漏洞类别:Backdoors and trojan horses 漏洞等级: 漏洞信息 WinJank/WinShell is a Trojan Horse that provides an attacker with unobstructed access to a target. By default WinShell/WinJack trojan listen on TCP port 5277. QID Detection Logic: This detection looks for the banner …
漏洞类别:CGI 漏洞等级: 漏洞信息 A configuration file for web applications was detected, containing data about how the web application will act. This file may also include information about module loading, security configuration, session state configuration, and applicatio…
漏洞类别:CGI 漏洞等级: 漏洞信息 XML-RPC is a remote procedure call (RPC) protocol which uses XML to encode its calls and HTTP as a transport mechanism. "XML-RPC" also refers generically to the use of XML for remote procedure call, independently of the specific protocol. I…
漏洞类别:SMB / NETBIOS 漏洞等级: 漏洞信息 A Null session is an anonymous connection to an inter-process communication network service on Windows-based computers. The service is designed to allow named pipe connections but may be used by attackers to remotely gather inform…
漏洞类别:CGI 漏洞等级: 漏洞信息 Action Controller Exception Error on web page found on remote host. Request to the web page results in Action Controller exception. QID detection logic (unauthenticated): The web page is queried for Action Controller Exception. 漏洞危害 An atta…
漏洞类别:General remote services 漏洞等级: 漏洞信息 The Managed Object Browser, or MOB, is a Web-based server application available for all ESX/ESXi and vCenter Server systems. The MOB lets you examine the objects that exist on the server and navigate through the hierarch…
漏洞类别:CGI 漏洞等级: 漏洞信息 Cross-site scripting (XSS) vulnerability in Action View in Ruby on Rails 3.x before 3.2.22.3, 4.x before 4.2.7.1, and 5.x before 5.0.0.1 might allow remote attackers to inject arbitrary web script or HTML via text declared as "HTML safe" an…
漏洞类别:CGI‘ ’漏洞等级: 漏洞信息 Cross-site scripting (XSS) vulnerability in "json/encoding.rb" in Active Support in Ruby on Rails 3.x and 4.1.x before 4.1.11 and 4.2.x before 4.2.2 allows remote attackers to inject arbitrary web script or HTML via a crafted Hash that is…
CVE
漏洞编号:CVE-2016-5483 OpenSUSE Security Update for mysql-community-server (openSUSE-SU-2017:1209-1)
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for mysql-community-server to fix the vulnerabilities. Affected Products: openSUSE Leap 42.2 openSUSE Leap 42.1 漏洞危害 This vulnerability can also be used to cause a complete denial of service and could rend…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for ghostscript to fix the vulnerabilities. Affected Products: openSUSE Leap 42.2 openSUSE Leap 42.1 漏洞危害 This vulnerability could be exploited to gain partial access to sensitive information. Malicious us…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for quagga to fix the vulnerabilities. Affected Products: openSUSE Leap 42.1 漏洞危害 This vulnerability can also be used to cause a complete denial of service and could render the resource completely unavaila…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for tcpdump, libpcap to fix the vulnerabilities. Affected Products: openSUSE Leap 42.2 openSUSE Leap 42.1 漏洞危害 This vulnerability could be exploited to gain partial access to sensitive information. Malicio…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for mozillathunderbird to fix the vulnerabilities. Affected Products: openSUSE Leap 42.2 openSUSE Leap 42.1 漏洞危害 This vulnerability could be exploited to gain partial access to sensitive information. Malic…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for chromium to fix the vulnerabilities. Affected Products: openSUSE Leap 42.2 openSUSE Leap 42.1 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Upgrade to the latest packages …
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for graphicsmagick to fix the vulnerabilities. Affected Products: openSUSE Leap 42.1 漏洞危害 This vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource a…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for weechat to fix the vulnerabilities. Affected Products: openSUSE Leap 42.2 漏洞危害 This vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availabi…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for virtualbox to fix the vulnerabilities. Affected Products: openSUSE Leap 42.1 漏洞危害 This vulnerability could be exploited to gain complete access to sensitive information. Malicious users could also use …
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for the linux kernel to fix the vulnerabilities. Affected Products: openSUSE Leap 42.2 漏洞危害 This vulnerability can also be used to cause a complete denial of service and could render the resource completel…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for feh to fix the vulnerabilities. Affected Products: openSUSE Leap 42.2 openSUSE Leap 42.1 漏洞危害 This vulnerability could be exploited to gain partial access to sensitive information. Malicious users coul…
CVE
漏洞编号:CVE-2017-7308 Oracle Enterprise Linux Security Update for Unbreakable Enterprise kernel (ELSA-2017-3579)
漏洞类别:OEL 漏洞等级: 漏洞信息 Oracle Enterprise Linux has released security update for unbreakable enterprise kernel to fix the vulnerabilities. Affected Products: Oracle Linux 7 Oracle Linux 6 漏洞危害 This vulnerability could be exploited to gain complete access to sensit…
漏洞类别:Backdoors and trojan horses 漏洞等级: 漏洞信息 Pandemic is a tool which is run as kernel shellcode to install a file system filter driver, which will 'replace' a target file with the given payload file when a remote user accesses the file via SMB (read-only, not …
漏洞类别:CentOS 漏洞等级: 漏洞信息 CentOS has released security update for nss to fix the vulnerabilities. Affected Products: centos 7 漏洞危害 Successful exploitation allows an attacker to compromise the system. 解决方案 To resolve this issue, upgrade to the latest packages whic…
漏洞类别:CentOS 漏洞等级: 漏洞信息 CentOS has released security update for nss to fix the vulnerabilities. Affected Products: centos 6 漏洞危害 Successful exploitation allows an attacker to compromise the system. 解决方案 To resolve this issue, upgrade to the latest packages whic…
漏洞类别:CentOS 漏洞等级: 漏洞信息 CentOS has released security update for kernel to fix the vulnerabilities. Affected Products: centos 6 漏洞危害 This vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availability. 解…
漏洞类别:CentOS 漏洞等级: 漏洞信息 CentOS has released security update for sudo to fix the vulnerabilities. Affected Products: centos 6 centos 7 漏洞危害 Successful exploitation allows an attacker to compromise the system. 解决方案 To resolve this issue, upgrade to the latest pac…