漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 Package updates are available for Amazon Linux that fix the following vulnerabilities: CVE-2016-5636: 1345856: CVE-2016-5636 python: Heap overflow in zipimporter module A vulnerability was discovered in Python, in the built-in zipi…
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 Package updates are available for Amazon Linux that fix the following vulnerabilities: CVE-2015-5343: 1289959: CVE-2015-5343 subversion: (mod_dav_svn) integer overflow when parsing skel-encoded request bodies CVE-2015-3187: It was …
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 Amazon Linux Security Advisory for apache-commons-collections: AL2012-2016-144 漏洞危害 Allows unauthorized disclosure of information; allows unauthorized modification; allows disruption of service. 解决方案 Administrators are advised to a…
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 Package updates are available for Amazon Linux that fix the following vulnerabilities: CVE-2016-3959: 1324343: CVE-2016-3959 golang: infinite loop in several big integer routines. 漏洞危害 Allows unauthorized disclosure of information;…
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 Package updates are available for Amazon Linux that fix the following vulnerabilities: CVE-2016-2518: 1331468: CVE-2016-2518 ntp: out-of-bounds references on crafted packet An out-of-bounds access flaw was found in the way ntpd pro…
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 Package updates are available for Amazon Linux that fix the following vulnerabilities: CVE-2016-4579: 1335396: CVE-2016-4579 libksba: Out-of-bounds read in _ksba_ber_parse_tl CVE-2016-4574: 1334831: CVE-2016-4574 libksba: Incomplet…
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 Package updates are available for Amazon Linux that fix the following vulnerabilities: CVE-2016-5240: 1333417: CVE-2016-5240 ImageMagick: SVG converting issue resulting in DoS CVE-2016-5239: 1334188: CVE-2016-5239 ImageMagick,Graph…
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 Package updates are available for Amazon Linux that fix the following vulnerabilities: CVE-2016-5387: It was discovered that httpd used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment varia…
漏洞类别:Local 漏洞等级: 漏洞信息 SAP NetWeaver is an integrated technology computing platform and is the technical foundation for many SAP applications since the SAP Business Suite. It provides the development and runtime environment for SAP applications and can be used …
漏洞类别:RedHat 漏洞等级: 漏洞信息 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 45.3.0. Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web page containing malicious …
漏洞类别:RedHat 漏洞等级: 漏洞信息 Red Hat Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fix(es): * An insufficient permission check issue w…
漏洞类别:跨站攻击 漏洞等级: 漏洞详情: 【风险概述】:导致论坛站点用户信息被窃取等风险; 【漏洞描述】:Discuz的helper_mobile.php存在跨站漏洞,攻击者可利用该漏洞窃取论坛站点用户信息。 【影响版本】:全版本 【修复建议】: 修改文件:source/class/helper/helper_mobile.php 找到以下两行: $query_sting_tmp = str_replace(array('&mobile=yes','mobile=yes'), array(''), $…
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 It was discovered that the Python CGIHandler class did not properly protect against the HTTP_PROXY variable name clash in a CGI context. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a Python…
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 A use after free vulnerability was found in tcp_xmit_retransmit_queue and other tcp_* functions. 漏洞危害 Allows unauthorized disclosure of information; allows unauthorized modification; allows disruption of service. 解决方案 Please refer …
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 A heap-based buffer overflow in the parse_packet function in network.c in collectd allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted network packet. 漏洞危害 Allows una…
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 A heap-based buffer overflow in the parse_packet function in network.c in collectd allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted network packet. 漏洞危害 Allows una…
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 A use after free vulnerability was found in tcp_xmit_retransmit_queue and other tcp_* functions. 漏洞危害 Allows unauthorized disclosure of information; allows unauthorized modification; allows disruption of service. 解决方案 Please refer …
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 It was discovered that the Python CGIHandler class did not properly protect against the HTTP_PROXY variable name clash in a CGI context. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a Python…
漏洞类别:SUSE 漏洞等级: 漏洞信息 Suse has released security update for phpmyadmin to fix the vulnerabilities. Affected Products: openSUSE 13.1 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Upgrade to the latest packages which contain a patch.…
漏洞类别:SUSE 漏洞等级: 漏洞信息 Suse has released security update for typo3-cms-4_5 to fix the vulnerabilities. Affected Products: openSUSE Leap 42.1 openSUSE 13.2 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Upgrade to the latest packages …
漏洞类别:SUSE 漏洞等级: 漏洞信息 Suse has released security update for phpmyadmin to fix the vulnerabilities. Affected Products: openSUSE Leap 42.1 openSUSE 13.2 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Upgrade to the latest packages whi…
漏洞类别:SUSE 漏洞等级: 漏洞信息 Suse has released security update for firefox to fix the vulnerabilities. Affected Products: openSUSE 13.1 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Upgrade to the latest packages which contain a patch. To…
漏洞类别:SUSE 漏洞等级: 漏洞信息 Suse has released security update for imagemagick to fix the vulnerabilities. Affected Products: openSUSE Leap 42.1 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Upgrade to the latest packages which contain a …
漏洞类别:SUSE 漏洞等级: 漏洞信息 Suse has released security update for the linux kernel to fix the vulnerabilities. Affected Products: openSUSE 13.2 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Upgrade to the latest packages which contain a …
漏洞类别:SUSE 漏洞等级: 漏洞信息 Suse has released security update for libidn to fix the vulnerabilities. Affected Products: openSUSE Leap 42.1 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Upgrade to the latest packages which contain a patch…