漏洞类别：CGI 漏洞等级： 漏洞信息 MediaWiki is free and open source wiki software developed by the Wikimedia. It's used to power wiki web sites such as Wikipedia, Wiktionary and Commons. These releases fix the following five security issues in core and one for the extension…

漏洞类别：CGI 漏洞等级： 漏洞信息 TYPO3 is a free and open source web content management system written in PHP. The News System is a versatile news extension, based on extbase and fluid. The vulnerability exists in the News System extension, when the overrideDemand is set t…

漏洞类别：CGI 漏洞等级： 漏洞信息 PayPal PHP Merchant SDK can be used for integrating with the Express Checkout, Mass Pay, Web Payments Pro APIs. The vulnerability exists in the implemented merchant-sdk-php\samples\AccountAuthentication\GetAuthDetails.html.php source file t…

漏洞类别： Web server漏洞等级： 漏洞信息 Sophos Secure Web Appliance (SWA) works seamlessly with Sophos Secured Windows Endpoints to provide complete web protection for offsite users. The Sophos SWA is prone to Session Fixation and multiple Remote Command Injection vulnerab…

漏洞类别：Local 漏洞等级： 漏洞信息 Adobe Photoshop is an application that allows users to view and edit various graphic formats. Adobe has released an update for Photoshop CC which fixes the following issues: - This update resolves a critical memory corruption vulnerabilit…

漏洞类别：CentOS 漏洞等级： 漏洞信息 CentOS has released security update for coreutils to fix the vulnerabilities. Affected Products: centos 6 漏洞危害 Successful exploitation allows an attacker to compromise the system. 解决方案 To resolve this issue, upgrade to the latest package…

漏洞类别：RedHat 漏洞等级： 漏洞信息 Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. It was discovered that the code that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction wi…

漏洞类别：RedHat 漏洞等级： 漏洞信息 The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities, detailed in the Adobe Security Bulletin liste…

漏洞类别：RedHat 漏洞等级： 漏洞信息 389 Directory Server is an LDAP version 3 (LDAPv3) compliant server. An invalid pointer dereference flaw was found in the way 389-ds-base handled LDAP bind requests. A remote unauthenticated attacker could use this flaw to make ns-slapd …

漏洞类别：RedHat 漏洞等级： 漏洞信息 LibreOffice is an open source, community-developed office productivity suite. It was found that LibreOffice disclosed contents of a file specified in an embedded object's preview. An attacker could potentially use this flaw to expose det…

漏洞类别：RedHat 漏洞等级： 漏洞信息 The util-linux packages contain a large variety of low-level system utilities that are necessary for a Linux system to function. A race condition was found in the way su handled the management of child processes. A local authenticated at…

漏洞类别：RedHat 漏洞等级： 漏洞信息 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. It was discovered that the mod_session_crypto module of httpd did not use any mechanisms to verify integrity of the encrypted session da…

漏洞类别：RedHat 漏洞等级： 漏洞信息 The kernel packages contain the Linux kernel, the core of any Linux operating system. A race condition flaw was found in the N_HLDC Linux kernel driver when accessing n_hdlc.tbuf list that can lead to double free. A local, unprivileged u…

漏洞类别：Windows 漏洞等级： 漏洞信息 Microsoft has released Cumulative Security Updates for Windows which addresses the following vulnerabilities:- An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. (CVE-2017-0167) …

漏洞类别：Windows 漏洞等级： 漏洞信息 A remote code execution vulnerability exists when the .NET Framework fails to properly validate input before loading libraries (CVE-2017-0160). KB 4014981, 4014983, 4015219, 4014982, 4015217, 4015221, 4015583 and 4014984 are covered in …

漏洞类别：Windows 漏洞等级： 漏洞信息 Microsoft Silverlight is a Web browser plug-in for Windows and Mac OS X that delivers high quality video/audio, animation, and richer Website experiences in popular Web browsers. This security update to Silverlight includes fixes outlin…

漏洞类别：Security Policy 漏洞等级： 漏洞信息 Microsoft Exchange Server 2007 has been detected on the host Microsoft ended support for Microsoft Exchange Server 2007 on April 11, 2017 and provides no further support. 漏洞危害 The system is at high risk of being exposed to secur…

漏洞类别：Security Policy 漏洞等级： 漏洞信息 The host is running Windows Vista Service Pack 2 . Microsoft ended support for Windows Vista Service Pack 2 on April 11, 2017 and provides no further support. 漏洞危害 The system is at high risk of being exposed to security vulnerab…

漏洞类别：Local 漏洞等级： 漏洞信息 Adobe Creative Cloud Desktop Application is your central location for managing the dozens of apps and services that are included in your Creative Cloud membership. You can also sync and share files, manage thousands of fonts, access libra…

漏洞类别：Local 漏洞等级： 漏洞信息 Adobe Flash Player is a Cross-platform plugin plays animations, videos and sound files in .SWF format. These vulnerabilities that could potentially allow an attacker to take control of the affected system. ( CVE-2017-3058, CVE-2017-3059, …

漏洞类别：Local 漏洞等级： 漏洞信息 Interactive Graphical SCADA (IGSS) is full featured automation software - a SCADA system for process control and supervision. The vulnerability identified is related to two sets of Windows files that can be hijacked.Certain OCX and DLL fi…

漏洞类别：Debian 漏洞等级： 漏洞信息 Debian has released security update for jasper to fix the vulnerabilities. 漏洞危害 This vulnerability could be exploited to gain partial access to sensitive information. Malicious users could also use this vulnerability to change partial co…

漏洞类别：SUSE 漏洞等级： 漏洞信息 SUSE has released security update for gstreamer to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 漏洞危害 This vulnera…

漏洞类别：SUSE 漏洞等级： 漏洞信息 SUSE has released security update for gstreamer-plugins-bad to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 漏洞危害 …

漏洞类别：SUSE 漏洞等级： 漏洞信息 SUSE has released security update for jasper to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP2 SUS…