漏洞类别:Hardware 漏洞等级: 漏洞信息 Juniper JUNOS is the network operating system used in Juniper Networks hardware systems. On all vSRX and SRX Series devices, when the DHCP or DHCP relay is configured, specially crafted packet might cause the flowd process to crash, ha…
漏洞类别:Hardware 漏洞等级: 漏洞信息 Potential security vulnerabilities have been identified with HP A5120-48G-PoE+ EI Switch switches. A remote user with knowledge of the SNMP public community string can access potentially sensitive data (e.g., user names, passwords) in …
漏洞类别:RedHat 漏洞等级: 漏洞信息 The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for v…
漏洞类别:RedHat 漏洞等级: 漏洞信息 IBM Java SE version 6 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further …
漏洞类别:Hardware 漏洞等级: 漏洞信息 Juniper JUNOS is the network operating system used in Juniper Networks hardware systems. By flooding a router with specially crafted IPv6 traffic, all available resources can be consumed, leading to the inability to store next hop info…
漏洞类别:Hardware 漏洞等级: 漏洞信息 Juniper JUNOS is the network operating system used in Juniper Networks hardware systems. On Junos OS devices with SNMP enabled, a network based attacker with unfiltered access to the RE can cause the Junos OS snmpd daemon to crash and …
漏洞类别:Hardware 漏洞等级: 漏洞信息 Juniper JUNOS is the network operating system used in Juniper Networks hardware systems. libgd is an open-source image library which is bundled with PHP version 4.3 and above. An integer signedness vulnerability exists in libgd 2.1.1 w…
漏洞类别:Hardware 漏洞等级: 漏洞信息 Juniper JUNOS is the network operating system used in Juniper Networks hardware systems. The asn1_time_to_time_t function in ext/openssl/openssl.c in PHP does not properly parse (1) notBefore and (2) notAfter timestamps in X.509 certif…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that Augeas incorrectly handled certain strings. 漏洞危害 An attacker could use this issue to cause Augeas to crash, leading to a denial of service, or possibly execute arbitrary code. 解决方案 Refer to Ubuntu advisory USN-3400…
漏洞类别:Firewall 漏洞等级: 漏洞信息 pfSense is an open-source firewall/router which based on FreeBSD. pfsense can be deployed as a perimeter firewall, router, wireless access point, DHCP server, DNS server and VPN endpoint. The WebGUI in pfSense is affected with XSS vuln…
漏洞类别:Firewall 漏洞等级: 漏洞信息 pfSense is an open-source firewall/router which based on FreeBSD. pfsense can be deployed as a perimeter firewall, router, wireless access point, DHCP server, DNS server and VPN endpoint. The WebGUI in pfSense is affected with XSS and …
漏洞类别:Firewall 漏洞等级: 漏洞信息 pfSense is an open-source firewall/router which based on FreeBSD. pfsense can be deployed as a perimeter firewall, router, wireless access point, DHCP server, DNS server and VPN endpoint. The WebGUI in pfSense is affected with Command-…
漏洞类别:Firewall 漏洞等级: 漏洞信息 pfSense is an open-source firewall/router which based on FreeBSD. pfsense can be deployed as a perimeter firewall, router, wireless access point, DHCP server, DNS server and VPN endpoint. The WebGUI in pfSense is affected with Command-…
漏洞类别:Firewall 漏洞等级: 漏洞信息 pfSense is an open-source firewall/router which based on FreeBSD. pfsense can be deployed as a perimeter firewall, router, wireless access point, DHCP server, DNS server and VPN endpoint. The WebGUI in pfSense is affected with XSS vuln…
漏洞类别:Firewall 漏洞等级: 漏洞信息 pfSense is an open-source firewall/router which based on FreeBSD. pfsense can be deployed as a perimeter firewall, router, wireless access point, DHCP server, DNS server and VPN endpoint. The WebGUI in pfSense is affected with a local …
漏洞类别:Firewall 漏洞等级: 漏洞信息 pfSense is an open-source firewall/router which based on FreeBSD. pfsense can be deployed as a perimeter firewall, router, wireless access point, DHCP server, DNS server and VPN endpoint. The WebGUI in pfSense is affected with multiple…
CVE
CVE-2017-6757 Cisco Unified Communications Manager SQL Injection Vulnerability (cisco-sa-20170802-ucm)
漏洞类别:Cisco 漏洞等级: 漏洞信息 A vulnerability in Cisco Unified Communications Manager could allow an authenticated, remote attacker to conduct a blind SQL injection attack. The vulnerability is due to a failure to validate user-supplied input used in SQL queries that …
漏洞类别:Proxy 漏洞等级: 漏洞信息 Squid Proxy is a freely available open source Web proxy software package. It is designed for use on Unix,Linux and Windows platforms. Squid cachemgr.cgi tool is vulnerable to a buffer overflow vulnerability due to improper input validatio…
漏洞类别:Local 漏洞等级: 漏洞信息 IBM WebSphere MQ Internet Pass-Thru is product extention for WebSphere MQ which is used to implement messaging solutions between remote sites. IBM WebSphere MQ Internet Pass-Thru is prone to Denial of Service vulnerability if the security…
漏洞类别:Local 漏洞等级: 漏洞信息 IBM WebSphere Application Server is designed to facilitate the creation of various enterprise Web applications. The PasswordUtil command (introduced in v9.0.04) used to enable AES encryption leads to weaker than exprected security since s…
漏洞类别:Solaris 漏洞等级: 漏洞信息 Solaris has released a patch to fix a denial of service vulnerability in libpng. The vulnerability allows context-dependent attackers to cause a NULL pointer dereference vectors involving loading a text chunk into a png structure, remov…
漏洞类别:Database 漏洞等级: 漏洞信息 IBM DB2 Command Line Process (CLP) is vulnerable to a stack based buffer overflow, caused by improper bounds checking which could allow a local attacker to execute arbitrary code. Affected Versions:- DB2 versions 9.7 prior to Fix Pack …
漏洞类别:Backdoors and trojan horses 漏洞等级: 漏洞信息 Mamba is an ransomware, which post infection overwrites the existing Master Boot Record on a Windows installation, with a custom MBR and encrypts the hard drive leveraging an open source full disk encryption utility …
漏洞类别:Proxy 漏洞等级: 漏洞信息 Squid Proxy is a freely available open source Web proxy software package. It is designed for use on Unix,Linux and Windows platforms. Squid configured with cache_peer and operating on explicit proxy traffic does not correctly handle CONNE…
漏洞类别:Proxy 漏洞等级: 漏洞信息 Squid Proxy is a freely available open source Web proxy software package. It is designed for use on Unix,Linux and Windows platforms. Squid Proxy is vulnerable to a Header Smuggling Attack due to improper input validation. Affected Softwa…