漏洞类别：General remote services 漏洞等级： 漏洞信息 Nagios Core is a free and open source computer-software application that monitors systems, networks and infrastructure. The vulnerability is caused by the implementation of a vulnerable component for handling RSS news fe…

漏洞类别：Local 漏洞等级： 漏洞信息 Cross-platform plugin plays animations, videos and sound files in .SWF format. These vulnerabilities that could potentially allow an attacker to take control of the affected system. (CVE-2017-2925, CVE-2017-2926, CVE-2017-2927, CVE-2017-2…

漏洞类别：Local 漏洞等级： 漏洞信息 Adobe Reader and Acrobat are applications for handling PDF files. They are prone to multiple vulnerabilities that could potentially allow an attacker to take control of an affected system. Affected Software: Acrobat DC Continuous 15.020.2…

漏洞类别：Office Application 漏洞等级： 漏洞信息 A remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle objects in memory. The security update addresses the vulnerability by correcting how affected version…

漏洞类别：Windows 漏洞等级： 漏洞信息 Microsoft Edge fails to enforce cross-domain policies with regards to about:blank, this could allow information from one domain to be injected in to another leading to elevation of privilege. Microsoft has assigned this advisory as Impo…

漏洞类别：Windows 漏洞等级： 漏洞信息 The Local Security Authority Subsystem Service (LSASS) is a process in windows which is helps in enforcing security policies on a system. The updates fixes a fixes a denial of service attack by changing the way LSASS handles specially c…

漏洞类别：Internet Explorer 漏洞等级： 漏洞信息 The update addresses the vulnerabilities which are described in Adobe Security Bulletin APSB17-02, by updating the affected Adobe Flash libraries contained within Internet Explorer 10, Internet Explorer 11, and Microsoft Edge.…

漏洞类别：SUSE 漏洞等级： 漏洞信息 SUSE has released security update for gstreamer-plugins-good to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 漏洞危害 This vulnerability could be exploited to gain partial…

漏洞类别：CGI 漏洞等级： 漏洞信息 Joomla! is a free open-source content management system written in PHP. It uses object oriented programming techniques and is built on a model-view-controller web application framework. It includes features such as page caching, RSS feeds, …

漏洞类别：CGI 漏洞等级： 漏洞信息 DNN (formerly DotNetNuke) is a web content management system based on Microsoft .NET. DotNetNuke fails to impose sufficient security restrictions on the installation wizard as a result of which, an unauthenticated attacker can create a new …

漏洞类别：OEL 漏洞等级： 漏洞信息 Oracle Enterprise Linux has released security update for ghostscript to fix the vulnerabilities. Affected Products: Oracle Linux 6 漏洞危害 Successful exploitation of the vulnerabilities can cause remote code execution and information disclosur…

漏洞类别：OEL 漏洞等级： 漏洞信息 Oracle Enterprise Linux has released security update for ghostscript to fix the vulnerabilities. Affected Products: Oracle Linux 7 漏洞危害 Successful exploitation of the vulnerabilities can cause remote code execution and information disclosur…

漏洞类别：SUSE 漏洞等级： 漏洞信息 SUSE has released security update for zlib to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 漏洞危害 This vulnerabilit…

漏洞类别：SUSE 漏洞等级： 漏洞信息 SUSE has released security update for zlib to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 漏洞危害 This vulnerabilit…

漏洞类别：RedHat 漏洞等级： 漏洞信息 The kernel packages contain the Linux kernel, the core of any Linux operating system. A flaw was found in the way the Linux kernel's networking subsystem handled offloaded packets with multiple layers of encapsulation in the GRO (Generic…

漏洞类别：RedHat 等级： 漏洞信息 The systemd packages contain systemd, a system and service manager for Linux, compatible with the SysV and LSB init scripts. A flaw was found in the way systemd handled empty notification messages. A local attacker could use this flaw to m…

漏洞类别：Fedora 漏洞等级： 漏洞信息 Fedora has released security update for gd to fix the vulnerability. Affected OS: Fedora 25 Fedora 24 漏洞危害 Sucessful exploitation can lead to denial of service. 解决方案 Fedora has issued updated packages to fix this vulnerability. Updates c…

漏洞类别：Fedora 漏洞等级： 漏洞信息 Fedora has released security update for gstreamer-plugins-good to fix the vulnerability. Affected OS: Fedora 25 Fedora 24 漏洞危害 A remote attacker could use these flaws to cause an application using GStreamer to crash or, potentially, exec…

漏洞类别：Debian 漏洞等级： 漏洞信息 Debian has released security update for pcsc-lite to fix the vulnerabilities. 漏洞危害 Successful exploitation of the vulnerabilities will allow denial of service or potentially privilege escalation. 解决方案 Refer to Debian security advisory DS…

漏洞类别：Amazon Linux 漏洞等级： 漏洞信息 It was discovered that the sudo noexec restriction could have been bypassed if application run via sudo executed system() or popen() C library functions with a user supplied argument. A local user permitted to run such application …

漏洞类别：Amazon Linux 漏洞等级： 漏洞信息 The following security-related issues were resolved: CVE-2016-7426 : Client rate limiting and server responses CVE-2016-7429 : Attack on interface selection CVE-2016-7433 : Broken initial sync calculations regression CVE-2016-9310 …

漏洞类别：Amazon Linux .漏洞等级： 漏洞信息 A flaw was found in the Linux kernel key management subsystem in which a local attacker could crash the kernel or corrupt the stack and additional memory (denial of service) by supplying a specially crafted RSA key. This flaw pani…

漏洞类别：Local 漏洞等级： 漏洞信息 Plone is an open source Content Management System available for multiple platforms. A design vulnerability has been identified in Plone. Further details are not available at the time of this writing. Affected Versions: All supported Plone…

漏洞类别：Local .漏洞等级： 漏洞信息 Puppet is IT automation software that helps system administrators manage infrastructure throughout its lifecycle, from provisioning and configuration to orchestration and reporting. When making REST api calls, the puppet master takes YAM…

漏洞类别：CGI 漏洞等级： 漏洞信息 Resin is a Java Application Server for high traffic sites that require speed and scalability. Resin Application Server is exposed to following vulnerabilities: 1) Resin Application Server is prone to a source code disclosure vulnerability. …