漏洞类别:RedHat 漏洞等级: 漏洞信息 The Simple Protocol for Independent Computing Environments (SPICE) is a remote display protocol for virtual environments. SPICE users can access a virtualized desktop or server from the local system or any system with network access to t…
漏洞类别:RedHat 漏洞等级: 漏洞信息 The Network Time Protocol (NTP) is used to synchronize a computer's time with another referenced time source. These packages include the ntpd service which continuously adjusts system time and utilities used to query and configure the nt…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for gnome-boxes to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Fedora has issued updated packages to fix this vulnerability…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for opensslk to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 Successful exploitation may be lead to DOS attacks. Attacks against RSA and DSA possible on x86_64 due to a carry propagating bug. 解决方…
漏洞类别:OEL 漏洞等级: 漏洞信息 Oracle Enterprise Linux has released security update for unbreakable enterprise kernel to fix the vulnerabilities. Affected Products: Oracle Linux 7 Oracle Linux 6 漏洞危害 Successful exploitation will cause information leakage and denial of se…
漏洞类别:OEL 漏洞等级: 漏洞信息 Oracle Enterprise Linux has released security update for ntp to fix the vulnerabilities. Affected Products: Oracle Linux 7 Oracle Linux 6 漏洞危害 Successful exploitation may lead to a denial of service attack. Other attacks also possible. 解决方案…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for kernel to fix the vulnerability. Affected OS: Fedora 24 漏洞危害 Successful exploitation may allow a denial of service. 解决方案 Fedora has issued updated packages to fix this vulnerability. Updates can be…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for phpmyadmin to fix the vulnerability. Affected OS: Fedora 24 Fedora 25 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Fedora has issued updated packages to fix this vuln…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for calibre to fix the vulnerability. Affected OS: Fedora 24 Fedora 25 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Fedora has issued updated packages to fix this vulnera…
CVE
CVE-2016-9244 F5 BIG-IP ASM Session Tickets Information Disclosure Vulnerability (TICKETBLEED) (K05121675)
漏洞类别:Local 漏洞等级: 漏洞信息 A BIG-IP virtual server configured with a Client SSL profile that has the non-default Session Tickets option enabled may leak up to 31 bytes of uninitialized memory. The vulnerability exists in the implementation of the TLS SessionTicket …
漏洞类别:Local 漏洞等级: 漏洞信息 Node.js is a platform built on Chrome's JavaScript runtime for easily building fast, scalable network applications. Node.js is exposed to a root path disclosure vulnerability in send Module. Affected Products: Send module prior to 0.11.1 …
E安全2月6日讯 作为对2013版《网络战争中国际法适用性塔林手册》的第二版(简称《塔林手册2.0》)更新与扩展版本,由20名国际法专家撰写编制的《网络活动适用国际法塔林手册2.0》是一项极具影响力的指导性资源,它在《塔林手册1.0》的基础上,将关注范围扩展至和平时期的法律制度,两本手册,做到了战时、和平时期的全方位覆盖,无论我们是否同意其中的观点,必然成为本领域的经典之作。《塔林手册2.0》由剑桥大学出版社出版发布,售价$59.99。 《塔林手册2.0》的起草工作由北约合作网络防御卓越中心负责推动及指导。塔林手册…
1月22日下午,中国互联网络信息中心(CNNIC)在京发布第39次《中国互联网络发展状况统计报告》(以下简称为《报告》)。《报告》显示,截至2016年12月,中国网民规模达7.31亿,相当于欧洲人口总量,互联网普及率达到53.2%。中国互联网行业整体向规范化、价值化发展,同时,移动互联网推动消费模式共享化、设备智能化和场景多元化。 “.CN”注册保有量超过2000万,稳居全球国家顶级域名第一 截至2016年12月,中国“.CN”域名总数为2061万,年增长25.9%,占中国域名总数比例为48.7%。“.中国”域名总…
CVE
CVE-2017-3310 Oracle Database January 2017 Security Update Multiple Vulnerabilities (CPUJAN2017)
漏洞类别:Database 漏洞等级: 漏洞信息 Oracle released a Critical Patch Update advisory for January 2017 that addresses several security vulnerabilities. The following Oracle database component are affected: - OJVM - RDBMS Security 漏洞危害 An attacker could affect the confiden…
CVE
CVE-2017-3310 Oracle Database January 2017 Patch Set Update (PSU) 11.2.0.4.170117 Not Installed (Patch 24006111)
漏洞类别:Database 漏洞等级: 漏洞信息 Oracle Database Patch Set Updates are proactive cumulative patches containing recommended bug fixes that are released on a regular schedule. Affected Software: Oracle Database 11.2.0.4 漏洞危害 Failure to apply this patch could lead to los…
漏洞类别:DNS and BIND 漏洞等级: 漏洞信息 ISC BIND (Berkley Internet Domain Name) is an implementation of DNS protocols. Two vulnerabilities exist in BIND: 1) An error may allow access to the cache via recursion even though an ACL disallows it. 2) An error when processing …
漏洞类别:DNS and BIND 漏洞等级: 漏洞信息 ISC BIND (Berkley Internet Domain Name) is an implementation of DNS protocols. ISC BIND is prone to a remote denial of service vulnerability because the software fails to handle certain record types. An attacker can exploit this is…
漏洞类别:RedHat 漏洞等级: 漏洞信息 The kernel packages contain the Linux kernel, the core of any Linux operating system. A use-after-free vulnerability was found in the kernels socket recvmmsg subsystem. This may allow remote attackers to corrupt memory and may allow exec…
漏洞类别:DNS and BIND 漏洞等级: 漏洞信息 ISC BIND is open source software that implements the Domain Name System (DNS) protocols for the Internet. Parsing a malformed DNSSEC key can cause a validating resolver to exit due to a failed assertion in buffer.c. It is possible …
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 <DIV ID="issue_overview"> Issue Overview: The following security-related issues were fixed: Padding oracle vulnerability in Apache mod_session_crypto (CVE-2016-0736 ) DoS vulnerability in mod_auth_digest (CVE-2016-2161 ) Apac…
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 <DIV ID="issue_overview"> Issue Overview: The sg implementation in the Linux kernel did not properly restrict write operations in situations where the KERNEL_DS option is set, which allows local users to read or write to arbi…
漏洞类别:SUSE 漏洞等级: 漏洞信息 Suse has released security update for squid to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Server 12-SP2 漏洞危害 Malicious users could use this vulnerability to change partial contents or configuration on the system. 解决方…
漏洞类别:SUSE 漏洞等级: 漏洞信息 Suse has released security update for qemu to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 漏洞危害 This vulnerability can also be used to cause a limited denial of servic…
漏洞类别:SUSE 漏洞等级: 漏洞信息 Suse has released security update for perl-dbd-mysql to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 漏洞危害 This vulnerability can also be used to cause…
漏洞类别:SUSE 漏洞等级: 漏洞信息 Suse has released security update for squid to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Server 12-SP1 漏洞危害 Malicious users could use this vulnerability to change partial contents or configuration on the system. 解决方…