漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for yodl to fix the vulnerabilities. Affected Products: openSUSE Leap 42.2 漏洞危害 This vulnerability could be exploited to gain partial access to sensitive information. Malicious users could also use this vu…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for the linux kernel to fix the vulnerabilities. Affected Products: openSUSE Leap 42.2 漏洞危害 This vulnerability could be exploited to gain complete access to sensitive information. Malicious users could als…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for graphicsmagick to fix the vulnerabilities. Affected Products: openSUSE Leap 42.2 漏洞危害 This vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource a…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for libxml2 to fix the vulnerabilities. Affected Products: openSUSE Leap 42.2 漏洞危害 This vulnerability could be exploited to gain partial access to sensitive information. Malicious users could also use this…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for java-1_8_0-openjdk to fix the vulnerabilities. Affected Products: openSUSE Leap 42.2 漏洞危害 This vulnerability can also be used to cause a complete denial of service and could render the resource complet…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for gajim to fix the vulnerabilities. Affected Products: openSUSE Leap 42.2 漏洞危害 This vulnerability could be exploited to gain partial access to sensitive information. 解决方案 Upgrade to the latest packages w…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for irssi to fix the vulnerabilities. Affected Products: openSUSE Leap 42.2 漏洞危害 This vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availabili…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for deluge to fix the vulnerabilities. Affected Products: openSUSE Leap 42.2 漏洞危害 This vulnerability could be exploited to gain partial access to sensitive information. Malicious users could also use this …
漏洞类别:RedHat 漏洞等级: 漏洞信息 Mozilla Thunderbird is a standalone mail and newsgroup client. Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitr…
漏洞类别:Local 漏洞等级: 漏洞信息 iTunes is a digital media player application for Mac OS and Windows developed by Apple. Apple iTunes for Windows is prone to a memory corruption vulnerability that may cause Arbitrary Code Execution or Denial of Service. Affected Versions…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for glibc to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 An attacker could use this flaw to jump over the stack guard gap, cause controlled memory corruption on process stack or the adjacent mem…
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 Apache HTTP Request Parsing Whitespace Defects It was discovered that the HTTP parser in httpd incorrectly allowed certain characters not permitted by the HTTP protocol specification to appear unencoded in HTTP request headers. If …
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 The ourWriteOut function in tool_writeout.c in curl 7.53.1 might allow physically proximate attackers to obtain sensitive information from process memory in opportunistic circumstances by reading a workstation screen during use of …
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 Unsafe YAML deserialization: Versions of Puppet prior to 4.10.1 will deserialize data off the wire (from the agent to the server, in this case) with a attacker-specified format. This could be used to force YAML deserialization in a…
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 Null pointer dereference when handling empty SSLv2 messages: A null pointer dereference flaw was found in the way NSS handled empty SSLv2 messages. An attacker could use this flaw to crash a server application compiled against the …
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 Unspecified tests in Lynis before 2.5.0 allow local users to write to arbitrary files or possibly gain privileges via a symlink attack on a temporary file. (CVE-2017-8108 ) 漏洞危害 Allows unauthorized disclosure of information; allows…
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 Module reference leak due to improper shut down of callback channel on umount: The NFSv4 implementation in the Linux kernel through 4.11.1 allows local users to cause a denial of service (resource consumption) by leveraging imprope…
漏洞类别:Hardware 漏洞等级: 漏洞信息 Aruba Networks provides data networking solutions for enterprises and businesses worldwide. ArubaOS suffers from multiple vulnerabilities: Buffer Over-read Leads to Information Disclosure CVE-2015-8605: DHCP Denial of Service Vulnerabi…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for golang to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Fedora has issued updated packages to fix this vulnerability. Upd…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for thunderbird to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 Successful exploitation of the vulnerability will lead to denial of service or execution of arbitrary code. 解决方案 Fedora has issued …
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that 64-bit block ciphers are vulnerable to a birthday attack. It was discovered that OpenVPN incorrectly handled rollover of packet ids. It was discovered that OpenVPN incorrectly handled certain malformed IPv6 packets…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that Valgrind incorrectly handled certain string operations. It was discovered that Valgrind incorrectly handled parsing certain binaries. 漏洞危害 If a user or automated system were tricked into processing a specially craf…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that NSS incorrectly handled certain empty SSLv2 messages. 漏洞危害 A remote attacker could possibly use this issue to cause NSS to crash, resulting in a denial of service. 解决方案 Refer to Ubuntu advisory USN-3336-1 for affec…
漏洞类别:Information gathering 漏洞等级: 漏洞信息 Cisco Prime Data Center Network Manager is present on remote host. 漏洞危害 解决方案 上一篇:McAfee Data Loss Prevention Endpoint Agent not Installed 0daybank
漏洞类别:CGI 漏洞等级: 漏洞信息 WordPress is an open source blogging tool and content management system based on PHP and MySQL. It has many features including a plug-in architecture and a template system. WordPress could allow a remote attacker to obtain sensitive …