漏洞类别：Web Application 漏洞等级： 漏洞信息 The Apache Struts web framework is a free open source solution for creating Java web applications. Apache Struts is prone to multiple remote code execution vulnerabilities CVE-2013-2251 and CVE-2013-2248, because it fails to ade…

漏洞类别：CGI 漏洞等级： 漏洞信息 Exponent CMS is a free, open source, open standards modular enterprise software framework and content management system (CMS) written in the PHP. The vulnerability exists because of improper sanitization of user supplied input passed 'expon…

漏洞类别：Local 漏洞等级： 漏洞信息 iTunes is a digital media player application for Mac OS and Windows developed by Apple. WebKit in Apple iTunes for Windows is prone to multiple vulnerabilities like Memory Corruption, DNS Rebinding and Code Execution. Affected Versions: A…

漏洞类别：CGI 漏洞等级： 漏洞信息 Liferay makes software that helps companies create digital experiences on web, mobile and connected devices. Liferay is vulnerable to a stored XSS when an user is created with an malicious payload on the FirstName field. Affected Version Li…

漏洞类别：Windows 漏洞等级： 漏洞信息 KB3080079 provides support for Transport Layer Security (TLS) 1.1 and TLS 1.2 in Windows 7 Service Pack 1 (SP1) or Windows Server 2008 R2 SP1 for Remote Desktop Services (RDS). 漏洞危害 TLS 1.1 and TLS 1.2 support will not be available for …

漏洞类别：RedHat 漏洞等级： 漏洞信息 The Red Hat Virtualization Manager is a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities, resource…

漏洞类别：General remote services 漏洞等级： 漏洞信息 Cisco Wireless LAN Controller helps manage light-weight access points in large quantities by the network administrator or network operations center. The Cisco Wireless LAN Controller (WLC) product family is affected by t…

漏洞类别：General remote services 漏洞等级： 漏洞信息 Cisco Wireless LAN Controller helps manage light-weight access points in large quantities by the network administrator or network operations center. CVE-2013-3474: Cisco Wireless LAN Controller Software contains a vulner…

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 A flaw in processing a compressed text chunk in a PNG image could cause the image to have a large size when decompressed. It was discovered that Pillow incorrectly validated input. It was discovered that Pillow incorrectly handled certai…

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 It was discovered that Bind incorrectly handled building responses to certain specially crafted requests. 漏洞危害 A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. 解决方案 Refer to Ubuntu…

漏洞类别：Debian 漏洞等级： 漏洞信息 Debian has released security update for bind9 to fix the vulnerabilities. 漏洞危害 A defect in the rendering of messages into packets can cause named to exit with an assertion failure in buffer.c while constructing a response to a query that…

漏洞类别：Fedora 漏洞等级： 漏洞信息 Fedora has released security update for vfrnav to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Fedora has issued updated packages to fix this vulnerability. Upd…

漏洞类别：Fedora 漏洞等级： 漏洞信息 Fedora has released security update for opensslj to fix the vulnerability. Affected OS: Fedora 24 漏洞危害 This vulnerability could be exploited to gain partial access to sensitive information. 解决方案 Fedora has issued updated packages to fix …

漏洞类别：CGI 漏洞等级： 漏洞信息 EMC Documentum Platform: Critical enterprise content management access and control of all your information assets. Documentum is prone to following vulnerabilities : Privilege Escalation (CVE-2014-2506):Authenticated non-privileged users ar…

漏洞类别：Cisco 漏洞等级： 漏洞信息 OpenSSL Software Foundation released 16 OpenSSL vulnerabilities: Fourteen track issues that could result in a denial of service (DoS) condition One (CVE-2016-2183, aka SWEET32) tracks an implementation of a Birthday attack against Transpo…

漏洞类别：Cisco 漏洞等级： 漏洞信息 he Smart Install client feature in Cisco IOS and IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to cause a memory leak and eventual denial of service condition on an affected device. The vuln…

漏洞类别：Cisco 漏洞等级： 漏洞信息 Multiple vulnerabilities in the multicast subsystem of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition. The issues are in IPv4 Multicast Source Discovery Protocol…

漏洞类别：Cisco 漏洞等级： 漏洞信息 A vulnerability in the H.323 subsystem of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition on an affected device. The vulnerability is due to a failure to properly…

漏洞类别：Cisco 漏洞等级： 漏洞信息 A vulnerability in the IPv4 fragment reassembly function of Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to the corruption of an internal data struct…

漏洞类别：Cisco 漏洞等级： 漏洞信息 A vulnerability in the implementation of Network Address Translation (NAT) functionality in Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause an affected device to reload. The vulnerability is due to improper …

漏洞类别：Cisco 漏洞等级： 漏洞信息 A vulnerability in the DNS forwarder functionality of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause the device to reload, to corrupt the information present in the device's local DNS cache, or read…

漏洞类别：Cisco 漏洞等级： 漏洞信息 A vulnerability in the Common Industrial Protocol (CIP) feature of Cisco IOS Software could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition. The vulnerability is due to a failure to properly process…

漏洞类别：Cisco 漏洞等级： 漏洞信息 A vulnerability in the Authentication, Authorization, and Accounting (AAA) service for remote Secure Shell Host (SSH) connections to the device for Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause the…

漏洞类别：Cisco 漏洞等级： 漏洞信息 A vulnerability in the IP Detail Record (IPDR) code of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause an affected system to reload. The vulnerability is due to improper handling of IPDR packets. 漏洞危…

漏洞类别：Cisco 漏洞等级： 漏洞信息 A vulnerability in the Internet Key Exchange version 1 (IKEv1) fragmentation code of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to cause an exhaustion of available memory or a reload of the affected syst…