漏洞类别:Web server 漏洞等级: 漏洞信息 System administrators who are fans of Terry Pratchett's work are keeping his name alive by adding the X-Clacks-Overhead HTTP header on servers. The X-Clacks-Overhead header is not seen in a web browser and the header is hidden from v…
漏洞类别:Local 漏洞等级: 漏洞信息 Google Chrome is a web browser for multiple platforms developed by Google. This Google Chrome update fixes the following vulnerabilities: CVE-2016-5170: Use after free in Blink. CVE-2016-5171: Use after free in Blink. CVE-2016-5172: Arbit…
漏洞类别:Information gathering 漏洞等级: 漏洞信息 The shell can sometimes correct the spelling of filenames, commands and variable names as well as completing and listing them. When spelling correction is invoked and the shell thinks that any part of the command line is m…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for mod_cluster to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Fedora has issued updated packages to fix this vulnerability…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for curl to fix the vulnerability. Affected OS: Fedora 24 漏洞危害 An attacker can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will like…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for kernel to fix the vulnerability. Affected OS: Fedora 24 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Fedora has issued updated packages to fix this vulnerability. Upd…
漏洞类别:Fedora漏洞等级: 漏洞信息 Fedora has released security update for kernel to fix the vulnerability. Affected OS: Fedora 23 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Fedora has issued updated packages to fix this vulnerability. Upda…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for krb5 to fix the vulnerability. Affected OS: Fedora 23 漏洞危害 Successful exploitation allows remote authenticated users to cause a denial of service via an S4U2Self request. 解决方案 Fedora has issued upd…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for libksba to fix the vulnerability. Affected OS: Fedora 24 Fedora 25 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Fedora has issued updated packages to fix this vulnera…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for elog to fix the vulnerability. Affected OS: Fedora 23 Fedora 24 Fedora 25 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Fedora has issued updated packages to fix this …
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for slock to fix the vulnerability. Affected OS: Fedora 23 Fedora 24 Fedora 25 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Fedora has issued updated packages to fix this…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for python-jwcrypto to fix the vulnerability. Affected OS: Fedora 24 Fedora 25 Fedora 23 漏洞危害 The _Rsa15 class in the RSA 1.5 algorithm implementation in jwa.py in jwcrypto before 0.3.2 lacks the Rando…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for php to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Fedora has issued updated packages to fix this vulnerability. Update…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for wordpress to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Fedora has issued updated packages to fix this vulnerability. …
漏洞类别:Cisco 漏洞等级: 漏洞信息 A vulnerability in the web framework code of the Cisco Local Manager could allow an unauthenticated, remote attacker to conduct a cross-site scripting (XSS) attack against the user of the web interface of the affected system. The vulnerab…
漏洞类别:Cisco 漏洞等级: 漏洞信息 A vulnerability in the Data in Motion (DMO) application in Cisco IOS and IOS XE software with the IOX feature set could allow an unauthenticated, remote attacker to to cause a denial of service (DoS) condition in the DMo process. The vuln…
漏洞类别:Proxy 漏洞等级: 漏洞信息 Squid is a caching and forwarding web proxy. An end of life version of Squid proxy was detected on the host. The Squid proxy is officially supported for the latest available version only. Since there will be no further bug fixes or securi…
漏洞类别:AIX 漏洞等级: 漏洞信息 There are multiple vulnerabilities in NTPv3 and NTPv4 that impact AIX. Affected Platforms: AIX 5.3, AIX 6.1, AIX 7.1, AIX 7.2 APAR versions: IV87614, IV87419, IV87615, IV87420, IV87939, IV87278, IV87279 Note:The detection requires root priv…
漏洞类别:Cisco 漏洞等级: 漏洞信息 A vulnerability in IKEv1 packet processing code in Cisco IOS Software could allow an unauthenticated, remote attacker to retrieve memory contents, which could lead to the disclosure of confidential information. The vulnerability is due to…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 A vulnerability was discovered in the OpenJDK JRE related to data integrity. Multiple vulnerabilities were discovered in the OpenJDK JRE related to availability. A vulnerability was discovered in the OpenJDK JRE related to information di…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 An out of bounds read in the GIF loader implementation in Imlib2. An off-by-one error when handling coordinates in Imlib2. It was discovered that integer overflows existed in Imlib2 when handling images with large dimensions. It was disc…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that File Roller incorrectly handled symlinks. 漏洞危害 If a user were tricked into extracting a specially-crafted archive, an attacker could delete files outside of the extraction directory. 解决方案 Refer to Ubuntu advisory U…
漏洞类别:Security Policy 漏洞等级: 漏洞信息 The host is running Microsoft VC++ 2005 which is not supported by Microsoft anymore. Support for Microsoft VC++ 2005 ended on April 12th, 2016. Microsoft will no longer release security patches for Microsoft VC++ 2005. Refer to …
漏洞类别:Local 漏洞等级: 漏洞信息 WinSMS lets you send bulk SMS text messages via the internet, desktop software or API. A local privilege escalation vulnerability has been identified in WinSMS due to weak folder permissions. Affected Versions: WinSMS version 3.43 and ear…
CVE
Apple Mac OS X Security Update El Capitan 2016-001 and Yosemite 2016-005 Not Installed (APPLE-SA-2016-09-01-2)
漏洞类别:Local 漏洞等级: 漏洞信息 Apple Mac OS X Security Update 2016-001 El Capitan and Security Update 2016-005 Yosemite are missing on the target host. Apple Mac OS X Security Update 2016-001 El Capitan and Security Update 2016-005 Yosemite are available to resolve mul…