漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for tigervnc to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 This vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availability. 解决方案 F…
漏洞类别:VMware 漏洞等级: 漏洞信息 VMware vCenter is the centralized management tool for the vSphere suite. The target is missing Update 3a, which resolve the following security issue: VMware product updates resolve remote code execution vulnerability via Apache Struts 2 …
漏洞类别:Local 漏洞等级: 漏洞信息 VMware Workstation is a hosted hypervisor that runs on x64 versions of Windows and Linux operating systems. VMware Workstation update addresses multiple security issues a. VMware Workstation DLL loading vulnerability b. VMware Workstation…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for mbedtls to fix the vulnerability. Affected OS: Fedora 24 漏洞危害 Successful exploitation of the vulnerability may lead to a Denial of Service (client crash) or potentially could be exploited to allow …
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for drupal8 to fix the vulnerability. Affected OS: Fedora 24 Fedora 25 漏洞危害 Successful exploitation of the vulnerabilities may lead to remote code execution, CSRF attacks and access bypass. 解决方案 Fedora…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for qbittorrent to fix the vulnerability. Affected OS: Fedora 24 漏洞危害 Malicious users could use this vulnerability to change partial contents or configuration on the system. 解决方案 Fedora has issued upda…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for webkitgtk4 to fix the vulnerability. Affected OS: Fedora 24 Fedora 25 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Fedora has issued updated packages to fix this vuln…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for sscg to fix the vulnerability. Affected OS: Fedora 24 Fedora 25 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Fedora has issued updated packages to fix this vulnerabil…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for pcs to fix the vulnerability. Affected OS: Fedora 24 Fedora 25 漏洞危害 Successful exploitation of the vulnerability may lead to XSS attacks. 解决方案 Fedora has issued updated packages to fix this vulnera…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for icecat to fix the vulnerability. Affected OS: Fedora 24 Fedora 25 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Fedora has issued updated packages to fix this vulnerab…
漏洞类别:General remote services 漏洞等级: 漏洞信息 Cisco Prime Collaboration is a video and voice service assurance and management system with a set of monitoring, troubleshooting, and reporting capabilities that help ensure end users receive consistent video and voice c…
漏洞类别:Internet Explorer 漏洞等级: 漏洞信息 Internet Explorer is a web-browser developed by Microsoft which is included in Microsoft Windows Operating Systems. Microsoft has released Cumulative Security Updates for Internet Explorer which addresses various vulnerabiliti…
漏洞类别:Windows 漏洞等级: 漏洞信息 Microsoft Edge is a web-browser developed by Microsoft which is included in Microsoft Windows Operating Systems. Microsoft Edge suffers multiple security vulnerabilities. The most severe of the vulnerabilities could allow remote code ex…
