漏洞类别：CGI 漏洞等级： 漏洞信息 Drupal is a free and open-source content management framework written in PHP and distributed under the GNU General Public License. It is also used for knowledge management and business collaboration. Drupal contains the following security v…

漏洞类别：OEL 漏洞等级： 漏洞信息 Oracle Enterprise Linux has released security update for kernel to fix the vulnerabilities. Affected Product: Oracle Linux 7 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 To resolve this issue, upgrade to the l…

漏洞类别：Debian 漏洞等级： 漏洞信息 Debian has released security update for newsbeuter to fix the vulnerabilities. 漏洞危害 Successful exploitation of the vulnerability will allow a remote attacker to run an arbitrary shell command on the client machine. 解决方案 Refer to Debian s…

漏洞类别：Debian 漏洞等级： 漏洞信息 Debian has released security update for libmspack to fix the vulnerabilities. 漏洞危害 This vulnerability could be exploited to gain partial access to sensitive information. Malicious users could also use this vulnerability to change partial…

漏洞类别：Debian 漏洞等级： 漏洞信息 Debian has released security update for mariadb-10.0 to fix the vulnerabilities. 漏洞危害 This vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availability. 解决方案 Refer to Debian se…

漏洞类别：Local 漏洞等级： 漏洞信息 A potential security vulnerability was identified in HPE Network Node Manager i (NNMi) Software. The vulnerability can result in local code execution Affected Software: HPE Network Node Manager i (NNMi) Software 10.00, 10.01, 10.10, 10.20…

漏洞类别：RedHat 漏洞等级： 漏洞信息 OpenStack Networking (neutron) is a pluggable, scalable, and API-driven system that provisions networking services to virtual machines. A race-condition flaw was discovered in openstack-neutron where, following a minor overcloud update, …

漏洞类别：RedHat 漏洞等级： 漏洞信息 Mercurial is a fast, lightweight source control management system designed for efficient handling of very large distributed projects. A vulnerability was found in the way Mercurial handles path auditing and caches the results. An attacke…

漏洞类别：Local 漏洞等级： 漏洞信息 Foxit Reader is a multilingual freemium PDF tool that can create, view, edit, digitally sign, and print PDF files. Foxit Reader is prone to the following vulnerabilities: A. Foxit Reader launchURL Command Injection Remote Code Execution V…

漏洞类别：OEL 漏洞等级： 漏洞信息 Oracle Enterprise Linux has released security update for unbreakable enterprise kernel to fix the vulnerabilities. Affected Products: Oracle Linux 6 漏洞危害 This vulnerability could be exploited to gain complete access to sensitive information…

漏洞类别：Local 漏洞等级： 漏洞信息 A privilege escalation vulnerability affects IBM Reliable Scalable Cluster Technology shipped with IBM Tivoli System Automation for Multiplatforms. Affected Products: IBM Tivoli System Automation for Multiplatforms 4.1 and 3.2.2.9. QID De…

漏洞类别：OEL 漏洞等级： 漏洞信息 Oracle Enterprise Linux has released security update for mercurial to fix the vulnerabilities. Affected Products: Oracle Linux 7 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 To resolve this issue, upgrade to t…

漏洞类别：OEL 漏洞等级： 漏洞信息 Oracle Enterprise Linux has released security update for groovy to fix the vulnerabilities. Affected Products: Oracle Linux 7 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 To resolve this issue, upgrade to the …

漏洞类别：OEL 漏洞等级： 漏洞信息 Oracle Enterprise Linux has released security update for git to fix the vulnerabilities. Affected Products: Oracle Linux 6 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 To resolve this issue, upgrade to the lat…

漏洞类别：Fedora 漏洞等级： 漏洞信息 Fedora has released security update for nasm to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 This vulnerability could be exploited to gain partial access to sensitive information. Malicious users could also use this vulnerability t…

漏洞类别：Local 漏洞等级： 漏洞信息 ElasticSearch Logstash is an open source, server-side data processing pipeline that ingests data from a multitude of sources simultaneously, transforms it, and then sends it to your favorite 'stash'. Prior to version 2.1.2, the CSV output…

漏洞类别：Local 漏洞等级： 漏洞信息 ElasticSearch Logstash is an open source, server-side data processing pipeline that ingests data from a multitude of sources simultaneously, transforms it, and then sends it to your favorite 'stash'. Prior to version 2.3.4, Elasticsearch …

漏洞类别：Local 漏洞等级： 漏洞信息 ElasticSearch Logstash is an open source, server-side data processing pipeline that ingests data from a multitude of sources simultaneously, transforms it, and then sends it to your favorite 'stash'. In Logstash versions prior to 2.3.3, w…

漏洞类别：Hardware 漏洞等级： 漏洞信息 Juniper JUNOS is the network operating system used in Juniper Networks hardware systems. MACsec feature on Juniper Networks Junos OS 15.1X49 prior to 15.1X49-D100 on SRX300 series does not report errors when a secure link can not be es…

漏洞类别：Hardware 漏洞等级： 漏洞信息 Juniper JUNOS is the network operating system used in Juniper Networks hardware systems. An MS-MPC or MS-MIC Service PIC may crash when large fragmented packets are passed through an Application Layer Gateway (ALG). Repeated crashes of…

漏洞类别：General remote services 漏洞等级： 漏洞信息 Multiple Vulnerabilities have been reported in OpenSSH. - The kbdint_next_device function in auth2-chall.c in sshd in OpenSSH through 6.9 does not properly restrict the processing of keyboard-interactive devices within a…

漏洞类别：SUSE 漏洞等级： 漏洞信息 SUSE has released security update for gnome-shell to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP3 SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server 12-SP…

漏洞类别：SUSE 漏洞等级： 漏洞信息 SUSE has released security update for openvswitch to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Server 12-SP3 漏洞危害 This vulnerability could be exploited to gain partial access to sensitive information. Malicious user…

漏洞类别：SUSE 漏洞等级： 漏洞信息 SUSE has released security update for freeradius-server to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP3 SUSE Linux Enterprise Server 12-SP3 漏洞危害 This vulnerability could be exploited to …

漏洞类别：SUSE 漏洞等级： 漏洞信息 SUSE has released security update for libplist to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP3 SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server 12-SP3 S…