漏洞类别:Windows 漏洞等级: 漏洞信息 This security update resolves vulnerabilities in Microsoft Windows. The security update addresses the vulnerabilities by: Updating Windows NTLM to harden the password change cache. This security update corrects a local elevation of priv…
漏洞类别:Office Application 漏洞等级: 漏洞信息 This security update resolves vulnerabilities in Microsoft Office. The security update addresses the vulnerabilities by correcting how Microsoft Office initializes variables. Affected versions of Office and Office components …
漏洞类别:Local 漏洞等级: 漏洞信息 Adobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux, which address a critical vulnerability that could potentially allow an attacker to take control of the affected system. Affected Versions: Adobe Fla…
CVE
CVE-2015-6828 WordPress SecureMoz Security Audit Plugin tweet_info() PHP Object Injection Vulnerability
漏洞类别:CGI 漏洞等级: 漏洞信息 WordPress is an open source blogging tool and content management system based on PHP and MySQL. It has many features including a plug-in architecture and a template system. SecureMoz Security Audit WordPress Security Plugin performs a secur…
漏洞类别:CGI 漏洞等级: 漏洞信息 WordPress is an open source blogging tool and content management system based on PHP and MySQL. It has many features including a plug-in architecture and a template system. CP Reservation Calendar is a booking calendar that allows selecting…
漏洞类别:CGI 漏洞等级: 漏洞信息 Symantec Messaging Gateway is an appliance used to filter and scan content. Symantec Messaging Gateway is prone to Directory Traversal vulnerability. Affected Versions: Symantec Messaging Gateway versions prior to 10.6.2 漏洞危害 Successful exp…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for java-1_8_0-ibm to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP1 漏洞危害 This vulnerability could be exploited to gai…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for graphicsmagick to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 漏洞危害 This vulnerability can be used to cause a limited denial of service in the form …
CVE
CVE-2016-8602 SUSE Enterprise Linux Security Update for ghostscript-library (SUSE-SU-2016:2723-1)
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for ghostscript-library to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 漏洞危害 This vulnerability could be exploited t…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for curl to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 漏洞危害 This vulnerability could be exploited to gain partial …
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that Memcached incorrectly handled certain malformed commands. 漏洞危害 A remote attacker could use this issue to cause Memcached to crash, resulting in a denial of service, or possibly execute arbitrary code. 解决方案 Refer to…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that a long running unload handler could cause an incognito profile to be reused in some circumstances. Multiple security vulnerabilities were discovered in Chromium. 漏洞危害 If a user were tricked in to opening a speciall…
漏洞类别:RedHat 漏洞等级: 漏洞信息 MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. The following packages have been upgraded to a newer upstream version: mariadb (5.5.52). (BZ#1304516, BZ#1377974) Security Fix(es): * It wa…
漏洞类别:RedHat 漏洞等级: 漏洞信息 389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. The base packages include the Lightweight Directory Access Protocol (LDAP) server and command-line utilities for server administration. The following packages have been…
漏洞类别:RedHat 漏洞等级: 漏洞信息 The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. S…
漏洞类别:RedHat 漏洞等级: 漏洞信息 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. Security Fix(es): * A flaw was found in the way certain error conditions were handled by bzread() function in PHP. An attacker could use this flaw to u…
漏洞类别:RedHat 漏洞等级: 漏洞信息 firewalld is a firewall service daemon that provides a dynamic customizable firewall with a D-Bus interface. The following packages have been upgraded to a newer upstream version: firewalld (0.4.3.2). (BZ#1302802) Security Fix(es): * A f…
漏洞类别:RedHat 漏洞等级: 漏洞信息 The pcs packages provide a command-line configuration system for the Pacemaker and Corosync utilities. The following packages have been upgraded to a newer upstream version: pcs (0.9.152). (BZ#1299847) Security Fix(es): * A Cross-Site Re…
漏洞类别:RedHat 漏洞等级: 漏洞信息 Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to …
漏洞类别:RedHat 漏洞等级: 漏洞信息 The Dynamic Host Configuration Protocol (DHCP) is a protocol that allows individual devices on an IP network to get their own network configuration information, including an IP address, a subnet mask, and a broadcast address. The dhcp pa…
漏洞类别:RedHat 漏洞等级: 漏洞信息 The subscription-manager packages provide programs and libraries to allow users to manage subscriptions and yum repositories from the Red Hat entitlement platform. The subscription-manager-migration-data package provides certificates for…
漏洞类别:RedHat 漏洞等级: 漏洞信息 The GIMP (GNU Image Manipulation Program) is an image composition and editing program. GIMP provides a large image manipulation toolbox, including channel operations and layers, effects, sub-pixel imaging and anti-aliasing, and conversio…
漏洞类别:RedHat 漏洞等级: 漏洞信息 OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. It includes the core files necessary for both the OpenSSH client and server. Security Fix(es): * It was discovered that the Op…
漏洞类别:RedHat 漏洞等级: 漏洞信息 The wget packages provide the GNU Wget file retrieval utility for HTTP, HTTPS, and FTP protocols. Security Fix(es): * It was found that wget used a file name provided by the server for the downloaded file when following an HTTP redirect …
漏洞类别:RedHat 漏洞等级: 漏洞信息 Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on AMD64 and Intel 64 systems. The qemu-kvm packages provide the user-space component for running virtual machines using KVM. Security Fix(es): An integer ove…