漏洞类别：RedHat 漏洞等级： 漏洞信息 Mozilla Firefox is an open source web browser. Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the pr…

漏洞类别：Local 漏洞等级： 漏洞信息 Oracle Tuxedo is an application server for non-Java languages. It provides a bunch of facilities that help customers build and deploy enterprise applications written in C, C++, COBOL, and with the SALT add-on applications written in Pytho…

漏洞类别：Local 漏洞等级： 漏洞信息 VMware Workstation is a hosted hypervisor that runs on x64 versions of Windows and Linux operating systems. Multiple vulnerabilities were reported in VMware Workstation and Fusion. A local user on the guest system can trigger a heap overf…

漏洞类别：CGI 漏洞等级： 漏洞信息 Webmin is a Web-based interface for system administration of Unix and Linux operating systems. Webmin prior to 1.500 suffers from several critical vulnerabilities Affected Software: Webmin Versions prior to 1.500 QID Detection Logic (Unauth…

漏洞类别：General remote services 漏洞等级： 漏洞信息 The following buffer overflow conditions exist in Intel Active Management Technology (AMT): CVE-2017-5711: Multiple buffer overflows in Active Management Technology (AMT) in Intel Manageability Engine Firmware 8.x/9.x/10…

漏洞类别：Database 漏洞等级： 漏洞信息 Apache CouchDB is a free open source document oriented database written in the Erlang programming language. This Apache CouchDB update fixes the following vulnerabilities: CVE-2017-12635:Remote Code Execution. CVE-2017-12636:Execution …

漏洞类别：Web server 漏洞等级： 漏洞信息 A Remote Code Execution vulnerability has been identified in HP LaserJet Enterprise printers, HP PageWide Enterprise printers, HP LaserJet Managed printers, and HP OfficeJet Enterprise printers. The vulnerability exists due to Insuff…

漏洞类别：SUSE 漏洞等级： 漏洞信息 SUSE has released security update for mxml to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 漏洞危害 This vulnerability can be used to cause a complete denial of service and could render the …

漏洞类别：SUSE 漏洞等级： 漏洞信息 SUSE has released security update for graphicsmagick to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 漏洞危害 This vulnerability could be exploited to gain partial access to sensitive inform…

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 It was discovered that OptiPNG incorrectly handled memory. 漏洞危害 A remote attacker could use this issue with a specially crafted image file to cause OptiPNG to crash, resulting in a denial of service, or possibly execute arbitrary code. 解…

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 It was discovered that XML::LibXML incorrectly handled memory when processing a replaceChild call. 漏洞危害 A remote attacker could possibly use this issue to execute arbitrary code. 解决方案 Refer to Ubuntu advisory USN-3494-1 for affected pack…

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 It was discovered that Exim incorrectly handled memory in the ESMTP CHUNKING extension. 漏洞危害 A remote attacker could use this issue to cause Exim to crash, resulting in a denial of service, or possibly execute arbitrary code. The default…

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 It was discovered that LibRaw incorrectly handled photo files. 漏洞危害 If a user or automated system were tricked into processing a specially crafted photo file, a remote attacker could cause applications linked against LibRaw to crash, res…

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 It was discovered that the ldns-keygen tool incorrectly set permissions on private keys. It was discovered that ldns incorrectly handled memory when processing data. 漏洞危害 A local attacker could possibly use this issue to obtain generated…

漏洞类别：General remote services 漏洞等级： 漏洞信息 The following buffer overflow and privilege escalation conditions exist in Intel Management Engine (ME): CVE-2017-5705: Multiple buffer overflows allow attacker with local access to the system to execute arbitrary code. …

漏洞类别：RedHat 漏洞等级： 漏洞信息 Samba is an open-source implementation of the Server Message Block (SMB) protocol. A use-after-free flaw was found in the way samba servers handled certain SMB1 requests. An unauthenticated attacker could send specially-crafted SMB1 requ…

漏洞类别：SUSE 漏洞等级： 漏洞信息 SUSE has released security update for to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Server 12-SP3 SUSE Linux Enterprise Server 12-SP2 漏洞危害 This vulnerability could be exploited to gain complete access to sensitive in…

漏洞类别：SUSE 漏洞等级： 漏洞信息 SUSE has released security update for samba to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 漏洞危害 This vulnerabili…

漏洞类别：SUSE 漏洞等级： 漏洞信息 SUSE has released security update for samba to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 漏洞危害 This vulnerabili…

漏洞类别：SUSE 漏洞等级： 漏洞信息 SUSE has released security update for liblouis to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Server 11-SP4 漏洞危害 This vulnerability could be exploited to gain complete access to sensitive information. Malicious users …

漏洞类别：SUSE 漏洞等级： 漏洞信息 SUSE has released security update for gimp to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP3 SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Desktop 12-SP3 SUSE…

漏洞类别：Local 漏洞等级： 漏洞信息 A vulnerability in macOS High Sierra operating system that allows an attacker with physical access to gain system administrator access without entering a password. The security bug can be triggered via the authentication dialog box in mac…

漏洞类别：Local 漏洞等级： 漏洞信息 Apple macOS High Sierra 10.13.1, Security Update 2017-001 Sierra, and Security Update 2017-004 El Capitan Not Installed. An update is available to resolve multiple security vulnerabilities. Additional information regarding the update can …

漏洞类别：RedHat 漏洞等级： 漏洞信息 The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. A buffer overrun flaw was found in the IMAP handler of libcurl. By tricking an …

漏洞类别：Cisco 漏洞等级： 漏洞信息 A vulnerability in the upgrade mechanism of Cisco Unified Communications Manager based on the Cisco Voice Operating System software platform could allow an unauthenticated, remote attacker to gain unauthorized, elevated access to an affec…