漏洞类别：RedHat 漏洞等级： 漏洞信息 Poppler is a Portable Document Format (PDF) rendering library, used by applications such as Evince. Security Fix(es): * A heap-buffer overflow was found in the poppler library. An attacker could create a malicious PDF file that would cau…

漏洞类别：RedHat 漏洞等级： 漏洞信息 LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor, a spreadsheet, a presentation manager, a formula editor, and a drawing program. LibreOffice rep…

漏洞类别：RedHat 漏洞等级： 漏洞信息 The Pacemaker cluster resource manager is a collection of technologies working together to provide data integrity and the ability to maintain application availability in the event of a failure. The following packages have been upgraded t…

漏洞类别：RedHat 漏洞等级： 漏洞信息 The libvirt library contains a C API for managing and interacting with the virtualization capabilities of Linux and other operating systems. In addition, libvirt provides tools for remote management of virtualized systems. The following …

漏洞类别：RedHat 漏洞等级： 漏洞信息 The libguestfs packages contain a library, which is used for accessing and modifying virtual machine (VM) disk images. Virt-p2v is a tool for conversion of a physical server to a virtual guest. The following packages have been upgraded t…

漏洞类别：RedHat\ 漏洞等级： 漏洞信息 The Network Time Protocol (NTP) is used to synchronize a computer's time with another referenced time source. These packages include the ntpd service which continuously adjusts system time and utilities used to query and configure the n…

漏洞类别：RedHat 漏洞等级： 漏洞信息 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * It was found that the Linux kernel's IPv6 implementation mishandled socket options. A local attacker could abuse concurrent access …

漏洞类别：RedHat 漏洞等级： 漏洞信息 Python is an interpreted, interactive, object-oriented programming language, which includes modules, classes, exceptions, very high level dynamic data types and dynamic typing. Python supports interfaces to many system calls and librarie…

漏洞类别：RedHat 漏洞等级： 漏洞信息 The curl packages provide the libcurl library and the curl utility for downloading files from servers using various protocols, including HTTP, FTP, and LDAP. Security Fix(es): * It was found that the libcurl library did not prevent TLS s…

漏洞类别：RedHat 漏洞等级： 漏洞信息 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * It was found that the Linux kernel's IPv6 implementation mishandled socket options. A local attacker could abuse concurrent access …

漏洞类别：RedHat 漏洞等级： 漏洞信息 The glibc packages provide the standard C libraries (libc), POSIX thread libraries (libpthread), standard math libraries (libm), and the name service cache daemon (nscd) used by multiple programs on the system. Without these libraries, t…

漏洞类别：RedHat 漏洞等级： 漏洞信息 The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for v…

漏洞类别：RedHat 漏洞等级： 漏洞信息 IBM Java SE version 7 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7 SR9-FP60. Security Fix(es): * This update fixes multiple vulnerabilities in the IB…

漏洞类别：RedHat 漏洞等级： 漏洞信息 IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 7 to version 7R1 SR3-FP60. Security Fix(es): * This update fixes multiple vulnerabiliti…

漏洞类别：RedHat 漏洞等级： 漏洞信息 IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update upgrades IBM Java SE 8 to version 8 SR3-FP20. Security Fix(es): * This update fixes multiple vulnerabilities in the IB…

漏洞类别：RedHat 漏洞等级： 漏洞信息 This is the final notification for the retirement of Red Hat Enterprise Linux 6.6 Extended Update Support (EUS). This notification applies only to those customers subscribed to the Extended Update Support (EUS) channel for Red Hat Enterp…

漏洞类别：Local 漏洞等级： 漏洞信息 iTunes is a digital media player application for Mac OS and Windows developed by Apple. WebKit in Apple iTunes for Windows is prone to multiple vulnerabilities like Information Disclosure and Code Execution. Affected Versions: Apple iTune…

漏洞类别：Local 漏洞等级： 漏洞信息 ElasticSearch Logstash is an open source, server-side data processing pipeline that ingests data from a multitude of sources simultaneously, transforms it, and then sends it to your favorite 'stash'. A Directory Traversal vulnerability ha…

漏洞类别：Local 漏洞等级： 漏洞信息 The Access Policy Manager customization configuration section does not properly validate file types or file contents when uploading files. A remote authenticated user can upload files to the target system. This can be exploited by users w…

漏洞类别：Local 漏洞等级： 漏洞信息 The Configuration Utility implemented in vulnerable versions of F5 BIG-IP ASM fails to properly validate user-supplied input. A remote authenticated user can supply a specially crafted request to view files on the target system that are l…

漏洞类别：Local 漏洞等级： 漏洞信息 The Configuration Utility implemented in vulnerable versions of F5 BIG-IP ASM fails to properly validate user-supplied input. A remote authenticated user can supply a specially crafted request to view files on the target system that are l…

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 It was discovered that curl incorrectly reused client certificates when built with NSS. It was discovered that curl incorrectly handled escaping certain strings. It was discovered that curl incorrectly handled storing cookies. It was dis…

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 It was discovered that the NVIDIA graphics drivers incorrectly sanitized user mode inputs. 漏洞危害 A local attacker could use this issue to possibly gain root privileges. 解决方案 Refer to Ubuntu advisory USN-3122-1 for affected packages and pa…

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy() function in certain cases. It was discovered that OpenJDK did not restrict the set of algorithms used for Jar integrity ve…

漏洞类别：Local 漏洞等级： 漏洞信息 Apple Mac OS X security update for Sierra 10.12.1, El Capitan v10.11.6 and Yosemite v10.10.5 is not installed. The update addresses 16 vulnerabilities in total. The vulnerabilities are caused due to several memory corrupting issues among …