漏洞类别:OEL 漏洞等级: 漏洞信息 Oracle Enterprise Linux has released security update for samba4 to fix the vulnerabilities. Affected Products: Oracle Linux 6 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 To resolve this issue, upgrade to the …
漏洞类别:OEL 漏洞等级: 漏洞信息 Oracle Enterprise Linux has released security update for glibc to fix the vulnerabilities. Affected Products: Oracle Linux 6 漏洞危害 Successful exploitation of the vulnerabilities may cause a denial of service or make it possible to execute ar…
漏洞类别:OEL 漏洞等级: 漏洞信息 Oracle Enterprise Linux has released security update for quagga to fix the vulnerabilities. Affected Products: Oracle Linux 6 漏洞危害 Successful exploitation of the vulnerabilities may allow attackers to cause denials of service, buffer overfl…
漏洞类别:OEL 漏洞等级: 漏洞信息 Oracle Enterprise Linux has released security update for libguestfs to fix the vulnerabilities. Affected Products: Oracle Linux 6 漏洞危害 Successful exploitation of the vulnerabilities allows buffer overflows and information leakage. 解决方案 To r…
漏洞类别:OEL 漏洞等级: 漏洞信息 Oracle Enterprise Linux has released security update for bash to fix the vulnerabilities. Affected Products: Oracle Linux 6 漏洞危害 Successful exploitation of the vulnerability allows execution of arbitrary code. 解决方案 To resolve this issue, up…
漏洞类别:OEL 漏洞等级: 漏洞信息 Oracle Enterprise Linux has released security update for tigervnc to fix the vulnerabilities. Affected Products: Oracle Linux 6 漏洞危害 Successful exploitation of the vulnerability may allow a denial of service attack or execution of arbitrary…
漏洞类别:OEL 漏洞等级: 漏洞信息 Oracle Enterprise Linux has released security update for gnutls to fix the vulnerabilities. Affected Products: Oracle Linux 6 漏洞危害 Successful exploitation of the vulnerability allows the attacker to cause a denial of service attack or have …
漏洞类别:OEL 漏洞等级: 漏洞信息 Oracle Enterprise Linux has released security update for ocaml to fix the vulnerabilities. Affected Products: Oracle Linux 6 漏洞危害 Successful exploitation of the vulnerability may allow buffer overflow attacks or allow the attacker the to ob…
漏洞类别:OEL 漏洞等级: 漏洞信息 Oracle Enterprise Linux has released security update for icoutils to fix the vulnerabilities. Affected Products: Oracle Linux 7 漏洞危害 Successful exploitation of the vulnerability may allow a buffer overflow or denial of service attack. 解决方案 …
漏洞类别:OEL 漏洞等级: 漏洞信息 Oracle Enterprise Linux has released security update for openjpeg to fix the vulnerabilities. Affected Products: Oracle Linux 7 漏洞危害 Successful exploitation of the vulnerability leads to denial of service or execution of arbitrary code. 解决方…
漏洞类别:CGI 漏洞等级: 漏洞信息 Advantech WebAccess HMI/SCADA is an application used for monitoring and controlling industrial processes. The application is exposed to the following vulnerabilities: CVE-2017-5152: Authentication bypass issue. CVE-2017-5154: SQL injection …
漏洞类别:Local 漏洞等级: 漏洞信息 Avast is an antivirus and security tool. A code injection vulnerability, called DoubleAgent, affects Avast Antivirus which allows a local attacker to bypass a self-protection mechanism, inject arbitrary code, and take full control of any …
漏洞类别:Local 漏洞等级: 漏洞信息 Google Chrome is a web browser for multiple platforms developed by Google. This Google Chrome update fixes the following vulnerabilities: CVE-2017-5054: Heap buffer overflow in V8. CVE-2017-5052: Bad cast in Blink. CVE-2017-5056: Use afte…
CVE
CVE-2017-4902 VMware Workstation Pro, VMware Workstation Player and VMware Fusion Multiple Vulnerabilities. (VMSA-2017-0006)
漏洞类别:Local 漏洞等级: 漏洞信息 VMware Workstation is a hosted hypervisor that runs on x64 versions of Windows and Linux operating systems. A local user on the guest system can trigger a heap overflow in SVGA to execute arbitrary code on the host system [CVE-2017-4902].…
漏洞类别:Local 漏洞等级: 漏洞信息 Avira is an antivirus and security tool. A code injection vulnerability, called DoubleAgent, affects Avira Antivirus which allows a local attacker to bypass a self-protection mechanism, inject arbitrary code, and take full control of any …
漏洞类别:Local 漏洞等级: 漏洞信息 Safari is a Web-browser developed by Apple which is based on the WebKit engine. The update addresses multiple vulnerabilities affecting WebKit and Safari for OS X Yosemite, El Capitan and macOS Sierra. 漏洞危害 Successful exploitation of the …
CVE
CVE-2016-0736 Apple Mac OS X Security Update Sierra 10.12.4, El Capitan 2017-001 and Yosemite 2017-001 Not Installed (APPLE-SA-2017-03-27-3)
漏洞类别:Local 漏洞等级: 漏洞信息 Apple Mac OS X security update for Sierra 10.12.4 , El Capitan v10.11.6 and Yosemite v10.10.5 is not installed. The update addresses 127 vulnerabilities in total. 漏洞危害 Successful exploitation of the vulnerabilities may allow an attacker t…
CVE
CVE-2013-7443 Apple iTunes Prior to 12.6 Multiple Vulnerabilities (APPLE-SA-2017-03-22-1) and (APPLE-SA-2017-03-22-2)
漏洞类别:Local 漏洞等级: 漏洞信息 iTunes is a digital media player application for Mac OS and Windows developed by Apple. SQLite and expat in Apple iTunes for Windows and Mac OS is prone to multiple vulnerabilities that may cause Arbitrary Code Execution. Affected Version…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that the xfrm framework for transforming packets in the Linux kernel did not properly validate data received from user space. 漏洞危害 A local attacker could use this to cause a denial of service (system crash) or execute a…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that the xfrm framework for transforming packets in the Linux kernel did not properly validate data received from user space. 漏洞危害 A local attacker could use this to cause a denial of service (system crash) or execute a…
CVE
CVE-2017-7184 Ubuntu Security Notification for Linux, Linux-aws, Linux-gke, Linux-raspi2, Linux-snapdragon Vulnerability (USN-3249-1)
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that the xfrm framework for transforming packets in the Linux kernel did not properly validate data received from user space. 漏洞危害 A local attacker could use this to cause a denial of service (system crash) or execute a…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that the xfrm framework for transforming packets in the Linux kernel did not properly validate data received from user space. 漏洞危害 A local attacker could use this to cause a denial of service (system crash) or execute a…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that AppArmor incorrectly unloaded some profiles when restarted or upgraded, contrary to expected behavior. 漏洞危害 This may aid the attacker in conducting further attacks. 解决方案 Refer to Ubuntu advisory USN-3247-1 for affe…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that dmcrypt-get-device incorrectly checked setuid and setgid return values. 漏洞危害 A local attacker could use this issue to execute code as an administrator. 解决方案 Refer to Ubuntu advisory USN-3246-1 for affected packages…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for gstreamer1.0 to fix the vulnerabilities. 漏洞危害 Successful exploitation the vulnerability may allow denial of service or, potentially, the execution of arbitrary code. 解决方案 Refer to Debian security a…