漏洞类别:Local 漏洞等级: 漏洞信息 Adobe Flash Player is a Cross-platform plugin plays animations, videos and sound files in .SWF format. These vulnerabilities that could potentially allow an attacker to take control of the affected system. (CVE-2017-11281,CVE-2017-11282) …
漏洞类别:Office Application 漏洞等级: 漏洞信息 Microsoft released security updates that resolve vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. The following updates were released in September 201…
漏洞类别:RedHat 漏洞等级: 漏洞信息 The bluez packages contain the following utilities for use in Bluetooth applications: hcitool, hciattach, hciconfig, bluetoothd, l2ping, start scripts (Red Hat), and pcmcia configuration files. An information-disclosure flaw was found in…
漏洞类别:RedHat 漏洞等级: 漏洞信息 The kernel packages contain the Linux kernel, the core of any Linux operating system. A stack buffer overflow flaw was found in the way the Bluetooth subsystem of the Linux kernel processed pending L2CAP configuration responses from a cl…
漏洞类别:RedHat 漏洞等级: 漏洞信息 The kernel packages contain the Linux kernel, the core of any Linux operating system. A stack buffer overflow flaw was found in the way the Bluetooth subsystem of the Linux kernel processed pending L2CAP configuration responses from a cl…
漏洞类别:RedHat 漏洞等级: 漏洞信息 The kernel packages contain the Linux kernel, the core of any Linux operating system. A stack buffer overflow flaw was found in the way the Bluetooth subsystem of the Linux kernel processed pending L2CAP configuration responses from a cl…
漏洞类别:RedHat 漏洞等级: 漏洞信息 The kernel packages contain the Linux kernel, the core of any Linux operating system. A stack buffer overflow flaw was found in the way the Bluetooth subsystem of the Linux kernel processed pending L2CAP configuration responses from a cl…
漏洞类别:RedHat 漏洞等级: 漏洞信息 Chromium is an open-source web browser, powered by WebKit (Blink). Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or di…
漏洞类别:Local 漏洞等级: 漏洞信息 IBM Domino (formerly IBM Lotus Domino) is an advanced platform for hosting social business applications. IBM Domino is affected with multiple cross-site scripting vulnerabilities which can be exploited by a remote attacker. Affected Versi…
漏洞类别:Local 漏洞等级: 漏洞信息 HPE Network Automation software automates network configuration and change management (NCCM) from provisioning to policy-based change and security. HPE Network Automation is affected by a Java object deserialization vulnerability in Apach…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for qemu to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Server 12-SP3 SUSE Linux Enterprise Desktop 12-SP3 漏洞危害 This vulnerability can also be used to cause a limited denial of servic…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for evince to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP3 SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server 12-SP3 SUS…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for the linux kernel to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 漏洞危害 This vulnerability could be exploited to g…
漏洞类别:VMware 漏洞等级: 漏洞信息 VMware vCenter is the centralized management tool for the vSphere suite. The target is missing Update 2a, which corrects the following security issue: vCenter Server contains an XML External Entity (XXE) vulnerability in the Log Browser,…
漏洞类别:Hardware 漏洞等级: 漏洞信息 D-Link Router DIR-600 discloses admin credentials via LFI leading to authentication bypass. Affected Routers: D-Link Router DIR-600 firmware version 2.01B1. Older versions may also be affected. Detection Logic (Unauthenticated): This Q…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that an information disclosure vulnerability existed in the Service Discovery Protocol (SDP) implementation in BlueZ. 漏洞危害 A physically proximate unauthenticated attacker could use this to disclose sensitive information…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that file incorrectly handled certain ELF files. 漏洞危害 An attacker could use this to cause file to crash, resulting in a denial of service. 解决方案 Refer to Ubuntu advisory USN-3412-1 for affected packages and patching deta…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It discovered that Bazaar did not properly handle host names in 'bzr+ssh://' URLs. 漏洞危害 A remote attacker could use this to construct a bazaar repository URL that when accessed could run arbitrary code with the privileges of the user. 解决…
漏洞类别:Information gathering 漏洞等级: 漏洞信息 This system currently uses NTLMv2 Authentication. 漏洞危害 解决方案 0daybank
漏洞类别:RedHat 漏洞等级: 漏洞信息 Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. An unsigned integer wrap around that led to a buffer over-read was found when parsing OFPT_QUEUE_GET_…
漏洞类别:RedHat 漏洞等级: 漏洞信息 instack-undercloud provides a collection of scripts and elements that can be used to install an OpenStack undercloud (using python-instack). A flaw was found in instack-undercloud where pre-install and security policy scripts used insecu…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for kernel to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 This vulnerability could be exploited to gain partial access to sensitive information. 解决方案 Fedora has issued updated packages to fix th…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for glibc to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Fedora has issued updated packages to fix this vulnerability. Upda…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for cacti to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 Malicious users could use this vulnerability to change partial contents or configuration on the system. 解决方案 Fedora has issued updated pa…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for dnsdist to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 This vulnerability could be exploited to gain partial access to sensitive information. Malicious users could also use this vulnerabilit…