker to run malicious code on the affected system

Microsoft Security Bulletin Advance Notification for April 2013. Microsoft has posted 2 Critical Bulletins and 7 Important Bulletins. Bulletins with the Maximum Severity Rating and Vulnerability Impact of "Critical" may allow remote execution of code. Microsoft will host a webcast to address customer questions on the security bulletins on April 10, 2013, at 11:00 AM Pacific Time (US & Canada).

Multiple vulnerabilities have been reported in Apache Subversion

A vulnerability was reported in Xen.

A remote authenticated user can modify files on the target share

Multiple vulnerabilities have been reported in Mozilla Firefox, which can be exploited by malicious, local users to gain escalated privileges and by malicious people to conduct spoofing and cross-site scripting attacks and compromise a user's system

Some vulnerabilities have been reported in Cisco Connected Grid Network Management System.

A vulnerability was reported in Splunk Web.

A vulnerability has been reported in VMware ESX and ESXi

Multiple security vulnerabilities exist in the Java Runtime Environments (JREs) that can affect the security of IBM Tivoli Application Dependency Discovery Manager