漏洞类别:Web server 漏洞等级: 漏洞信息 Serviio is a free media server. It allows you to stream your media files (music, video or images) to renderer devices (e.g. a TV set, Bluray player, games console or mobile phone) on your connected home network. The vulnerabilities f…
漏洞类别:Internet Explorer 漏洞等级: 漏洞信息 This update addresses vulnerabilities which are described in the Adobe Security Bulletin APSB17-23, if installed on any supported edition of Microsoft Windows 10 Version 1607, Windows 10 Version 1511, Windows 10 Version 1703, …
漏洞类别:Office Application 漏洞等级: 漏洞信息 A cross-site scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server.(CVE-2017-8654) This security updates contain foll…
漏洞类别:Windows 漏洞等级: 漏洞信息 Microsoft Edge suffers multiple security vulnerabilities. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge. Many memory corruption vulnerabilities …
漏洞类别:Windows 漏洞等级: 漏洞信息 An information disclosure vulnerability exists in Microsoft SQL Server Analysis Services when it improperly enforces permissions. An attacker could exploit the vulnerability if the attacker's credentials allow access to an affected SQL …
漏洞类别:Internet Explorer 漏洞等级: 漏洞信息 Internet Explorer is a web-browser developed by Microsoft which is included in Microsoft Windows Operating Systems. Microsoft has released Cumulative Security Updates for Internet Explorer which addresses various vulnerabiliti…
漏洞类别:RedHat 漏洞等级: 漏洞信息 Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. The Realm implementations did not process the supplied password if the supplied user name did not exist. This made a timing attack possibl…
漏洞类别:RedHat 漏洞等级: 漏洞信息 The evince packages provide a simple multi-page document viewer for Portable Document Format (PDF), PostScript (PS), Encapsulated PostScript (EPS) files, and, with additional back-ends, also the Device Independent File format (DVI) files…
漏洞类别:RedHat 漏洞等级: 漏洞信息 The Ghostscript suite contains utilities for rendering PostScript and PDF documents. A NULL pointer dereference flaw was found in ghostscript's mem_get_bits_rectangle function. A specially crafted postscript document could cause a crash …
漏洞类别:RedHat 漏洞等级: 漏洞信息 The java-1.7.0-openjdk packages provide the OpenJDK 7 Java Runtime Environment and the OpenJDK 7 Java Software Development Kit. It was discovered that the DCG implementation in the RMI component of OpenJDK failed to correctly handle refe…
漏洞类别:RedHat 漏洞等级: 漏洞信息 Log4j is a tool to help the programmer output log statements to a variety of output targets. It was found that when using remote logging with log4j socket server the log4j server would deserialize any log event received via TCP or UDP. A…
漏洞类别:RedHat 漏洞等级: 漏洞信息 The kernel packages contain the Linux kernel, the core of any Linux operating system. The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lacked certain checks for the end of a buffer. A remote attacker could t…
漏洞类别:Local 漏洞等级: 漏洞信息 Adobe Digital Editions is an ebook reader software program from Adobe Systems built using Adobe Flash with support for acquiring, managing and reading eBooks, digital newspapers, and other digital publications. The software supports PDF, …
漏洞类别:Local 漏洞等级: 漏洞信息 Adobe Flash Player is a Cross-platform plugin plays animations, videos and sound files in .SWF format. These vulnerabilities that could potentially allow an attacker to take control of the affected system. (CVE-2017-3085,CVE-2017-3106) Af…
漏洞类别:Local 漏洞等级: 漏洞信息 Adobe Reader and Acrobat are applications for handling PDF files. They are prone to multiple vulnerabilities that could potentially allow an attacker to take control of an affected system. Affected Software: Acrobat DC Continuous 2017.009…
CVE
CVE-2017-6316 Citrix NetScaler SD-WAN and CloudBridge Virtual WAN Management Interface Remote Code Execution Vulnerability
漏洞类别:CGI 漏洞等级: 漏洞信息 NetScaler SD-WAN creates a reliable WAN from diverse network links, including MPLS, broadband, and wireless, continuously measuring and monitoring each link for loss, latency, jitter and congestion. With CloudBridge virtual WAN, users can c…
漏洞类别:Local 漏洞等级: 漏洞信息 IBM WebSphere Application Server is designed to facilitate the creation of various enterprise Web applications. IBM WebSphere Application Server has a insecure file permissions vulnerability resulting in log files to have different permis…
漏洞类别:Local 漏洞等级: 漏洞信息 SecureCRT client provides terminal emulation with the strong encryption, broad range of authentication options, and data integrity for SSH protocol used for secure network administration and end user access. SecureFX provides the strong e…
漏洞类别:Local 漏洞等级: 漏洞信息 Microsoft Skype is an instant messaging app that provides online text message and video chat services. A remote user can create a specially crafted DLL. When the target user installs Skype from the same directory as the specially crafted …
漏洞类别:Local 漏洞等级: 漏洞信息 McAfee Network DLP allows enterprises to enforce policies for information leaving the network through email, webmail, instant messaging (IM), wikis, blogs etc. McAfee Network Data Loss Prevention is prone to several vulnerabilities which …
漏洞类别:VMware 漏洞等级: 漏洞信息 VMware vCenter is the centralized management tool for the vSphere suite. The target is missing Update 3b, which corrects the following security issue: A local user on the host system can exploit an insecure library loading flaw in the LD…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for ncurses to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP3 SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server 12-SP3 SU…
漏洞类别:RedHat 漏洞等级: 漏洞信息 Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. Quick Emulator (QEMU) built with the Network Block Device (NBD) Server support is vulnerable to a crash via a SIGPIPE signal. T…
漏洞类别:RedHat 漏洞等级: 漏洞信息 The kernel packages contain the Linux kernel, the core of any Linux operating system. A use-after-free flaw was found in the Linux kernel which enables a race condition in the L2TPv3 IP Encapsulation feature. A local user could use this …
漏洞类别:RedHat 漏洞等级: 漏洞信息 The kernel packages contain the Linux kernel, the core of any Linux operating system. The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lacked certain checks for the end of a buffer. A remote attacker could t…