漏洞类别：Amazon Linux 漏洞等级： 漏洞信息 It was discovered that the MySQL logging functionality allowed writing to MySQL configuration files. An administrative database user, or a database user with FILE privileges, could possibly use this flaw to run arbitrary commands w…

漏洞类别：Amazon Linux 漏洞等级： 漏洞信息 It was discovered that OpenSSL did not always use constant time operations when computing Digital Signature Algorithm (DSA) signatures. A local attacker could possibly use this flaw to obtain a private DSA key belonging to another …

漏洞类别：Amazon Linux 漏洞等级： 漏洞信息 ext/mysqlnd/mysqlnd_wireprotocol.c in PHP before 5.6.26 and 7.x before 7.0.11 does not verify that a BIT field has the UNSIGNED_FLAG flag, which allows remote MySQL servers to cause a denial of service (heap-based buffer overflow) …

漏洞类别：Amazon Linux 漏洞等级： 漏洞信息 ext/standard/var_unserializer.re in PHP before 5.6.26 mishandles object-deserialization failures, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via an unser…

漏洞类别：Amazon Linux 漏洞等级： 漏洞信息 A possible heap overflow was discovered in the EscapeParenthesis() function (CVE-2016-7447 ). Various issues were found in the processing of SVG files in GraphicsMagick (CVE-2016-7446 ). The TIFF reader had a bug pertaining to use …

漏洞类别：AIX 漏洞等级： 漏洞信息 IBM AIX is prone to the following vulnerabilities: When the UseLogin feature is enabled and PAM is configured to read .pam_environment files in user home directories, allows local users to gain privileges by triggering a crafted environment…

漏洞类别：Local 漏洞等级： 漏洞信息 OpManager offers network monitoring, physical and virtual server monitoring, flow-based bandwidth analysis, firewall log analysis and archiving, configuration and change management, and IP address and switch port management, thereby provi…

漏洞类别：Local 漏洞等级： 漏洞信息 Wireshark is a network protocol analyzer available for multiple operating systems. It lets you capture and interactively browse the traffic running on a computer network. The application is exposed to multiple denial of service vulnerabil…

漏洞类别：RedHat 漏洞等级： 漏洞信息 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * Linux kernel built with the 802.1Q/802.1ad VLAN(CONFIG_VLAN_8021Q) OR Virtual eXtensible Local Area Network(CONFIG_VXLAN) with Tran…

漏洞类别：RedHat 漏洞等级： 漏洞信息 Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. Security Fix(es): * It was discovered that the Tomcat packages installed configuration file /usr/lib/tmpfiles.d/tomcat.conf writeable to t…

漏洞类别：RedHat 漏洞等级： 漏洞信息 Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. Security Fix(es): * It was discovered that the Tomcat packages installed certain configuration files read by the Tomcat initialization scr…

漏洞类别：SUSE 漏洞等级： 漏洞信息 Suse has released security update for systemd to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 漏洞危害 This vulnerabi…

漏洞类别：SUSE 漏洞等级： 漏洞信息 Suse has released security update for xen to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 漏洞危害 This vulnerability…

漏洞类别：SUSE 漏洞等级： 漏洞信息 Suse has released security update for libreoffice to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 漏洞危害 This vulnerability could be exploited to gain par…

漏洞类别：SUSE 漏洞等级： 漏洞信息 Suse has released security update for compat-openssl098 to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Server for SAP 12-SP1 SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Desktop 12-SP1 漏洞危…

漏洞类别：Windows 漏洞等级： 漏洞信息 This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if Microsoft Video Control fails to properly handle objects in memory. This security update is rated Critical on the…

漏洞类别：Internet Explorer 漏洞等级： 漏洞信息 Microsoft released an update for Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows RT 8.1, and Windows 10. The update addresses the vulnerabilities described in Adobe Security bulletin APSB16-32. This security …

漏洞类别：Windows 漏洞等级： 漏洞信息 An elevation of privilege vulnerability exists in the Windows Diagnostics Hub Standard Collector Service when the Windows Diagnostics Hub Standard Collector Service fails to properly sanitize input that could lead to unsecure library lo…

漏洞类别：Windows 漏洞等级： 漏洞信息 - A remote code execution vulnerability exists due to the way the Windows GDI component handles objects in the memory. - A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted emb…

漏洞类别：Windows 漏洞等级： 漏洞信息 Multiple elevation of privilege vulnerabilities exist in Microsoft Windows when a Windows kernel API improperly allows a user to access sensitive registry information. Microsoft released a security update to correct how the kernel API r…

漏洞类别：Windows 漏洞等级： 漏洞信息 Multiple elevation of privilege vulnerabilities exist when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited these vulnerabilities could run arbitrary code in kernel mode. …

漏洞类别：Internet Explorer 漏洞等级： 漏洞信息 This security update is rated Critical for Internet Explorer 9 (IE 9), and Internet Explorer 11 (IE 11) on affected Windows clients, and Moderate for Internet Explorer 9 (IE 9), Internet Explorer 10 (IE 10), and Internet Explo…

漏洞类别：Local 漏洞等级： 漏洞信息 Adobe Flash Player is a multimedia application for multiple platforms. Adobe has released security updates for Adobe Flash Player. These updates address critical vulnerabilities that could potentially allow an attacker to take control of …

漏洞类别：Windows 漏洞等级： 漏洞信息 This security update is rated Critical for Microsoft Edge on Windows 10. The update addresses the vulnerabilities by: modifying how Microsoft Edge and certain functions handle objects in memory. modifying how the Chakra JavaScript scrip…

漏洞类别：Windows 漏洞等级： 漏洞信息 An information disclosure vulnerability exists when the Microsoft Internet Messaging API improperly handles objects in memory. The security update affects Microsoft Windows Vista, Windows Server 2008, Windows 7 and Windows Sever 2008 R2…