漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that GStreamer Good Plugins did not correctly handle certain malformed media files. 漏洞危害 If a user were tricked into opening a crafted media file with a GStreamer application, an attacker could cause a denial of service…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for gst-plugins-ugly1.0 to fix the vulnerabilities. 漏洞危害 Successful exploitation the vulnerability may allow denial of service or, potentially, the execution of arbitrary code. 解决方案 Refer to Debian sec…
CVE
CVE-2016-9811 Ubuntu Security Notification for Gst-plugins-base0.10, Gst-plugins-base1.0 Vulnerabilities (USN-3244-1)
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that GStreamer Base Plugins did not correctly handle certain malformed media files. 漏洞危害 If a user were tricked into opening a crafted media file with a GStreamer application, an attacker could cause a denial of service…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for gst-plugins-good1.0 to fix the vulnerabilities. 漏洞危害 Successful exploitation the vulnerability may allow denial of service or, potentially, the execution of arbitrary code. 解决方案 Refer to Debian sec…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 Multiple vulnerabilities were discovered in Chromium. 漏洞危害 If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to obtain sensitive information, spoof application UI by causing the…
漏洞类别:OEL 漏洞等级: 漏洞信息 Oracle Enterprise Linux has released security update for openjpeg to fix the vulnerabilities. Affected Products: Oracle Linux 7 漏洞危害 Successful exploitation of the vulnerability leads to denial of service or execution of arbitrary code. 解决方…
漏洞类别:CGI 漏洞等级: 漏洞信息 Advantech WebAccess HMI/SCADA is an application used for monitoring and controlling industrial processes. The application is exposed to the following vulnerabilities: CVE-2017-5152: Authentication bypass issue. CVE-2017-5154: SQL injection …
漏洞类别:Local 漏洞等级: 漏洞信息 Avast is an antivirus and security tool. A code injection vulnerability, called DoubleAgent, affects Avast Antivirus which allows a local attacker to bypass a self-protection mechanism, inject arbitrary code, and take full control of any …
漏洞类别:Local 漏洞等级: 漏洞信息 Google Chrome is a web browser for multiple platforms developed by Google. This Google Chrome update fixes the following vulnerabilities: CVE-2017-5054: Heap buffer overflow in V8. CVE-2017-5052: Bad cast in Blink. CVE-2017-5056: Use afte…
CVE
CVE-2017-4902 VMware Workstation Pro, VMware Workstation Player and VMware Fusion Multiple Vulnerabilities. (VMSA-2017-0006)
漏洞类别:Local 漏洞等级: 漏洞信息 VMware Workstation is a hosted hypervisor that runs on x64 versions of Windows and Linux operating systems. A local user on the guest system can trigger a heap overflow in SVGA to execute arbitrary code on the host system [CVE-2017-4902].…
漏洞类别:Local 漏洞等级: 漏洞信息 Avira is an antivirus and security tool. A code injection vulnerability, called DoubleAgent, affects Avira Antivirus which allows a local attacker to bypass a self-protection mechanism, inject arbitrary code, and take full control of any …
漏洞类别:Local 漏洞等级: 漏洞信息 Safari is a Web-browser developed by Apple which is based on the WebKit engine. The update addresses multiple vulnerabilities affecting WebKit and Safari for OS X Yosemite, El Capitan and macOS Sierra. 漏洞危害 Successful exploitation of the …
CVE
CVE-2016-0736 2017-04-03 21:40:41 Apple Mac OS X Security Update Sierra 10.12.4, El Capitan 2017-001 and Yosemite 2017-001 Not Installed (APPLE-SA-2017-03-27-3)
漏洞类别:Local 漏洞等级: 漏洞信息 Apple Mac OS X security update for Sierra 10.12.4 , El Capitan v10.11.6 and Yosemite v10.10.5 is not installed. The update addresses 127 vulnerabilities in total. 漏洞危害 Successful exploitation of the vulnerabilities may allow an attacker t…
CVE
CVE-2013-7443 Apple iTunes Prior to 12.6 Multiple Vulnerabilities (APPLE-SA-2017-03-22-1) and (APPLE-SA-2017-03-22-2)
漏洞类别:Local 漏洞等级: 漏洞信息 iTunes is a digital media player application for Mac OS and Windows developed by Apple. SQLite and expat in Apple iTunes for Windows and Mac OS is prone to multiple vulnerabilities that may cause Arbitrary Code Execution. Affected Version…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that the xfrm framework for transforming packets in the Linux kernel did not properly validate data received from user space. 漏洞危害 A local attacker could use this to cause a denial of service (system crash) or execute a…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that the xfrm framework for transforming packets in the Linux kernel did not properly validate data received from user space. 漏洞危害 A local attacker could use this to cause a denial of service (system crash) or execute a…
CVE
CVE-2017-7184 Ubuntu Security Notification for Linux, Linux-aws, Linux-gke, Linux-raspi2, Linux-snapdragon Vulnerability (USN-3249-1)
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that the xfrm framework for transforming packets in the Linux kernel did not properly validate data received from user space. 漏洞危害 A local attacker could use this to cause a denial of service (system crash) or execute a…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that the xfrm framework for transforming packets in the Linux kernel did not properly validate data received from user space. 漏洞危害 A local attacker could use this to cause a denial of service (system crash) or execute a…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that AppArmor incorrectly unloaded some profiles when restarted or upgraded, contrary to expected behavior. 漏洞危害 This may aid the attacker in conducting further attacks. 解决方案 Refer to Ubuntu advisory USN-3247-1 for affe…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that dmcrypt-get-device incorrectly checked setuid and setgid return values. 漏洞危害 A local attacker could use this issue to execute code as an administrator. 解决方案 Refer to Ubuntu advisory USN-3246-1 for affected packages…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for gstreamer1.0 to fix the vulnerabilities. 漏洞危害 Successful exploitation the vulnerability may allow denial of service or, potentially, the execution of arbitrary code. 解决方案 Refer to Debian security a…
CVE
CVE-2016-10198 Ubuntu Security Notification for Gst-plugins-good0.10, Gst-plugins-good1.0 Vulnerabilities (USN-3245-1)
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that GStreamer Good Plugins did not correctly handle certain malformed media files. 漏洞危害 If a user were tricked into opening a crafted media file with a GStreamer application, an attacker could cause a denial of service…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for gst-plugins-ugly1.0 to fix the vulnerabilities. 漏洞危害 Successful exploitation the vulnerability may allow denial of service or, potentially, the execution of arbitrary code. 解决方案 Refer to Debian sec…
CVE
CVE-2016-9811 Ubuntu Security Notification for Gst-plugins-base0.10, Gst-plugins-base1.0 Vulnerabilities (USN-3244-1)
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that GStreamer Base Plugins did not correctly handle certain malformed media files. 漏洞危害 If a user were tricked into opening a crafted media file with a GStreamer application, an attacker could cause a denial of service…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for gst-plugins-good1.0 to fix the vulnerabilities. 漏洞危害 Successful exploitation the vulnerability may allow denial of service or, potentially, the execution of arbitrary code. 解决方案 Refer to Debian sec…