漏洞类别:Security Policy 漏洞等级: 漏洞信息 Support for Red Hat Enterprise Linux 6.3 ended on June 30, 2014. No further bug fixes, enhancements, security updates or technical support is available for this version. 漏洞危害 The system is at high risk of being exposed to securi…
漏洞类别:Security Policy 漏洞等级: 漏洞信息 Support for Red Hat Enterprise Linux 6.0 ended on November 30, 2012. No further bug fixes, enhancements, security updates or technical support is available for this version. 漏洞危害 The system is at high risk of being exposed to se…
漏洞类别:Security Policy 漏洞等级: 漏洞信息 Support for Red Hat Enterprise Linux 5.9 ended on March 31, 2015. No further bug fixes, enhancements, security updates or technical support is available for this version. 漏洞危害 The system is at high risk of being exposed to secur…
漏洞类别:Security Policy 漏洞等级: 漏洞信息 Support for Red Hat Enterprise Linux 5.6 ended on July 31, 2013. No further bug fixes, enhancements, security updates or technical support is available for this version. 漏洞危害 The system is at high risk of being exposed to securi…
漏洞类别:Security Policy 漏洞等级: 漏洞信息 Support for Red Hat Enterprise Linux 5.4 ended on July 31, 2011. No further bug fixes, enhancements, security updates or technical support is available for this version. 漏洞危害 The system is at high risk of being exposed to securi…
漏洞类别:Security Policy 漏洞等级: 漏洞信息 Support for Red Hat Enterprise Linux 5.3 ended on November 30, 2010. No further bug fixes, enhancements, security updates or technical support is available for this version. 漏洞危害 The system is at high risk of being exposed to se…
漏洞类别:Security Policy 漏洞等级: 漏洞信息 Support for Red Hat Enterprise Linux 5.2 ended on March 31, 2010. No further bug fixes, enhancements, security updates or technical support is available for this version. 漏洞危害 The system is at high risk of being exposed to secur…
漏洞类别:Security Policy 漏洞等级: 漏洞信息 Support for Red Hat Enterprise Linux 4.7 ended on August 31st, 2011. No further bug fixes, enhancements, security updates or technical support is available for this version. 漏洞危害 The system is at high risk of being exposed to se…
漏洞类别:Security Policy 漏洞等级: 漏洞信息 Support for Red Hat Enterprise Linux 4.5 ended on January 31, 2009. No further bug fixes, enhancements, security updates or technical support is available for this version. 漏洞危害 The system is at high risk of being exposed to sec…
漏洞类别:Security Policy 漏洞等级: 漏洞信息 PHP is a general purpose scripting language that is suited for web development and can be embedded in HTML. PHP 5.5 series reached End of Life in its support cycle on July 21, 2016. Since there are no further bug fixes or securi…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for rails to fix the vulnerabilities. 漏洞危害 Successful exploitation allow remote attackers to inject arbitrary web script or HTML via text declared as "HTML safe" and used as attribute values in tag han…
漏洞类别:Database 漏洞等级: 漏洞信息 Oracle MySQL is an open-source relational database management system (RDBMS). The vulnerability exists in the mysqld_safe script which is used by many default installations/packages of MySQL as a wrapper to start the MySQL service proc…
概要 Mysql (5.7, 5.6, 和 5.5版本)的所有默认安装配置,包括最新的版本,攻击者可以远程和本地利用该漏洞。该漏洞需要认证访问MYSQL数据库(通过网络连接或者像phpMyAdmin的web接口),以及通过SQL注入利用。攻击者成功利用该漏洞可以以ROOT权限执行代码,完全控制服务器。 利用条件:首先你要有一个Mysql低权限用户,仅需有FIle权限(例如:虚拟主机通常会提供,因为需要导入导出文件),即可实现Root权限提升,进而控制服务器 漏洞影响 MySQL <= 5.7.15 …
漏洞类别:CGI 漏洞等级: 漏洞信息 IPS Community Suite (previously known as Invision Power Suite) is a Internet community software produced by Invision Power Services, Inc. It is written in PHP and uses MySQL as a database management system. The vulnerability exists because …
漏洞类别:CGI 漏洞等级: 漏洞信息 WebNMS is an industry-leading framework for building network management applications. Multiple vulnerabilities including Remote Code Execution, File Download and Weak Encryption have been identified in WebNMS Framework. Affected Versions: W…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for libidn to fix the vulnerabilities. 漏洞危害 Successful exploitation allows context-dependent attackers to cause a denial of service via crafted UTF-8 data. 解决方案 Refer to Debian security advisory DSA 36…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for libarchive to fix the vulnerabilities. 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Refer to Debian security advisory DSA 3657-1 to address this issue and obtain furt…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for tryton-server to fix the vulnerabilities. 漏洞危害 Successful exploitation allow remote authenticated users with certain permissions to read arbitrary files via the name parameter or unspecified other …
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for mupdf to fix the vulnerabilities. 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Refer to Debian security advisory DSA 3655-1 to address this issue and obtain further d…
漏洞类别:Local 漏洞等级: 漏洞信息 FortiClient is a comprehensive endpoint security solution. An Information Disclosure vulnerability has been identified in FortiClient which reveals SSL-VPN credentials. Affected Versions: FortiClient version 5.4 and earlier 漏洞危害 A local a…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for flex to fix the vulnerabilities. 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Refer to Debian security advisory DSA 3653-1 to address this issue and obtain further de…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for imagemagick to fix the vulnerabilities. 漏洞危害 Successful exploitation allows remote attackers to cause a denial of service (buffer overflow and application crash) or possibly have unspecified other …
漏洞类别:Local 漏洞等级: 漏洞信息 EMC NetWorker is a suite of enterprise level data protection software that unifies and automates backup to tape, disk-based, and flash-based storage media across physical and virtual environments for granular and disaster recovery. A remo…
漏洞类别:SUSE 漏洞等级: 漏洞信息 Suse has released security update for hawk to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise High Availability Extension 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 漏洞危害 An attacker can exploit these issues to affect c…
漏洞类别:SUSE 漏洞等级: 漏洞信息 Suse has released security update for mariadb to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server 12-LTSS 漏洞危害 This vulnerability could be exploited to gain complete access to…