漏洞类别：RedHat 漏洞等级： 漏洞信息 Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. It was found that Apache Lucene would accept an object from an unauthenticated user that could be manipulated throug…

漏洞类别：RedHat 漏洞等级： 漏洞信息 The jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services (AWS) Elastic Compute Cloud (EC2). It was found that while parsing the SAML messages the StaxParserUtil class…

漏洞类别：RedHat 漏洞等级： 漏洞信息 Red Hat JBoss Enterprise Application Platform is a platform for Java applications based on the JBoss Application Server. It was found that while parsing the SAML messages the StaxParserUtil class of Picketlink replaces special strings fo…

漏洞类别：RedHat 漏洞等级： 漏洞信息 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. It was discovered that the httpd's mod_auth_digest module did not properly initialize memory before using it when processing certain hea…

漏洞类别：Fedora 漏洞等级： 漏洞信息 Fedora has released security update for kernel to fix the vulnerability. Affected OS: Fedora 26 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Fedora has issued updated packages to fix this vulnerability. For…

漏洞类别：RedHat 漏洞等级： 漏洞信息 The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. It was discovered that the httpd's mod_auth_digest module did not properly initialize memory before using it when processing certain hea…

漏洞类别：Local 漏洞等级： 漏洞信息 Arcserve Backup for Windows 16.5 and earlier versions is detected on host. 漏洞危害 The system is at high risk of being exposed to security vulnerabilities. Since the vendor no longer provides updates, obsolete software is highly prone to vul…

漏洞类别：Local 漏洞等级： 漏洞信息 Adobe InDesign is a desktop publishing software application. This update addresses a critical memory corruption vulnerability due to improper handling of a malformed .inx file. Affected Versions: Adobe InDesign 12.1.0 and earlier versions…

漏洞类别：Local 漏洞等级： 漏洞信息 Firefox is a free and open-source web browser developed for Windows, OS X, and Linux, with a mobile version for Android. Multiple vulnerabilities were reported in Mozilla Firefox.Cross-origin URL information leak through Resource Timing A…

漏洞类别：Local 漏洞等级： 漏洞信息 Adobe Photoshop is an application that allows users to view and edit various graphic formats. Adobe has released an update for Photoshop CC which fixes the following issues: - This update resolves a critical memory corruption vulnerabilit…

漏洞类别：Local 漏洞等级： 漏洞信息 The Adobe DNG Converter enables you to easily convert camera-specific raw files from supported cameras to a more universal DNG raw file. Adobe DNG Converter is vulnerable to memory corruption vulnerability that could be used by an attacke…

漏洞类别：CGI 漏洞等级： 漏洞信息 WordPress is an open source blogging tool and content management system based on PHP and MySQL. It has many features including a plug-in architecture and a template system. The Duplicator plugin gives WordPress users an ability to migrate, …

漏洞类别：CGI 漏洞等级： 漏洞信息 WordPress is an open source blogging tool and content management system based on PHP and MySQL. It has many features including a plug-in architecture and a template system. User Login History easily tracks user login with the multiple attri…

漏洞类别：CGI 漏洞等级： 漏洞信息 WordPress is an open source blogging tool and content management system based on PHP and MySQL. It has many features including a plug-in architecture and a template system. Ultimate Form Builder Lite is a WordPress Plugin which allows you t…

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 It was discovered that PostgreSQL incorrectly handled memory when processing certain JSON functions. It was discovered that PostgreSQL incorrectly enforced SELECT privileges when processing INSERT ... ON CONFLICT DO UPDATE commands. 漏洞危害…

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 It was discovered that Perl incorrectly handled certain regular expressions. 漏洞危害 An attacker could use this issue to cause Perl to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2017-12837, CVE-2017-12…

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 It was discovered that the postgresql-common pg_ctlcluster script incorrectly handled symlinks. It was discovered that the postgresql-common helper scripts incorrectly handled symlinks. 漏洞危害 A local attacker could possibly use this issue…

漏洞类别：VMware 漏洞等级： 漏洞信息 VMware vCenter is the centralized management tool for the vSphere suite. The target is missing Update U3a, which corrects the following security issue: VMware products running JRE 1.7 Update 75 or newer and JRE 1.6 Update 91 or newer are…

漏洞类别：RedHat 漏洞等级： 漏洞信息 Redis is an advanced key-value store. A permissions flaw was found in redis, which sets weak permissions on certain files and directories that could potentially contain sensitive information. A local, unprivileged user could possibly use…

漏洞类别：RedHat 漏洞等级： 漏洞信息 The flash-plugin package contains a Mozilla Firefox compatible Adobe Flash Player web browser plug-in. This update fixes multiple vulnerabilities in Adobe Flash Player. These vulnerabilities, detailed in the Adobe Security Bulletin liste…

漏洞类别：RedHat 漏洞等级： 漏洞信息 The kernel packages contain the Linux kernel, the core of any Linux operating system. A race condition issue leading to a use-after-free flaw was found in the way the raw packet sockets are implemented in the Linux kernel networking subs…

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 It was discovered that Irssi incorrectly handled messages with invalid time stamps. It was discovered that Irssi incorrectly handled the internal nick list. It was discovered that Irssi incorrectly removed destroyed channels from the que…

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 It was discovered that Wget incorrectly handled certain HTTP responses. It was discovered that Wget incorrectly handled recursive or mirroring mode. It was discovered that Wget incorrectly handled CRLF sequences in HTTP headers. 漏洞危害 A r…

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 It was discovered that Werkzeug did not properly handle certain web scripts. 漏洞危害 A remote attacker could use this to inject arbitrary code via a field that contains an exception message. 解决方案 Refer to Ubuntu advisory USN-3463-1 for affe…

漏洞类别：Cisco 漏洞等级： 漏洞信息 The DHCP relay subsystem of Cisco IOS and Cisco IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system. The attacker could also c…