漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 Apache Portable Runtime Utility (APR-util) fails to validate the integrity of SDBM database files used by apr_sdbm*() functions, resulting in a possible out of bound read access. A local user with write access to the database can m…
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 An out-of-bounds array dereference was found in apr_time_exp_get(). An attacker could abuse an unvalidated usage of this function to cause a denial of service or potentially lead to data leak.(CVE-2017-12613 ) QID Detection Logic: …
漏洞类别:Web Application 漏洞等级: 漏洞信息 An XML External Entity (XXE) file inclusion error was detected. The web application is parsing user-controlled XML data without sanitization and an error was returned when unable to access the resource referred to by the injecte…
漏洞类别:Web Application Firewall 漏洞等级: 漏洞信息 When a XML/JSON message is invalid or malformed it could conduct to errors in parsing allowing an attacker to find a vulnerable entry point in the web service. 漏洞危害 When a malformed or invalid XML/JSON message is parsed…
漏洞类别:Local 漏洞等级: 漏洞信息 Symantec Endpoint Encryption (SEE), powered by PGP technology provides organizations with strong full-disk and removable media encryption and the ability to integrate with Symantec Data Loss Prevention. A denial of service (DoS) attack is…
漏洞类别:Local 漏洞等级: 漏洞信息 The HP Touchpoint Analytics client harvests telemetry information that is used by HP Touchpoint's analytical services. Reports suggest that this service is being pushed on user systems without permissions from the end user. 漏洞危害 N/A 解决方案 …
漏洞类别:Local 漏洞等级: 漏洞信息 In BIG-IP ASM, in some cases the Traffic Management Microkernel (TMM) may crash when processing fragmented packets. This vulnerability affects TMM through a virtual server configured with a FastL4 profile. Traffic processing is disrupted …
漏洞类别:RedHat 漏洞等级: 漏洞信息 Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. Quick Emulator (QEMU), compiled with the PC System Emulator with multiboot feature support, is vulnerable to an OOB r/w memory …
漏洞类别:RedHat 漏洞等级: 漏洞信息 The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that the timer functionality in the Linux kernel ALSA subsystem is prone to a race condition between read and ioctl system call handlers, …
漏洞类别:CGI 漏洞等级: 漏洞信息 Tripwire delivers a robust file integrity monitoring (FIM) solution, able to monitor detailed system integrity: files, directories, registries, configuration parameters, DLLs, ports, services, protocols, etc. The Tripwire Enterprise Console…
漏洞类别:CentOS 漏洞等级: 漏洞信息 CentOS has released security update for procmail to fix the vulnerabilities. Affected Products: centos 7 漏洞危害 This vulnerability could be exploited to gain complete access to sensitive information. Malicious users could also use this vul…
漏洞类别:CentOS 漏洞等级: 漏洞信息 CentOS has released security update for apr to fix the vulnerabilities. Affected Products: centos 6 centos 7 漏洞危害 This vulnerability could be exploited to gain partial access to sensitive information. Additionally this vulnerability can …
漏洞类别:CentOS 漏洞等级: 漏洞信息 CentOS has released security update for samba security update to fix the vulnerabilities. Affected Products: centos 7 漏洞危害 Successful exploitation allows attacker to execute arbitrary code. 解决方案 To resolve this issue, upgrade to the late…
漏洞类别:CentOS 漏洞等级: 漏洞信息 CentOS has released security update for curl to fix the vulnerabilities. Affected Products: centos 7 漏洞危害 This vulnerability could be exploited to gain partial access to sensitive information. Additionally this vulnerability can also be …
漏洞类别:CentOS 漏洞等级: 漏洞信息 CentOS has released security update for firefox to fix the vulnerabilities. Affected Products: centos 6 centos 7 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 To resolve this issue, upgrade to the latest pac…
漏洞类别:CentOS 漏洞等级: 漏洞信息 CentOS has released security update for kernel to fix the vulnerabilities. Affected Products: centos 6 漏洞危害 This vulnerability could be exploited to gain complete access to sensitive information. Malicious users could also use this vulne…
漏洞类别:CentOS 漏洞等级: 漏洞信息 CentOS has released security update for php security update to fix the vulnerabilities. Affected Products: centos 7 漏洞危害 This vulnerability could be exploited to gain partial access to sensitive information. Malicious users could also us…
漏洞类别:HP-UX 漏洞等级: 漏洞信息 Potential security vulnerabilities have been identified in the HP-UX BIND service running named. Affected Versions:- HP-UX DNS and BIND Software B.11.31 - BIND 9.9.4 prior to C.9.9.4.11.0 And BIND 9.11.1 prior to C.9.11.1.2.0 漏洞危害 These v…
漏洞类别:RedHat 漏洞等级: 漏洞信息 Mozilla Thunderbird is a standalone mail and newsgroup client. Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitr…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for ncurses to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 漏洞危害 This vulnerability can also be used to cause a limi…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for lynx to fix the vulnerabilities. Affected Product: SUSE Linux Enterprise Software Development Kit 11-SP4 漏洞危害 This vulnerability could be exploited to gain partial access to sensitive information. 解决方案…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for xen to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 漏洞危害 This vulnerability…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for curl to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 漏洞危害 This vulnerability can also be used to cause a limited…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for binutils to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP3 SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server 12-SP3 S…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for openssl to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP3 SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server 12-SP3 SU…