漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that the NVIDIA graphics drivers incorrectly sanitized user mode inputs. 漏洞危害 A local attacker could use this issue to possibly gain root privileges. 解决方案 Refer to Ubuntu advisory USN-3122-1 for affected packages and pa…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy() function in certain cases. It was discovered that OpenJDK did not restrict the set of algorithms used for Jar integrity ve…
CVE
CVE-2016-4662 Apple Mac OS X Security Update Sierra 10.12.1, El Capitan 2016-002 and Yosemite 2016-006 Not Installed (APPLE-SA-2016-10-24-2)
漏洞类别:Local 漏洞等级: 漏洞信息 Apple Mac OS X security update for Sierra 10.12.1, El Capitan v10.11.6 and Yosemite v10.10.5 is not installed. The update addresses 16 vulnerabilities in total. The vulnerabilities are caused due to several memory corrupting issues among …
漏洞类别:Local 漏洞等级: 漏洞信息 Safari is a Web-browser developed by Apple which is based on the WebKit engine. The update addresses multiple vulnerabilities affecting the WebKit which includes several memory corrupting issues for OS X Yosemite, El Capitan and macOS Sie…
漏洞类别:Local 漏洞等级: 漏洞信息 An x86 virtualization software package developed by Oracle. Multiple vulnerabilities were reported in Oracle VM VirtualBox. A remote user can exploit a flaw in the Oracle VM VirtualBox VirtualBox Remote Desktop Extension (VRDE) component …
CVE
CVE-2015-6393 Cisco NX-OS Software Malformed DHCPv4 Packet Denial of Service Vulnerability (cisco-sa-20161005-dhcp2)
漏洞类别:Cisco 漏洞等级: 漏洞信息 A vulnerability in the implementation of the DHCPv4 relay agent in Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper val…
CVE
CVE-2016-1454 Cisco NX-OS Border Gateway Protocol Denial of Service Vulnerability (cisco-sa-20161005-bgp)
漏洞类别:Cisco 漏洞等级: 漏洞信息 A vulnerability in the Border Gateway Protocol (BGP) implementation of Cisco NX-OS System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the device unexpectedly reloading. The …
漏洞类别:SUSE 漏洞等级: 漏洞信息 Suse has released security update for bind to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 漏洞危害 This vulnerability can be used to cause a limited deni…
漏洞类别:SUSE 漏洞等级: 漏洞信息 Suse has released security update for curl to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 漏洞危害 This vulnerabilit…
漏洞类别:SUSE 漏洞等级: 漏洞信息 Suse has released security update for bind to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP2 SUSE …
漏洞类别:SUSE 漏洞等级: 漏洞信息 Suse has released security update for the linux kernel to fix the vulnerabilities. Affected Products: openSUSE Leap 42.1 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Upgrade to the latest packages which conta…
漏洞类别:Local 漏洞等级: 漏洞信息 Apple Xcode is a development application for Macintosh OS X. A vulnerable version of Xcode was found on the target host. The update resolves a type conversion issue existed that could lead to conversions returning unexpected values. 漏洞危害 …
漏洞类别:AIX 漏洞等级: 漏洞信息 AIX contains an unspecified vulnerability in lsmcode that impacts AIX. Affected Versions:- AIX 6.1, 7.1, 7.2 漏洞危害 The vulnerability could allow a locally authenticated user to obtain root level privileges. 解决方案 The vendor has released fixes…
