漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for php-horde-horde to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Fedora has issued updated packages to fix this vulnerabi…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for php-horde-turba to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Fedora has issued updated packages to fix this vulnerabi…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for gsoap to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 This vulnerability could be exploited to gain partial access to sensitive information. Malicious users could also use this vulnerability …
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for varnish to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Fedora has issued updated packages to fix this vulnerability. Up…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for potrace to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 This vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availability. 解决方案 Fe…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for sqlite to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Fedora has issued updated packages to fix this vulnerability. Upd…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for curl to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Fedora has issued updated packages to fix this vulnerability. Updat…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for firefox to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Fedora has issued updated packages to fix this vulnerability. Up…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for libsoup to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Fedora has issued updated packages to fix this vulnerability. Up…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for git to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Fedora has issued updated packages to fix this vulnerability. Update…
漏洞类别:Hardware 漏洞等级: 漏洞信息 Juniper JUNOS is the network operating system used in Juniper Networks hardware systems. The Juniper Enhanced jdhcpd daemon may experience high CPU utilization, or crash and restart upon receipt of an invalid IPv6 UDP packet. Both high…
漏洞类别:Hardware 漏洞等级: 漏洞信息 Juniper JUNOS is the network operating system used in Juniper Networks hardware systems. When the device is configured to perform account lockout with a defined period of time, any unauthenticated user attempting to log in as root with…
漏洞类别:Hardware 漏洞等级: 漏洞信息 Juniper JUNOS is the network operating system used in Juniper Networks hardware systems. A denial of service vulnerability in rpd daemon of Juniper Networks Junos OS allows a malformed MPLS ping packet to crash the rpd daemon. Repeated…
CVE
CVE-2017-2314 Juniper JUNOS BGP OPEN Message RPD Crash Denial of Service Vulnerability (JSA10779)
漏洞类别:General remote services 漏洞等级: 漏洞信息 Juniper JUNOS is the network operating system used in Juniper Networks hardware systems. Receipt of a malformed BGP OPEN message may cause the routing protocol daemon (rpd) process to crash and restart. By continuously s…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 A vulnerability was discovered in GD Graphics Library (aka libgd), as used in PHP that does not zero colorMap arrays before use. 漏洞危害 A specially crafted GIF image could use the uninitialized tables to read bytes from the top of the stac…
CVE
CVE-2017-7533 Ubuntu Security Notification for Linux, Linux-aws, Linux-gke, Linux-raspi2, Linux-snapdragon Regression (USN-3392-1)
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 USN-3378-1 fixed vulnerabilities in the Linux kernel. Unfortunately, a regression was introduced that prevented conntrack from working correctly in some situations. This update fixes the problem. A race condition between inotify events a…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 Multiple security issues were discovered in Firefox. 漏洞危害 If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to conduct cross-site scripting (XSS) attacks, bypass sandbox restric…
CVE
CVE-2017-7546 Ubuntu Security Notification for Postgresql-9.3, Postgresql-9.5, Postgresql-9.6 Vulnerabilities (USN-3390-1)
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that PostgreSQL allowed the use of empty passwords in some authentication methods, contrary to expected behaviour. It was discovered that PostgreSQL incorrectly handled the pg_user_mappings catalog view. It was discover…
CVE
CVE-2017-10053 SUSE Enterprise Linux Security Update for java-1_8_0-openjdk (SUSE-SU-2017:2175-1)
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for java-1_8_0-openjdk to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Server 12-SP3 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP3 SUSE Linux Enterprise Desk…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for jackson-databind to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Fedora has issued updated packages to fix this vulnerab…
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 spikekill.php in Cacti before 1.1.16 might allow remote attackers to execute arbitrary code via the avgnan, outlier-start, or outlier-end parameter. (CVE-2017-12065 ) Cross-site scripting (XSS) vulnerability in aggregate_graphs.php…
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 Security constrained bypass in error page mechanism: While investigating bug 60718, it was noticed that some calls to application listeners in Apache Tomcat 9.0.0.M1 to 9.0.0.M17, 8.5.0 to 8.5.11, 8.0.0.RC1 to 8.0.41, and 7.0.0 to …
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 Vulnerabilities in the Graphite 2 library (MFSA 2017-16) A heap-based buffer overflow flaw related to "lz4::decompress" has been reported in graphite2. An attacker could exploit this issue to cause a crash or, possibly, execute arb…
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 Out-of-bounds heap write in bitset_set_range() An issue was discovered in Oniguruma 6.2.0, as used in Oniguruma-mod in Ruby through 2.4.1 and mbstring in PHP through 7.1.5. A heap out-of-bounds write occurs in bitset_set_range() du…
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 Buffer overflow in mp_override_legacy_irq(): Buffer overflow in the mp_override_legacy_irq() function in arch/x86/kernel/acpi/boot.c in the Linux kernel through 4.12.2 allows local users to gain privileges via a crafted ACPI table.…