漏洞类别：Fedora 漏洞等级： 漏洞信息 Fedora has released security update for empathy to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Fedora has issued updated packages to fix this vulnerability. Up…

漏洞类别：RedHat 漏洞等级： 漏洞信息 OpenJPEG is an open source library for reading and writing image files in JPEG2000 format. Multiple integer overflow flaws, leading to heap-based buffer overflows, were found in OpenJPEG. A specially crafted JPEG2000 image could cause an…

  漏洞类别：RedHat 漏洞等级： 漏洞信息 The icoutils are a set of programs for extracting and converting images in Microsoft Windows icon and cursor files. Multiple vulnerabilities were found in icoutils, in the wrestool program. An attacker could create a crafted execu…

漏洞类别：RedHat 漏洞等级： 漏洞信息 The kernel packages contain the Linux kernel, the core of any Linux operating system. It was discovered that a remote attacker could leverage the generation of IPv6 atomic fragments to trigger the use of fragmentation in an arbitrary IPv…

漏洞类别：RedHat 漏洞等级： 漏洞信息 The quagga packages contain Quagga, the free network-routing software suite that manages TCP/IP based protocols. A stack-based buffer overflow flaw was found in the way Quagga handled IPv6 router advertisement messages. A remote attacker…

漏洞类别：RedHat 漏洞等级： 漏洞信息 Samba is an open-source implementation of the Server Message Block (SMB) or Common Internet File System (CIFS) protocol, which allows PC-compatible machines to share files, printers, and other information. It was found that Samba always …

漏洞类别：RedHat 漏洞等级： 漏洞信息 The bash packages provide Bash (Bourne-again shell), which is the default shell for Red Hat Enterprise Linux. An arbitrary command injection flaw was found in the way bash processed the hostname value. A malicious DHCP server could use t…

漏洞类别：RedHat 漏洞等级： 漏洞信息 The subscription-manager packages provide programs and libraries to allow users to manage subscriptions and yum repositories from the Red Hat entitlement platform. It was found that subscription-manager set weak permissions on files in /…

漏洞类别：RedHat\ 漏洞等级： 漏洞信息 The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. A stack overflow vulnerab…

漏洞类别：RedHat\ 漏洞等级： 漏洞信息 Samba is an open-source implementation of the Server Message Block (SMB) protocol and the related Common Internet File System (CIFS) protocol, which allow PC-compatible machines to share files, printers, and various information. It was …

漏洞类别：CGI 漏洞等级： 漏洞信息 WordPress is an open source blogging tool and content management system based on PHP and MySQL. It has many features including a plug-in architecture and a template system. Connections Business Directory is an easy to use directory plugin t…

漏洞类别：CGI 漏洞等级： 漏洞信息 WordPress is an open source blogging tool and content management system based on PHP and MySQL. It has many features including a plug-in architecture and a template system. The BuddyPress Docs plugin adds collaborative Docs to BuddyPress. T…

漏洞类别：CGI 漏洞等级： 漏洞信息 WordPress is an open source blogging tool and content management system based on PHP and MySQL. It has many features including a plug-in architecture and a template system. The Invite Anyone plugin makes BuddyPress's invitation features mor…

漏洞类别：CGI 漏洞等级： 漏洞信息 Moodle (Modular Object-Oriented Dynamic Learning Environment) is a free e-learning software platform, also known as a Learning Management System, or Virtual Learning Environment. The following vulnerabilities have been confirmed in Moodle: …

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 It was discovered that Git incorrectly sanitized branch names in the PS1 variable when configured to display the repository status in the shell prompt. 漏洞危害 If a user were tricked into exploring a malicious repository, a remote attacker …

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 It was discovered that Samba incorrectly handled symlinks. 漏洞危害 An authenticated remote attacker could use this issue to access files on the server outside of the exported directories. 解决方案 Refer to Ubuntu advisory USN-3242-1 for affecte…

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 It was discovered that audiofile incorrectly handled certain malformed audio files. 漏洞危害 If a user or automated system were tricked into processing a specially crafted audio file, a remote attacker could cause applications linked against…

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 Multiple security issues were discovered in Thunderbird. 漏洞危害 If a user were tricked in to opening a specially crafted website in a browsing context, an attacker could potentially exploit these to bypass same origin restrictions, obtain …

漏洞类别：Web server 漏洞等级： 漏洞信息 Microsoft Internet Information Services (IIS) 6.0 is prone to a buffer-overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized memory buffer. The ScStoragePat…

漏洞类别：Cisco 洞等级： 漏洞信息 A vulnerability in the DHCP client implementation of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a denial of service condition. The vulnerability occurs during the parsing of a crafted DHCP …

漏洞类别：Cisco 漏洞等级： 漏洞信息 A vulnerability in the Layer 2 Tunneling Protocol (L2TP) parsing function of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to insufficie…

漏洞类别：Cisco 漏洞等级： 漏洞信息 A vulnerability in the web user interface of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to insufficient resource handling by the affected software …

漏洞类别：Cisco 漏洞等级： 漏洞信息 A vulnerability in the web framework of Cisco IOS XE Software could allow an authenticated, remote attacker to inject arbitrary commands that are executed with root privileges. The vulnerability is due to insufficient input validation of …

漏洞类别：CGI 漏洞等级： 漏洞信息 WordPress is an open source blogging tool and content management system based on PHP and MySQL. It has many features including a plug-in architecture and a template system. Page Layout Builder is a layout builder for WordPress. The vulnerab…

漏洞类别：General remote services 漏洞等级： 漏洞信息 A vulnerability in Cisco TelePresence Server Software could allow an unauthenticated, remote attacker to emulate Cisco TelePresence Server endpoints. The vulnerability is due to how session identification information is …