漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that QEMU incorrectly handled the Virtio GPU device. It was discovered that QEMU incorrectly handled the JAZZ RC4030 device. It was discovered that QEMU incorrectly handled VirtFS directory sharing. It was discovered th…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that Samba incorrectly handled symlinks. 漏洞危害 An authenticated remote attacker could use this issue to access files on the server outside of the exported directories. 解决方案 Refer to Ubuntu advisory USN-3267-1 for affecte…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 A race condition existed in the Stream Control Transmission Protocol (SCTP) implementation in the Linux kernel. 漏洞危害 A local attacker could use this to cause a denial of service (system crash). 解决方案 Refer to Ubuntu advisory USN-3266-1 fo…
CVE
CVE-2017-5669 Notification for Linux Ubuntu Linux的安全,gke AWS raspi2 Linux,Linux,Linux的Snapdragon Vulnerabilities(USN-3265
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that a use-after-free flaw existed in the filesystem encryption subsystem in the Linux kernel. An out-of-bounds access in the IPv6 Generic Routing Encapsulation (GRE) tunneling implementation in the Linux kernel. It was…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that a race condition existed in the Stream Control Transmission Protocol (SCTP) implementation in the Linux kernel. 漏洞危害 A local attacker could use this to cause a denial of service (system crash). 解决方案 Refer to Ubuntu…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that a heap-based buffer overflow existed in the FreeType library. 漏洞危害 If a user were tricked into using a specially crafted font file, a remote attacker could cause FreeType to crash, resulting in a denial of service,…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that curl incorrectly handled client certificates when resuming a TLS session. 漏洞危害 A remote attacker could use this to hijack a previously authenticated connection. 解决方案 Refer to Ubuntu advisory USN-3262-1 for affected…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that QEMU incorrectly handled the Virtio GPU device. It was discovered that QEMU incorrectly handled the 6300esb watchdog. It was discovered that QEMU incorrectly handled the i.MX Fast Ethernet Controller. It was discov…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 Multiple security issues were discovered in Firefox. A flaw was discovered in the DRBG number generation in NSS. 漏洞危害 If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to read u…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that the resolver in Bind made incorrect assumptions about ordering when processing responses containing a CNAME or DNAME. It was discovered that in some situations, Bind did not properly handle DNS64 queries. It was di…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for mysql-5.5 to fix the vulnerabilities. 漏洞危害 This vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availability. 解决方案 Refer to Debian secur…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for weechat to fix the vulnerabilities. 漏洞危害 Sucessful exploitation of the vulnerability may allow denial of service attacks. 解决方案 Refer to Debian security advisory DSA 3836-1 to address this issue and…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for python-django to fix the vulnerabilities. 漏洞危害 This vulnerability could be exploited to gain partial access to sensitive information. Malicious users could also use this vulnerability to change par…
漏洞类别:Fedora漏洞等级: 漏洞信息 Fedora has released security update for pcre2 to fix the vulnerability. Affected OS: Fedora 24 漏洞危害 This vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availability. 解决方案 Fedor…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for icu to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 This vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availability. 解决方案 Fedora…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for pcre to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 This vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availability. 解决方案 Fedor…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for libdwarf to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 This vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availability. 解决方案 F…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for tomcat to fix the vulnerability. Affected OS: Fedora 24 Fedora 25 漏洞危害 This vulnerability could be exploited to gain partial access to sensitive information. 解决方案 Fedora has issued updated packages…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for ansible to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 Successful exploitation of the vulnerability allows arbitrary code execution. 解决方案 Fedora has issued updated packages to fix this vulne…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for java-1.8.0-openjdk to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Fedora has issued updated packages to fix this vulner…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for kernel to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 Successful exploitation of the vulnerability allows local users to read or write to kernel memory locations in the first megabyte. 解决方案 …
漏洞类别:RedHat 漏洞等级: 漏洞信息 The JBoss Enterprise Application Platform (or JBoss EAP) is a subscription-based/open-source Java EE-based application server runtime platform used for building, deploying, and hosting highly-transactional Java applications and services.…
漏洞类别:CGI 漏洞等级: 漏洞信息 Joomla! is a free and open-source content management system written in PHP. It uses object oriented programming techniques and is built on a model-view-controller web application framework. It includes features such as page caching, RSS fee…
漏洞类别:CGI 漏洞等级: 漏洞信息 JIRA is a proprietary issue tracking product, developed by Atlassian. It provides bug tracking, issue tracking, and project management functions. JIRA 6.4.x reached end of life on March 17th, 2017 and is no longer be supported by Atlassian.…
漏洞类别:CGI 漏洞等级: 漏洞信息 JIRA is a proprietary issue tracking product, developed by Atlassian. It provides bug tracking, issue tracking, and project management functions. The vulnerability exists because of incorrect implementation of a XML parser and deserializer …