漏洞类别:AIX 漏洞等级: 漏洞信息 AIX contains an unspecified vulnerability in lquerylv in LVM that impacts AIX. Affected Versions:- AIX 5.3, 6.1, 7.1, 7.2 漏洞危害 The vulnerability could allow a locally authenticated user to obtain root level privileges. 解决方案 The vendor has r…
发布时间:2016-11-07 10:26:29浏览次数:1 次点赞数:0 漏洞类别:Local漏洞等级: 漏洞信息 Apple Xcode is a development application for Macintosh OS X. A vulnerable version of Xcode was found on the target host. The update resolves the following security issues: - A register allocation issue…
漏洞类别:Local漏洞等级: 漏洞信息 cURL is a computer software project providing a library and command-line tool for transferring data using various protocols. cURL contains the following vulnerabilities: CVE-2016-8615: If cookie state is written into a cookie jar file that…
漏洞类别:Local 漏洞等级: 漏洞信息 Apple Mac OS X v10.11 is missing on the target host. Apple Mac OS X El Capitan 10.11 is now available to resolve multiple security vulnerabilities. Refer to Apple Security Update APPLE-SA-2015-09-30-3 for further details on these vulnerab…
漏洞类别:Local 漏洞等级: 漏洞信息 IBM Lotus Domino is a client/server product designed for collaborative working environments.Domino Server supports email, scheduling, instant messaging and data-driven applications. IBM Domino contains a cross-site scripting and two image…
报送者:恒安嘉新(北京)科技有限公司 CNVD-ID CNVD-2016-10625 发布时间 2016-11-04 危害级别 中 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 影响产品 Schneider Electric Magelis XBT GTW Advanced Open Touchscreen Panels (Windows XPe) Schneider Electric Magelis XBT GT Advanced Touchscreen Panels All Schneider El…
报送者:恒安嘉新(北京)科技有限公司 CNVD-ID CNVD-2016-10624 发布时间 2016-11-04 危害级别 高 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 影响产品 Schneider Electric Magelis XBT GTW Advanced Open Touchscreen Panels (Windows XPe) Schneider Electric Magelis XBT GT Advanced Touchscreen Panels All Schneider El…
报送者:恒安嘉新(北京)科技有限公司 CNVD-ID CNVD-2016-10623 发布时间 2016-11-04 危害级别 中 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 影响产品 Cisco StarOS on ASR 5000 >=18.0 BUGTRAQ ID 94071 CVE ID CVE-2016-6455 漏洞描述 Cisco ASR 5000系列是一个运营商级平台,可用于部署高需求的3G网络以及向长期演进(LTE) 迁移。 Cisco ASR 5500系列路由器装配DPC2后…
报送者:恒安嘉新(北京)科技有限公司 CNVD-ID CNVD-2016-10622 发布时间 2016-11-04 危害级别 高 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 影响产品 Cisco Application Policy Infrastructure Controller (APIC) Cisco Nexus 9000 Series Switches in ACI mode BUGTRAQ ID 94077 CVE ID CVE-2016-6457 漏洞描述 Cisco Applicat…
报送者:蓝盾信息安全技术股份有限公司 CNVD-ID CNVD-2016-10621 发布时间 2016-11-04 危害级别 低 (AV:L/AC:L/Au:N/C:N/I:N/A:P) 影响产品 Huawei Mate 8 NXT-CL00C92B182 Huawei Mate 8 NXT-DL00C17B182 Huawei Mate 8 NXT-TL00C01B182 Huawei Mate 8 NXT-TL10C00B197 Huawei Mate 8 NXT-TL00C01B197 Huawei Mat…
报送者:蓝盾信息安全技术股份有限公司 CNVD-ID CNVD-2016-10620 发布时间 2016-11-04 危害级别 中 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 影响产品 QEMU QEMU 0 BUGTRAQ ID 93956 漏洞描述 QEMU(又名Quick Emulator)是法国程序员法布里斯-贝拉(Fabrice Bellard)所研发的一套模拟处理器软件。该软件具有速度快、跨平台等特点。 QEMU 'hw/9pfs/9p.c'存在整数溢出漏洞,攻击者可以利用该漏洞使程序崩溃…
报送者:蓝盾信息安全技术股份有限公司 CNVD-ID CNVD-2016-10619 发布时间 2016-11-04 危害级别 中 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 影响产品 QEMU QEMU 0 BUGTRAQ ID 93962 漏洞描述 QEMU(又名Quick Emulator)是法国程序员法布里斯-贝拉(Fabrice Bellard)所研发的一套模拟处理器软件。该软件具有速度快、跨平台等特点。 'hw/9pfs/9p.c'存在拒绝服务漏洞,攻击者可以利用该漏洞发起拒绝服务攻击。 …