漏洞类别：RedHat 漏洞等级： 漏洞信息 Redis is an advanced key-value store. A permissions flaw was found in redis, which sets weak permissions on certain files and directories that could potentially contain sensitive information. A local, unprivileged user could possibly use…

漏洞类别：RedHat 漏洞等级： 漏洞信息 The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities, detailed in the Adobe Security Bulletin liste…

漏洞类别：RedHat 漏洞等级： 漏洞信息 The kernel packages contain the Linux kernel, the core of any Linux operating system. A race condition issue leading to a use-after-free flaw was found in the way the raw packet sockets are implemented in the Linux kernel networking subs…

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 It was discovered that Irssi incorrectly handled messages with invalid time stamps. It was discovered that Irssi incorrectly handled the internal nick list. It was discovered that Irssi incorrectly removed destroyed channels from the que…

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 It was discovered that Wget incorrectly handled certain HTTP responses. It was discovered that Wget incorrectly handled recursive or mirroring mode. It was discovered that Wget incorrectly handled CRLF sequences in HTTP headers. 漏洞危害 A r…

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 It was discovered that Werkzeug did not properly handle certain web scripts. 漏洞危害 A remote attacker could use this to inject arbitrary code via a field that contains an exception message. 解决方案 Refer to Ubuntu advisory USN-3463-1 for affe…

漏洞类别：Cisco 漏洞等级： 漏洞信息 The DHCP relay subsystem of Cisco IOS and Cisco IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system. The attacker could also c…

漏洞类别：SUSE 漏洞等级： 漏洞信息 SUSE has released security update for mozillafirefox, mozilla-nss to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 漏洞危害 This vulnerability could be exp…

漏洞类别：SUSE 漏洞等级： 漏洞信息 SUSE has released security update for the linux kernel to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 漏洞危害 This …

漏洞类别：SUSE 漏洞等级： 漏洞信息 SUSE has released security update for xen to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 漏洞危害 This vulnerability…

漏洞类别：SUSE 漏洞等级： 漏洞信息 SUSE has released security update for wireshark to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP3 SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server 12-SP3 …

漏洞类别：SUSE 漏洞等级： 漏洞信息 SUSE has released security update for botan to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP3 SUSE Linux Enterprise Software Development Kit 12-SP2 漏洞危害 This vulnerability could be exploit…

漏洞类别：SUSE 漏洞等级： 漏洞信息 SUSE has released security update for tcpdump to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Server 12-SP3 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP3 SUSE Linux Enterprise Desktop 12-SP2 …

漏洞类别：Local 漏洞等级： 漏洞信息 RubyGems is a package management framework for Ruby. RubyGems is prone to remote code-execution vulnerability since YAML deserialization of gem specifications can bypass class white lists. An attacker can exploit this issue to execute arb…

漏洞类别：Security Policy 漏洞等级： 漏洞信息 Adobe Reader/Acrobat XI is installed on the host .Adobe ended support for Adobe Acrobat XI on October 15, 2017 and provides no further updates. QID Detection Logic (authenticated): Operating System: MacOS This authenticated QID …

漏洞类别：Cisco 漏洞等级： 漏洞信息 Multiple Cisco products are affected by a vulnerability involving the Open Shortest Path First (OSPF) Routing Protocol Link State Advertisement (LSA) database. This vulnerability could allow an unauthenticated, remote attacker to take ful…

漏洞类别：Local 漏洞等级： 漏洞信息 The Cisco WebEx Network Recording Player is an application that is used to play back WebEx meeting recordings that have been recorded on the computer of an online meeting attendee. Affected Versions: Cisco WebEx Business Suite (WBS29) cli…

漏洞类别：RedHat 漏洞等级： 漏洞信息 Chromium is an open-source web browser, powered by WebKit (Blink). A flaw was found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose se…

漏洞类别：Local 漏洞等级： 漏洞信息 HPE Operations Orchestration is a leading IT process automation solution designed to increase automation adoption in a traditional data center. A potential security vulnerability has been identified in HPE Operations Orchestration product…

漏洞类别：Local 漏洞等级： 漏洞信息 On VIPRION platforms only, the script which synchronizes SafeNet External Network HSM configuration elements between blades in a clustered deployment will log the HSM partition password in cleartext to the "/var/log/ltm" log file. Affecte…

漏洞类别：CGI 漏洞等级： 漏洞信息 Jira is a proprietary issue tracking product, developed by Atlassian. It provides bug tracking, issue tracking, and project management functions. Atlassian JIRA Server is prone to a cross-site request-forgery vulnerability in auditing/setti…

漏洞类别：Security Policy 漏洞等级： 漏洞信息 Jenkins is an open source automation server written in Java. Support for Jenkins 1.x ended on 2016-07-07. No further bug fixes, enhancements, security updates or technical support is available for this version. QID Detection Log…

漏洞类别：Local 漏洞等级： 漏洞信息 Safari is a Web-browser developed by Apple which is based on the WebKit engine. Visiting a malicious website may lead to address bar spoofing [CVE-2017-13790, CVE-2017-13789]. Processing maliciously crafted web content may lead to arbitra…

漏洞类别：Database 漏洞等级： 漏洞信息 MongoDB is an open source database project, which is available for a number of operating systems, including Microsoft Windows and Linux. We have obtained a list of MongoDB users along with their passwords and/or password hashes. This i…

漏洞类别：Security Policy 漏洞等级： 漏洞信息 MongoDB authentication was enabled but it was not performed for this particular host because the host's IP address is not included in any MongoDB authentication records. 漏洞危害 Vulnerabilities that require MongoDB authentication m…