漏洞类别:VMware 漏洞等级: 漏洞信息 VMware ESXi is an enterprise level computer virtualization product. A local user on the guest system can trigger an uninitialized stack memory usage error in SVGA to execute arbitrary code on the host system [CVE-2017-4903]. A local user…
漏洞类别:VMware 漏洞等级: 漏洞信息 VMware ESXi is an enterprise level computer virtualization product. A local user on the guest system can trigger a heap overflow in SVGA to execute arbitrary code on the host system [CVE-2017-4902]. ESXi 6.0 is not affected. A local user…
漏洞类别:RedHat 漏洞等级: 漏洞信息 The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. It was found that the fix for CVE-2015-3148 in curl was incomplete. An applicat…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for libpng12-0 to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 漏洞危害 This vulnerability could be exploited to gain co…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for php7 to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 漏洞危害 This vulnerability could be exploite…
漏洞类别:RedHat 漏洞等级: 漏洞信息 Chromium is an open-source web browser, powered by WebKit (Blink). Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or di…
漏洞类别:General remote services 漏洞等级: 漏洞信息 Hash algorithms are used to generate a hash value for a message (an arbitrary block of data) such that a number of cryptographic properties hold. In particular it is expected to be resistant to collisions, that is that g…
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 Package updates are available for Amazon Linux that fix the following vulnerabilities: CVE-2016-5597: * A flaw was found in the way the Networking component of OpenJDK handled HTTP proxy authentication. A Java application could pos…
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 Amazon Linux 2012.03 - AL2012-2017-163: low priority package update for memcached 漏洞危害 Allows unauthorized disclosure of information; allows unauthorized modification; allows disruption of service. 解决方案 Administrators are advised t…
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 Package updates are available for Amazon Linux that fix the following vulnerabilities: CVE-2016-8735: The JmxRemoteLifecycleListener was not updated to take account of Oracle's fix for CVE-2016-3427. JMXRemoteLifecycleListener is o…
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 Package updates are available for Amazon Linux that fix the following vulnerabilities: CVE-2016-8745: 1403824: CVE-2016-8745 tomcat: information disclosure due to incorrect Processor sharing CVE-2016-8735: The JmxRemoteLifecycleLis…
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 Package updates are available for Amazon Linux that fix the following vulnerabilities: CVE-2016-3630: The binary delta decoder in Mercurial before 3.7.3 allows remote attackers to execute arbitrary code via a (1) clone, (2) push, o…
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 Package updates are available for Amazon Linux that fix the following vulnerabilities: CVE-2016-9675: * A vulnerability was found in the patch for CVE-2013-6045 for OpenJPEG. A specially crafted JPEG2000 image, when read by an appl…
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 Package updates are available for Amazon Linux that fix the following vulnerabilities: CVE-2016-9147: * A denial of service flaw was found in the way BIND handled a query response containing inconsistent DNSSEC information. A remot…
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 Several denial of service flaws were found in Wireshark. Wireshark could crash or stop responding if it read a malformed packet off a network, or opened a malicious dump file. 漏洞危害 Allows unauthorized disclosure of information; all…
漏洞类别:Local 漏洞等级: 漏洞信息 Panasonic FPWIN Pro is the Panasonic programming software developed according to the international standard IEC 61131-3. This update fixes the following vulnerabilities: - Heap based buffer overflow - Access of uninitialized pointer - Out…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for erlang to fix the vulnerability. Affected OS: Fedora 24 漏洞危害 Successful exploitation the vulnerability may lead to Heap-buffer overflow attacks. 解决方案 Fedora has issued updated packages to fix this …
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for moodle to fix the vulnerability. Affected OS: Fedora 24 Fedora 25 漏洞危害 Depending on the vulnerability being exploited, a remote attacker could conduct cross-site scripting or SQL injection attacks …
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for kernel to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 Successful exploitation of the vulnerability can lead to Denial of service (use-after-free and system crash) or possibly have unspecifie…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for sane-backends to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 Successful exploitation allows remote attackers to obtain sensitive memory information. 解决方案 Fedora has issued updated packages t…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for tcpreplay to fix the vulnerability. Affected OS: Fedora 24 Fedora 25 漏洞危害 Successful exploitation of the vulnerability allows an attacker to cause a buffer overflow attack. 解决方案 Fedora has issued u…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for firefox to fix the vulnerability. Affected OS: Fedora 25 Fedora 24 漏洞危害 If a user were tricked in to opening a specially crafted website, an attacker could exploit this to cause a denial of service…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for kernel to fix the vulnerability. Affected OS: Fedora 24 漏洞危害 Successful exploitation of the vulnerability can lead to Denial of service (use-after-free and system crash) or possibly have unspecifie…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for chromium to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose sensitive information when …
漏洞类别:General remote services 漏洞等级: 漏洞信息 The Network Time Protocol (NTP) is used to synchronize the time of a computer client or server to another server or reference time source. This update fixes multiple denial of service and stack based buffer overflow vuln…