漏洞类别：RedHat 漏洞等级：  漏洞信息 Mutt is a low resource, highly configurable, text-based MIME e-mail client. Mutt supports most e-mail storing formats, such as mbox and Maildir, as well as most protocols, including POP3 and IMAP. Security Fixes: mutt: Remote code injec…

漏洞类别：RedHat 漏洞等级：  漏洞信息 memcached is a high-performance, distributed memory object caching system, generic in nature, but intended for use in speeding up dynamic web applications by alleviating database load.Security fix(es): memcached: UDP server support allo…

漏洞类别：RedHat 漏洞等级：  漏洞信息 OpenStack Compute (nova) launches and schedules large networks of virtualmachines, creating a redundant and scalable cloud computing platform. Compute provides the software, control panels, and APIs required toorchestrate a cloud, inclu…

漏洞类别：RedHat 漏洞等级：  漏洞信息 The OpenStack Identity service (keystone) authenticates and authorizes OpenStack users by keeping track of users and their permitted activities. The Identity service supports multiple forms of authentication, including user name and pas…

漏洞类别：RedHat 漏洞等级：  漏洞信息 Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Security Fixes: dpdk: Information exposure in unchecked guest physical to host virtual address trans…

漏洞类别：RedHat 漏洞等级：  漏洞信息 Red Hat JBoss Enterprise Application Platform is a platform for Javaapplications based on the JBoss Application Server. This release of Red Hat JBoss Enterprise Application Platform 7.1.4 serves as a replacement for Red Hat JBoss Enterp…

漏洞类别：Ubuntu 漏洞等级：  漏洞信息 It was discovered that OpenJDK did not properly validate types in some situations. It was discovered that the PatternSyntaxException class in OpenJDK did not properly validate arguments passed to it. It was discovered a vulnerability in…

漏洞类别：Ubuntu 漏洞等级：  漏洞信息 It was discovered that APT incorrectly handled the mirror method (mirror://). 漏洞危害 If a remote attacker were able to perform a man-in-the-middle attack, this flaw could potentially be used to install altered packages in environments con…

漏洞类别：Ubuntu 漏洞等级：  漏洞信息 It was discovered that wpa_supplicant and hostapd incorrectly handled certain messages. 漏洞危害 An attacker could possibly use this to access sensitive information. 解决方案 Refer to Ubuntu advisory USN-3745-1 for affected packages and patchin…

漏洞类别：VMware 漏洞等级：  漏洞信息 VMware vCenter is the centralized management tool for the vSphere suite. VMware vCenter is affected by the following vulnerability: This issue may allow a malicious VM running on a given CPU core to effectively read the hypervisor or an…

漏洞类别：VMware 漏洞等级：  漏洞信息 VMware vCenter is the centralized management tool for the vSphere suite. VMware vCenter is affected by the following vulnerability: This issue may allow a malicious VM running on a given CPU core to effectively read the hypervisor or an…

漏洞类别：Debian 漏洞等级：  漏洞信息 Debian has released security update for intel-microcode to fix the vulnerabilities. 漏洞危害 This vulnerability could be exploited to gain complete access to sensitive information. 解决方案 Refer to Debian security advisory DSA 4273-1 to addres…

漏洞类别：General remote services 漏洞等级：  漏洞信息 An SSL certificate associates an entity (person, organization, host, etc.) with a public key. In an SSL connection a client authenticates the remote server using the server's certificate and extracts the public key in t…

漏洞类别：General remote services 漏洞等级：  漏洞信息 OCSP (Online Certificate Status Protocol) is a protocol to determine the status of an SSL certificate, specifically whether a certificate has been revoked by the issuing certificate authority. SSL servers can provide th…

漏洞类别：General remote services 漏洞等级：  漏洞信息 SSL Certificate Transparency is an industry effort to improve visibility into the process of how certificate authorities issue certificates. It is designed to allow the owners of domain names to find all certificates th…

漏洞类别：Local 漏洞等级：  漏洞信息 Apache Struts is an open-source Model-View-Controller (MVC) framework for creating elegant, modern Java web applications. The vulnerability exists when using result type with no namespace and in same time, its upper action(s) have no or …

漏洞类别：CGI 漏洞等级：  漏洞信息 Apache Struts is an open-source Model-View-Controller (MVC) framework for creating elegant, modern Java web applications. The vulnerability exists when using result type with no namespace and in same time, its upper action(s) have no or wi…

漏洞类别：SUSE 漏洞等级：  漏洞信息 SUSE has released security update for xen to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 漏洞危害 This vulnerability could be exploited to gain complete…

漏洞类别：SUSE 漏洞等级：  漏洞信息 SUSE has released security update for podofo to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP3 SUSE Linux Enterprise Desktop 12-SP3 漏洞危害 This vulnerability could be exploited to gain part…

漏洞类别：SUSE 漏洞等级：  漏洞信息 SUSE has released security update for ceph to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP3 SUSE Linux Enterprise Server 12-SP3 SUSE Linux Enterprise Desktop 12-SP3 漏洞危害 This vulnerabili…

漏洞类别：SUSE 漏洞等级：  漏洞信息 SUSE has released security update for gtk2 to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 漏洞危害 This vulnerability could be exploited to gain partial…

漏洞类别：SUSE 漏洞等级：  漏洞信息 SUSE has released security update for libcgroup to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP3 SUSE Linux Enterprise Server 12-SP3 SUSE Linux Enterprise Desktop 12-SP3 漏洞危害 This vulner…

漏洞类别：CGI 漏洞等级：  漏洞信息 A Denial of Service exists in PAN-OS Management Web Interface that allows an authenticated user to shut down all management sessions, resulting in all logged in users to be redirected to the login page. This vulnerability can be triggered …

漏洞类别：CGI 漏洞等级：  漏洞信息 Atlassian FishEye is the on-premise source code repository browser for enterprise teams. It provides your developers with advanced browsing and search for SVN, Git, Mercurial, Perforce and CVS code repositories, from any web browser. Atlas…

漏洞类别：Ubuntu 漏洞等级：  漏洞信息 It was discovered that the MOTD update script incorrectly handled temporary files. 漏洞危害 A local attacker could use this issue to cause a denial of service, or possibly escalate privileges if kernel symlink restrictions were disabled. 解决…