漏洞类别：Debian 漏洞等级： 漏洞信息 Debian has released security update for libtasn1-6 to fix the vulnerabilities. 漏洞危害 Successful exploitation of the vulnerability may allow an attacker to cause a denial-of-service or potentially execute arbitrary code. 解决方案 Refer to Debi…

漏洞类别：RedHat 漏洞等级： 漏洞信息 The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the packet_set_ring() function of the Linux kernel's networking implementation did not properly validate certain block-size data. A l…

漏洞类别：AIX 漏洞等级： 漏洞信息 AIX is prone to the following vulnerabilities: tcpdump is vulnerable to multiple buffer overflow vulnerabilities caused by improper bounds checking by the parser. Affected Platforms: AIX 5.3, 6.1, 7.1, 7.2 Note:The detection requires root p…

漏洞类别：OEL 漏洞等级： 漏洞信息 Oracle Enterprise Linux has released security update for libtirpc to fix the vulnerabilities. Affected Products: Oracle Linux 7 漏洞危害 Successful exploitation of the vulnerability may cause denial of service attacks. 解决方案 To resolve this issu…

漏洞类别：Local 漏洞等级： 漏洞信息 The defusedxml package contains several Python-only updates for security vulnerabilities in Python's XML libraries. Defusedxml functions and classes can be used instead of the originals to protect against entity-expansion and DTD-retrieva…

漏洞类别：General remote services 漏洞等级： 漏洞信息 The target is determined to be a pfSense device, which uses protocols such as SSH for configuration management. These services can be accessed and are an invitation for malicious users to break in. If this is found exter…

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 It was discovered that Sudo did not properly parse the contents of /proc/[pid]/stat when attempting to determine its controlling tty. 漏洞危害 A local attacker in some configurations could possibly use this to overwrite any file on the files…

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 A large number of security issues were discovered in the WebKitGTK+ Web and JavaScript engines. 漏洞危害 If a user were tricked into viewing a malicious website, a remote attacker could exploit a variety of issues related to web browser secu…

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 It was discovered that ImageMagick incorrectly handled certain malformed image files. 漏洞危害 If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a den…

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 It was discovered that the strongSwan gmp plugin incorrectly validated RSA public keys. It was discovered that strongSwan incorrectly parsed ASN.1 CHOICE types. 漏洞危害 A remote attacker could use this issue to cause strongSwan to crash, re…

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 It was discovered that juju did not set permissions on a Unix domain socket. 漏洞危害 A local attacker could use this flaw to gain administrative privileges. 解决方案 Refer to Ubuntu advisory USN-3300-1 for affected packages and patching details…

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 Some security information preloaded in Firefox was due to expire before the next scheduled release. 漏洞危害 This update bumps the expiration times. 解决方案 Refer to Ubuntu advisory USN-3299-1 for affected packages and patching details, or upda…

漏洞类别：RedHat 漏洞等级： 漏洞信息 The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. A…

漏洞类别：SUSE 漏洞等级： 漏洞信息 SUSE has released security update for libxml2 to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 漏洞危害 This vulnerabi…

漏洞类别：SUSE 漏洞等级： 漏洞信息 SUSE has released security update for sudo to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 漏洞危害 This vulnerabilit…

漏洞类别：SUSE 漏洞等级： 漏洞信息 SUSE has released security update for java-1_8_0-openjdk to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 漏洞危害 This vulnerability could be exploited to gain partial acc…

漏洞类别：SUSE 漏洞等级： 漏洞信息 SUSE has released security update for wireshark to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP2 …

漏洞类别：SUSE 漏洞等级： 漏洞信息 SUSE has released security update for git to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 漏洞危害 This vulnerability could be exploited to gain partial access to sensitive information. Mali…

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 It was discovered that juju did not set permissions on a Unix domain socket. 漏洞危害 A local attacker could use this flaw to gain administrative privileges. 解决方案 Refer to Ubuntu advisory USN-3300-1 for affected packages and patching details…

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 Some security information preloaded in Firefox was due to expire before the next scheduled release. 漏洞危害 This update bumps the expiration times. 解决方案 Refer to Ubuntu advisory USN-3299-1 for affected packages and patching details, or upda…

漏洞类别：RedHat 漏洞等级： 漏洞信息 The sudo packages contain the sudo utility which allows system administrators to provide certain users with the permission to execute privileged commands, which are used for system management purposes, without having to log in as root. A…

漏洞类别：SUSE 漏洞等级： 漏洞信息 SUSE has released security update for libxml2 to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 漏洞危害 This vulnerabi…

漏洞类别：SUSE 漏洞等级： 漏洞信息 SUSE has released security update for sudo to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 漏洞危害 This vulnerabilit…

漏洞类别：SUSE 漏洞等级： 漏洞信息 SUSE has released security update for java-1_8_0-openjdk to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 漏洞危害 This vulnerability could be exploited to gain partial acc…

漏洞类别：SUSE 漏洞等级： 漏洞信息 SUSE has released security update for wireshark to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP2 …