漏洞类别:Internet Explorer 漏洞等级: 漏洞信息 The update addresses the vulnerabilities which are described in Adobe Security Bulletin APSB17-10, if it's installed on any supported edition of Windows Server 2016, Windows Server 2012 R2, Windows Server 2012, Windows 10, Win…
漏洞类别:Windows 漏洞等级: 漏洞信息 Microsoft has released Cumulative Security Updates for Windows which addresses the following vulnerabilities:- An information disclosure vulnerability exists when the Windows kernel improperly handles objects in memory. (CVE-2017-0167) …
漏洞类别:Windows 漏洞等级: 漏洞信息 Microsoft Silverlight is a Web browser plug-in for Windows and Mac OS X that delivers high quality video/audio, animation, and richer Website experiences in popular Web browsers. This security update to Silverlight includes fixes outlin…
漏洞类别:Security Policy 漏洞等级: 漏洞信息 Microsoft Exchange Server 2007 has been detected on the host Microsoft ended support for Microsoft Exchange Server 2007 on April 11, 2017 and provides no further support. 漏洞危害 The system is at high risk of being exposed to secur…
CVE
Security Policy EOL/Obsolete Operating System: Microsoft Windows Vista Service Pack 2 (SP2) Detected
漏洞类别:Security Policy 漏洞等级: 漏洞信息 The host is running Windows Vista Service Pack 2 . Microsoft ended support for Windows Vista Service Pack 2 on April 11, 2017 and provides no further support. 漏洞危害 The system is at high risk of being exposed to security vulnerab…
漏洞类别:Local 漏洞等级: 漏洞信息 Adobe Creative Cloud Desktop Application is your central location for managing the dozens of apps and services that are included in your Creative Cloud membership. You can also sync and share files, manage thousands of fonts, access libra…
CVE
CVE-2017-3058 2017-04-12 16:10:29 Adobe Flash Player Remote Code Execution Vulnerability (APSB17-10)
漏洞类别:Local 漏洞等级: 漏洞信息 Adobe Flash Player is a Cross-platform plugin plays animations, videos and sound files in .SWF format. These vulnerabilities that could potentially allow an attacker to take control of the affected system. ( CVE-2017-3058, CVE-2017-3059, …
漏洞信息 Adobe Reader and Acrobat are applications for handling PDF files. They are prone to multiple vulnerabilities that could potentially allow an attacker to take control of an affected system. Affected Software: Acrobat DC Continuous 15.023.20070 and earlier …
写在前面 很多技术宅们都喜欢折腾自己的路由器,例如在上面搭建NAS、配置远程下载和使用代理上网,这些技术和相关软件能帮助大家在硬盘里搜集大量的娱乐、教育资源。 不过大家在网上下载和使用第三方软件时要小心啦,要多关注软件的安全更新。长亭安全研究实验室在2016年5月通过GeekPwn向华为PSIRT报告了迅雷固件Xware的多个漏洞,这些漏洞不仅存在于华为荣耀路由默认支持的远程下载功能中,也会影响使用Xware的其他路由器或Linux服务器。在收到漏洞报告后,华为官方迅速给出了修复,华为荣耀路由早已不受影响。不过,迅…
前言 您的Catalyst交换机上是否启用了telnet? 如果是的话,那就要小心了。本文将向读者介绍针对配备了最新固件的Catalyst 2960交换机的远程代码执行漏洞的概念验证攻击技术。具体的漏洞利用代码可以从这里下载。以下是对2017年3月7日中情局泄露的机密文件中的一个安全漏洞的利用开发流程的详细说明,此外,思科公司于2017年3月17日也公开披露了该漏洞的详细情况。但是,截止撰写本文时,仍然没有可用的补丁。尽管如此,还是有一个补救措施的,那就是禁用telnet,并代之以使用SSH。 CIA泄漏的Vaul…
4月10日下午,中国棋院会议厅里,世界棋坛积分排名上唯一排在AlphaGo之前的人类棋手柯洁九段说, “我不会轻易地妥协,不会说什么输了也无所谓、人机共赢,无论多强大,我都抱有必胜的心态和必死的信念。” “我一定要击败AlphaGo。” 5月23日,代表“人类棋手最后尊严”的柯洁将与最新版本的AlphaGo进行三番棋比赛。“三番棋”,来自日语。就是比赛为三盘,先胜两盘者获胜。 就是我们说的“三局两胜”。相较于去年跟李世石的快棋比赛,这一次是慢棋。 在柯洁不远处,一则“王质烂柯”的皮影雕刻挂在墙上。晋朝时王质入山伐木…
前面提到, 柯洁九段将在5月23日迎战阿尔法狗 ,但现实是目前 人工智能AI的发展现状大多还在机器学习的阶段 ,那网络安全领域有这方面的实践了吗?当然有, 安全软件供应商Townsend Security创始人Patrick Townsend表示: “目前我们正逐步建成可以对检测的海量非结构化数据和检测模式进行高效处理的系统,我预想下一代安全产品会是基于感知计算(cognitive computing)的。就拿IBM超级电脑Watson来说,它在人机对战练习赛中险胜战胜了美国智力竞赛节目《危险边缘》(Jeopard…