漏洞类别：Debian 漏洞等级： 漏洞信息 Debian has released security update for bind9 to fix the vulnerabilities. 漏洞危害 A remote attacker could use this flaw to make an unexpected named exit, with an assertion failure, via a specially crafted DNS response. 解决方案 Refer to Debian …

漏洞类别：Debian漏洞等级： 漏洞信息 Debian has released security update for mat to fix the vulnerabilities. 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Refer to Debian security advisory DSA 3708-1 to address this issue and obtain further deta…

漏洞类别：General remote services 漏洞等级： 漏洞信息 The OpenSSL Project is an Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS) protocols as well as a general purpose cryptography library. OpenSSL contains the followi…

漏洞类别：Amazon Linux 漏洞等级： 漏洞信息 Package updates are available for Amazon Linux that fix the following vulnerabilities: CVE-2016-2776: 1378380: CVE-2016-2776 bind: assertion failure in buffer.c while building responses to a specifically constructed request A denia…

漏洞类别：Amazon Linux 漏洞等级： 漏洞信息 Package updates are available for Amazon Linux that fix the following vulnerabilities: CVE-2016-5424: A flaw was found in the way PostgreSQL client programs handled database and role names containing newlines, carriage returns, dou…

漏洞类别：Amazon Linux 漏洞等级： 漏洞信息 Package updates are available for Amazon Linux that fix the following vulnerabilities: CVE-2016-6254: 1360709: CVE-2016-6254 collectd: heap overflow in the network plugin Heap-based buffer overflow in the parse_packet function in n…

漏洞类别：Amazon Linux 漏洞等级： 漏洞信息 This build resolves the following issues: CVE-2016-8615 : Cookie injection for other servers CVE-2016-8616 : Case insensitive password comparison CVE-2016-8617 : Out-of-bounds write via unchecked multiplication CVE-2016-8618 : Doub…

漏洞类别：Amazon Linux 漏洞等级： 漏洞信息 It was found that the sandbox tool provided in policycoreutils was vulnerable to a TIOCSTI ioctl attack. A specially crafted program executed via the sandbox command could use this flaw to execute arbitrary commands in the context …

漏洞类别：Amazon Linux 漏洞等级： 漏洞信息 It was discovered that the Tomcat packages installed certain configuration files read by the Tomcat initialization script as writeable to the tomcat group. A member of the group or a malicious web application deployed on Tomcat cou…

漏洞类别：Amazon Linux 漏洞等级： 漏洞信息 It was discovered that cloud-init in the Amazon Linux AMI wrote IAM role credentials from the instance metadata service to files readable by the root user in /var/lib/cloud. An application with root privileges, a container with acc…

漏洞类别：Amazon Linux 漏洞等级： 漏洞信息 The IP stack in the Linux kernel before 4.6 allows remote attackers to cause a denial of service (stack consumption and panic) or possibly have unspecified other impact by triggering use of the GRO path for packets with tunnel stac…

漏洞类别：Amazon Linux 漏洞等级： 漏洞信息 An integer overflow flaw, leading to a heap-based buffer overflow, was found in the memcached binary protocol. An attacker could create a specially crafted message that would cause the memcached server to crash or, potentially, exe…

漏洞类别：General remote services 漏洞等级： 漏洞信息 The OpenSSL Project is an Open Source toolkit implementing the Secure Sockets Layer (SSL v2/v3) and Transport Layer Security (TLS) protocols as well as a general purpose cryptography library. OpenSSL contains the followi…

漏洞类别：General remote services 漏洞等级： 漏洞信息 Memcached is a high performance, distributed memory object caching system intended for use in speeding up dynamic Web applications by alleviating database load. By default, it serves on TCP port 11211. Serious remote cod…

漏洞类别：Windows 漏洞等级： 漏洞信息 This security update is rated Critical for Microsoft Edge on Windows 10. The update patches the vulnerabilities by: modifying how Microsoft browsers handles objects in memory. modifying how the Chakra JavaScript scripting engine handles…

漏洞类别：Windows 漏洞等级： 漏洞信息 This security update resolves elevation of privilege vulnerabilities in Microsoft Windows Input Method Editor (IME) and the Windows Task Scheduler. This security update is rated Critical for all supported releases of Microsoft Windows. …

漏洞类别：Windows 漏洞等级： 漏洞信息 An elevation of privilege vulnerability exists in the way that the Windows Kernel API enforces permissions. The security update addresses the vulnerability by helping to ensure that the Windows Kernel API properly enforces permissions. …

漏洞类别：Windows 漏洞等级： 漏洞信息 This security update resolves a vulnerability in Microsoft Windows. A security feature bypass vulnerability exists when Windows Secure Boot improperly loads a boot policy that is affected by the vulnerability. The security update addres…

漏洞类别：Windows 漏洞等级： 漏洞信息 This security update resolves vulnerabilities in Microsoft Windows. The security update addresses the vulnerabilities by correcting how CLFS handles objects in memory Elevation of privilege vulnerabilities exist when the Windows Common …

漏洞类别：Windows 漏洞等级： 漏洞信息 Multiple elevation of privilege vulnerabilities exist when the Windows Virtual Hard Disk Driver fails to properly handle user access to certain files. The security update addresses the vulnerabilities by correcting how the kernel API re…

漏洞类别：Windows 漏洞等级： 漏洞信息 This security update resolves vulnerabilities in Microsoft SQL Server. The security update addresses these most severe vulnerabilities by correcting how SQL Server handles pointer casting. This security update is rated Important for sup…

漏洞类别：Internet Explorer 漏洞等级： 漏洞信息 Microsoft released an update for Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows RT 8.1, Windows 10, and Windows Server 2016. The update addresses the vulnerabilities described in Adobe Security bulletin APSB…

漏洞类别：Windows 漏洞等级： 漏洞信息 A remote code execution vulnerability exists when Microsoft Video Control fails to properly handle objects in memory. This security update is rated Critical for Microsoft Windows Vista, Windows 7, Windows 8.1, Windows RT 8.1, Windows 10…

漏洞类别：Windows 漏洞等级： 漏洞信息 Microsoft Windows Graphics Component is prone to multiple vulnerabilities that could lead to information disclosure or remote code execution attacks. An information disclosure vulnerability exists when the ATMFD component improperly dis…

漏洞类别：Internet Explorer 漏洞等级： 漏洞信息 Internet Explorer is a web-browser developed by Microsoft which is included in Microsoft Windows Operating Systems. Microsoft has released Cumulative Security Updates for Internet Explorer which addresses various vulnerabiliti…