漏洞类别:OEL 漏洞等级: 漏洞信息 Oracle Enterprise Linux has released security update for unbreakable enterprise kernel to fix the vulnerabilities. Affected Products: Oracle Linux 7 Oracle Linux 6 漏洞危害 Successful exploitation may allow remote attackers to cause a denial of…
漏洞类别:Local 漏洞等级: 漏洞信息 Firefox is a free and open-source web browser developed for Windows, OS X, and Linux, with a mobile version for Android. Multiple vulnerabilities were reported in Mozilla Firefox. A remote user can create specially crafted content that, w…
漏洞类别:Local 漏洞等级: 漏洞信息 Apple macOS Security Update 10.12.2 is not installed. Apple macOS Sierra Security Update 10.12.2 is available to resolve multiple security vulnerabilities. Additional information regarding the update can be found at APPLE-SA-2016-12-13-1.…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that APT incorrectly handled InRelease files. 漏洞危害 If a remote attacker were able to perform a man-in-the-middle attack, this flaw could potentially be used to install altered packages. 解决方案 Refer to Ubuntu advisory USN…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 Multiple security vulnerabilities were discovered in Firefox. 漏洞危害 If a user were tricked in to opening a specially crafted website, an attacker could potentially exploit these to conduct cross-site scripting (XSS) attacks, obtain sensit…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that OpenJDK did not restrict the set of algorithms used for Jar integrity verification. It was discovered that the JMX component of OpenJDK did not sufficiently perform classloader consistency checks. It was discovered…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 Multiple vulnerabilities were discovered in Chromium. Multiple vulnerabilities were discovered in V8. An integer overflow was discovered in ANGLE. 漏洞危害 If a user were tricked in to opening a specially crafted website, an attacker could p…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for firefox-esr to fix the vulnerabilities. 漏洞危害 Successful exploitation may lead to Multiple memory safety errors, buffer overflows and other implementation errors may lead to the execution of arbitra…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for php5 to fix the vulnerabilities. 漏洞危害 Successful exploitation of the vulnerabilities may cause Integer and Buffer overflows 解决方案 Refer to Debian security advisory DSA 3732-1 to address this issue a…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for chromium-browser to fix the vulnerabilities. 漏洞危害 Successful exploitation of the vulnerabilities among other issues may cause: 1. Cross-site scripting 2. Heap Overflows 3. URL spoofing 4. Informati…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for icedove to fix the vulnerabilities. 漏洞危害 Successful exploitation of the vulnerabilities may allow an attacker to cause Multiple memory safety errors, same-origin policy bypass issues, integer overf…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for linux to fix the vulnerabilities. 漏洞危害 Successful exploitation may lead to a denial of service, information leak or privilege escalation. 解决方案 Refer to Debian security advisory DSA 2745-1 to addres…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for openssl to fix the vulnerabilities. 漏洞危害 Successful exploitation may allow an attacker to cause a Denial of Service and a buffer overflow. 解决方案 Refer to Debian security advisory DSA 2998-1 to addre…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for openssl to fix the vulnerabilities. 漏洞危害 Successful exploitation of the vulnerabilities may allow an attacker to inject data from one connection into another or cause denial of service. 解决方案 Refer …
漏洞类别:AIX 漏洞等级: 漏洞信息 AIX is prone to the following vulnerabilities: OpenSSL is vulnerable to a denial of service, caused by the incorrect use of pointer arithmetic for heap-buffer boundary checks.(CVE-2016-2177) OpenSSL could allow a remote attacker to obtain s…
漏洞类别:Windows 漏洞等级: 漏洞信息 Microsoft has released a cumulative security update for Windows. The security update is rated Important for all affected Operating Systems. Microsoft has addressed the vulnerabilities by fixing: 1) How a Windows Crypto Driver handles ob…
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 CVE-2016-8645 kernel: a BUG() statement can be hit in net/ipv4/tcp_input.c It was discovered that the Linux kernel since 3.6-rc1 with net.ipv4.tcp_fastopen; set to 1 can hit BUG() statement in tcp_collapse() function after making a…
CVE
CVE-2016-7867 Microsoft Windows Update for Vulnerabilities in Adobe Flash Player in Internet Explorer (MS16-154)
漏洞类别:Internet Explorer 漏洞等级: 漏洞信息 The update addresses the vulnerabilities which are described in Adobe Security Bulletin APSB16-39, by updating the affected Adobe Flash libraries contained within Internet Explorer 10, Internet Explorer 11, and Microsoft Edge.…
漏洞类别:Local 漏洞等级: 漏洞信息 Adobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux, which address a critical vulnerability that could potentially allow an attacker to take control of the affected system. Affected Versions: Adobe Fla…
漏洞类别:Local 漏洞等级: 漏洞信息 Adobe Digital Editions is an ebook reader software program from Adobe Systems built using Adobe Flash with support for acquiring, managing and reading eBooks, digital newspapers, and other digital publications. The software supports PDF, …
漏洞类别:CGI 漏洞等级: 漏洞信息 Oracle GlassFish Server Open Source Edition is an open source application server. Oracle GlassFish Server Open Source Edition is exposed to following vulnerablities: 1) An unauthenticated local file inclusion vulnerability that can be used …
漏洞类别:SUSE 漏洞等级: 漏洞信息 Suse has released security update for tomcat to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Server 12-SP2 漏洞危害 This vulnerability could be exploited to gain partial access to sensitive information. Malicious users cou…
CVE
CVE-2016-5285 SUSE Enterprise Linux Security Update for MozillaFirefox, mozilla-nss (SUSE-SU-2016:3080-1)
漏洞类别:SUSE 漏洞等级: 漏洞信息 Suse has released security update for mozillafirefox, mozilla-nss to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 漏洞危害 This vulnerability could be exp…
漏洞类别:SUSE 漏洞等级: 漏洞信息 Suse has released security update for tomcat to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Server 12-SP1 漏洞危害 This vulnerability could be exploited to gain partial access to sensitive information. Malicious users cou…
漏洞类别:SUSE 漏洞等级: 漏洞信息 Suse has released security update for java-1_8_0-ibm to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12…