漏洞类别：VMware 漏洞等级： 漏洞信息 VMware vCenter is the centralized management tool for the vSphere suite. The target is missing Update U3f, which corrects the following security issue: The Flash-based vSphere Web Client (i.e. not the new HTML5-based vSphere Client) cont…

漏洞类别：VMware 漏洞等级： 漏洞信息 VMware vCenter is the centralized management tool for the vSphere suite. The target is missing Update U3c, which corrects the following security issue: VMware vCenter Server doesn't correctly handle specially crafted LDAP network packets…

漏洞类别：Debian 漏洞等级： 漏洞信息 Debian has released security update for openjdk-8 to fix the vulnerabilities. 漏洞危害 This vulnerability could be exploited to gain partial access to sensitive information. Malicious users could also use this vulnerability to change partial…

漏洞类别：Debian 漏洞等级： 漏洞信息 Debian has released security update for git-annex to fix the vulnerabilities. 漏洞危害 This vulnerability could be exploited to gain partial access to sensitive information. Malicious users could also use this vulnerability to change partial…

漏洞类别：Debian 漏洞等级： 漏洞信息 Debian has released security update for openjfx to fix the vulnerabilities. 漏洞危害 This vulnerability could be exploited to gain partial access to sensitive information. Malicious users could also use this vulnerability to change partial c…

漏洞类别：RedHat 漏洞等级： 漏洞信息 PHP is an HTML-embedded scripting language commonly used with the Apache HTTP Server. A null pointer dereference flaw was found in libgd. An attacker could use a specially-crafted .gd2 file to cause an application linked with libgd to cr…

漏洞类别：RedHat 漏洞等级： 漏洞信息 Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. It was found that while parsing the SAML messages the StaxParserUtil class of Picketlink replaces special strings fo…

漏洞类别：RedHat 漏洞等级： 漏洞信息 Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. It was found that Apache Lucene would accept an object from an unauthenticated user that could be manipulated throug…

漏洞类别：RedHat 漏洞等级： 漏洞信息 The jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services (AWS) Elastic Compute Cloud (EC2). It was found that while parsing the SAML messages the StaxParserUtil class…

漏洞类别：RedHat 漏洞等级： 漏洞信息 Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. It was found that while parsing the SAML messages the StaxParserUtil class of Picketlink replaces special strings fo…

漏洞类别：RedHat 漏洞等级： 漏洞信息 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. It was discovered that the httpd's mod_auth_digest module did not properly initialize memory before using it when processing certain hea…

漏洞类别：Fedora 漏洞等级： 漏洞信息 Fedora has released security update for kernel to fix the vulnerability. Affected OS: Fedora 26 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Fedora has issued updated packages to fix this vulnerability. For…

漏洞类别：RedHat 漏洞等级： 漏洞信息 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. It was discovered that the httpd's mod_auth_digest module did not properly initialize memory before using it when processing certain hea…

漏洞类别：Local 漏洞等级： 漏洞信息 Arcserve Backup for Windows 16.5 and earlier versions is detected on host. 漏洞危害 The system is at high risk of being exposed to security vulnerabilities. Since the vendor no longer provides updates, obsolete software is highly prone to vul…

漏洞类别：Local 漏洞等级： 漏洞信息 Adobe InDesign is a desktop publishing software application. This update addresses a critical memory corruption vulnerability due to improper handling of a malformed .inx file. Affected Versions: Adobe InDesign 12.1.0 and earlier versions…

漏洞类别：Local 漏洞等级： 漏洞信息 Firefox is a free and open-source web browser developed for Windows, OS X, and Linux, with a mobile version for Android. Multiple vulnerabilities were reported in Mozilla Firefox.Cross-origin URL information leak through Resource Timing A…

漏洞类别：Local 漏洞等级： 漏洞信息 Adobe Photoshop is an application that allows users to view and edit various graphic formats. Adobe has released an update for Photoshop CC which fixes the following issues: - This update resolves a critical memory corruption vulnerabilit…

漏洞类别：Local 漏洞等级： 漏洞信息 The Adobe DNG Converter enables you to easily convert camera-specific raw files from supported cameras to a more universal DNG raw file. Adobe DNG Converter is vulnerable to memory corruption vulnerability that could be used by an attacke…

漏洞类别：CGI 漏洞等级： 漏洞信息 WordPress is an open source blogging tool and content management system based on PHP and MySQL. It has many features including a plug-in architecture and a template system. The Duplicator plugin gives WordPress users an ability to migrate, …

漏洞类别：CGI 漏洞等级： 漏洞信息 WordPress is an open source blogging tool and content management system based on PHP and MySQL. It has many features including a plug-in architecture and a template system. User Login History easily tracks user login with the multiple attri…

漏洞类别：CGI 漏洞等级： 漏洞信息 WordPress is an open source blogging tool and content management system based on PHP and MySQL. It has many features including a plug-in architecture and a template system. Ultimate Form Builder Lite is a WordPress Plugin which allows you t…

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 It was discovered that PostgreSQL incorrectly handled memory when processing certain JSON functions. It was discovered that PostgreSQL incorrectly enforced SELECT privileges when processing INSERT ... ON CONFLICT DO UPDATE commands. 漏洞危害…

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 It was discovered that Perl incorrectly handled certain regular expressions. 漏洞危害 An attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2017-12837, CVE-2017-12…

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 It was discovered that the postgresql-common pg_ctlcluster script incorrectly handled symlinks. It was discovered that the postgresql-common helper scripts incorrectly handled symlinks. 漏洞危害 A local attacker could possibly use this issue…

漏洞类别：VMware 漏洞等级： 漏洞信息 VMware vCenter is the centralized management tool for the vSphere suite. The target is missing Update U3a, which corrects the following security issue: VMware products running JRE 1.7 Update 75 or newer and JRE 1.6 Update 91 or newer are…