漏洞类别:Ubuntu 漏洞等级: 漏洞信息 Multiple vulnerabilities were discovered in Chromium. 漏洞危害 If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to obtain sensitive information, spoof application UI by causing the…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for gst-plugins-base1.0 to fix the vulnerabilities. 漏洞危害 Successful exploitation the vulnerability may allow denial of service or, potentially, the execution of arbitrary code. 解决方案 Refer to Debian sec…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for audiofile to fix the vulnerabilities. 漏洞危害 Successful exploitation the vulnerability may allow denial of service or, potentially, the execution of arbitrary code. 解决方案 Refer to Debian security advi…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for jhead to fix the vulnerabilities. 漏洞危害 Successful exploitation the vulnerability may allow denial of service or, potentially, the execution of arbitrary code. 解决方案 Refer to Debian security advisory…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for firebird2.5 to fix the vulnerabilities. 漏洞危害 Successful exploitation allows remote authenticated users to execute arbitrary code on the firebird server. 解决方案 Refer to Debian security advisory DSA 3…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for tnef to fix the vulnerabilities. 漏洞危害 Successful exploitation of the vulnerability may lead to denial of service via application crash, or potential arbitrary code execution.denial of service via a…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for eject to fix the vulnerabilities. 漏洞危害 A local attacker could use this issue to execute code as an administrator. 解决方案 Refer to Debian security advisory DSA 3823-1 to address this issue and obtain …
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for gst-plugins-bad1.0 to fix the vulnerabilities. 漏洞危害 Successful exploitation of the vulnerability may allow denial of service or the execution of arbitrary code. 解决方案 Refer to Debian security adviso…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for samba to fix the vulnerabilities. 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Refer to Debian security advisory DSA 3816-1 to address this issue and obtain further d…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for jbig2dec to fix the vulnerabilities. 漏洞危害 Successful exploitation may allow a denial of service or the execution of arbitrary code. 解决方案 Refer to Debian security advisory DSA 3817-1 to address this…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for wordpress to fix the vulnerabilities. 漏洞危害 Successful exploitation of the vulnerabilities allow remote attackers to delete unintended files,mount Cross-Site Scripting attacks, or bypass redirect UR…
漏洞类别:VMware 漏洞等级: 漏洞信息 VMware ESXi is an enterprise level computer virtualization product. A local user on the guest system can trigger a heap overflow in SVGA to execute arbitrary code on the host system [CVE-2017-4902]. ESXi 6.0 is not affected. A local user…
漏洞类别:VMware 漏洞等级: 漏洞信息 VMware ESXi is an enterprise level computer virtualization product. A local user on the guest system can trigger an uninitialized stack memory usage error in SVGA to execute arbitrary code on the host system [CVE-2017-4903]. A local user…
漏洞类别:VMware 漏洞等级: 漏洞信息 VMware ESXi is an enterprise level computer virtualization product. A local user on the guest system can trigger an uninitialized stack memory usage error in SVGA to execute arbitrary code on the host system [CVE-2017-4903]. A local user…
漏洞类别:VMware 漏洞等级: 漏洞信息 VMware ESXi is an enterprise level computer virtualization product. A local user on the guest system can trigger an uninitialized stack memory usage error in SVGA to execute arbitrary code on the host system [CVE-2017-4903]. A local user…
漏洞类别:VMware 漏洞等级: 漏洞信息 VMware ESXi is an enterprise level computer virtualization product. A local user on the guest system can trigger a heap overflow in SVGA to execute arbitrary code on the host system [CVE-2017-4902]. ESXi 6.0 is not affected. A local user…
漏洞类别:RedHat 漏洞等级: 漏洞信息 The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. It was found that the fix for CVE-2015-3148 in curl was incomplete. An applicat…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for libpng12-0 to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 漏洞危害 This vulnerability could be exploited to gain co…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for php7 to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 漏洞危害 This vulnerability could be exploite…
漏洞类别:RedHat 漏洞等级: 漏洞信息 Chromium is an open-source web browser, powered by WebKit (Blink). Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or di…
漏洞类别:General remote services 漏洞等级: 漏洞信息 Hash algorithms are used to generate a hash value for a message (an arbitrary block of data) such that a number of cryptographic properties hold. In particular it is expected to be resistant to collisions, that is that g…
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 Package updates are available for Amazon Linux that fix the following vulnerabilities: CVE-2016-5597: * A flaw was found in the way the Networking component of OpenJDK handled HTTP proxy authentication. A Java application could pos…
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 Amazon Linux 2012.03 - AL2012-2017-163: low priority package update for memcached 漏洞危害 Allows unauthorized disclosure of information; allows unauthorized modification; allows disruption of service. 解决方案 Administrators are advised t…
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 Package updates are available for Amazon Linux that fix the following vulnerabilities: CVE-2016-8735: The JmxRemoteLifecycleListener was not updated to take account of Oracle's fix for CVE-2016-3427. JMXRemoteLifecycleListener is o…
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 Package updates are available for Amazon Linux that fix the following vulnerabilities: CVE-2016-8745: 1403824: CVE-2016-8745 tomcat: information disclosure due to incorrect Processor sharing CVE-2016-8735: The JmxRemoteLifecycleLis…