漏洞类别:CGI 漏洞等级: 漏洞信息 JIRA is a proprietary issue tracking product, developed by Atlassian. It provides bug tracking, issue tracking, and project management functions. The vulnerability exists because of incorrect implementation of a XML parser and deserializer …
漏洞类别:OEL 漏洞等级: 漏洞信息 Oracle Enterprise Linux has released security update for nss to fix the vulnerabilities. Affected Products: Oracle Linux 5 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 To resolve this issue, upgrade to the lat…
漏洞类别:Information gathering 漏洞等级: 漏洞信息 A redirect from a HTTPS connection to HTTP was detected. Communications sent over HTTP are not encrypted and its is recommended to use HTTPS instead as it is more secure. 漏洞危害 解决方案 0day
漏洞类别:Information gathering 漏洞等级: 漏洞信息 Cisco Identity Services Engine (ISE) is a network administration product that enables the creation and enforcement of security and access policies for endpoint devices connected to the company's routers and switches. The r…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for collectd to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 This vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availability. 解决方案 F…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for collectd to fix the vulnerability. Affected OS: Fedora 24 漏洞危害 This vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availability. 解决方案 F…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for tigervnc to fix the vulnerability. Affected OS: Fedora 24 漏洞危害 This vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availability. 解决方案 F…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for dovecot to fix the vulnerability. Affected OS: Fedora 24 Fedora 25 漏洞危害 Successful exploitation of the vulnerability allows denial of service attacks. 解决方案 Fedora has issued updated packages to fix…
漏洞类别:Hardware 漏洞等级: 漏洞信息 A privilege escalation vulnerability resides in Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology, which may allow an unprivileged attacker to gain control of the manageab…
漏洞类别:Windows 漏洞等级: 漏洞信息 ERRATICGOPHER is an exploit from the recent Shadow Brokers leak. This zero day exploit is remotely exploitable on systems running SMBv1. This information comes from the Shadow Brokers' "Equation Group" data dump. This Zero Day is active…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for ghostscript to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for mysql to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 漏洞危害 This vulnerability can be used to cause a limited den…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for minicom to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Server 11-SP4 漏洞危害 This vulnerability could be exploited to gain partial access to sensitive information. Malicious users co…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for kvm to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Server 11-SP4 漏洞危害 This vulnerability can also be used to cause a limited denial of service in the form of interruptions in reso…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that Ghostscript improperly handled parameters to the rsdparams and eqproc commands. A use-after-free vulnerability in the color management module of Ghostscript. A divide-by-zero error in the scan conversion code in Gh…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 An integer overflow in the xsltAddTextString() function in Libxslt. It was discovered that Libxslt mishandled namespace nodes. A use-after-error existed in the xsltDocumentFunctionLoadDocument() function in Libxslt. A type confusion erro…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that the DES and Triple DES ciphers were vulnerable to birthday attacks. It was discovered that NSS incorrectly handled Base64 decoding. This update refreshes the NSS package to version 3.28.4 which includes the latest …
CVE
CVE-2017-3302 Ubuntu Security Notification for Mysql-5.5, Mysql-5.7 Vulnerabilities (USN-3269-1)
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.5.55 in Ubuntu 14.04 LTS. Ubuntu 16.04 LTS, Ubuntu 16.10 and Ubuntu 17.04 have been u…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for dpkg to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 漏洞危害 This vulnerability could be exploited to gain partial access to sensiti…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for zziplib to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Desktop 12-SP2 S…
漏洞类别:Cisco 漏洞等级: 漏洞信息 A vulnerability in the Session Initiation Protocol (SIP) UDP throttling process of Cisco Unified Communications Manager (Cisco Unified CM) could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an …
漏洞类别:Cisco 漏洞等级: 漏洞信息 A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco IOS XE Software could allow an authenticated, remote attacker to cause a denial of service condition. The vulnerability is due to a race condition that co…
漏洞类别:Cisco 漏洞等级: 漏洞信息 Multiple vulnerabilities in the EnergyWise module of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause a buffer overflow condition or a reload of an affected device, leading to a denial of servic…
漏洞类别:Local 漏洞等级: 漏洞信息 A heap overflow vulnerability has been identified in Citrix NetScaler Gateway that could allow a remote, authenticated user to execute arbitrary commands on the NetScaler Gateway appliance as a root user. The vulnerability affects the fol…
漏洞类别:Local 漏洞等级: 漏洞信息 VirtualBox is a general-purpose full virtualizer for x86 hardware, targeted at server, desktop and embedded use. Multiple vulnerabilities were reported in Oracle VM VirtualBox. A local user can cause denial of service conditions on the ta…