漏洞类别:OEL 漏洞等级: 漏洞信息 Oracle Enterprise Linux has released security update for gstreamer-plugins-bad-free to fix the vulnerabilities. Affected Products: Oracle Linux 6 漏洞危害 Sucessful exploitation may cause information leakage. 解决方案 To resolve this issue, upgrade…
漏洞类别:OEL 漏洞等级: 漏洞信息 Oracle Enterprise Linux has released security update for thunderbird to fix the vulnerabilities. Affected Products: Oracle Linux 7 Oracle Linux 6 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 To resolve this is…
漏洞类别:OEL 漏洞等级: 漏洞信息 Oracle Enterprise Linux has released security update for vim to fix the vulnerabilities. Affected Products: Oracle Linux 7 Oracle Linux 6 漏洞危害 Successful exploitation may lead to the execution of arbitrary code 解决方案 To resolve this issue, u…
漏洞类别:OEL 漏洞等级: 漏洞信息 Oracle Enterprise Linux has released security update for xen to fix the vulnerabilities. Affected Products: Oracle Linux 5 漏洞危害 A privileged guest user/process could use this flaw to potentially escalate their privileges on a host. 解决方案 To …
漏洞类别:OEL 漏洞等级: 漏洞信息 Oracle Enterprise Linux has released security update for elsa-2016-2962-1 important: oracle linux 5 kernel to fix the vulnerabilities. Affected Products: Oracle Linux 5 漏洞危害 On successful exploitation it allows remote attackers to corrupt m…
漏洞类别:CentOS 漏洞等级: 漏洞信息 CentOS has released security update for kvm to fix the vulnerabilities. Affected Products: centos 5 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 To resolve this issue, upgrade to the latest packages which c…
漏洞类别:Local 漏洞等级: 漏洞信息 Design interactive animations with cutting-edge drawing tools and publish them to multiple platforms with Adobe Animate. This update resolves a critical memory corruption vulnerability (CVE-2016-7866). Affected Version Adobe Animate 15.2.…
漏洞类别:Local 漏洞等级: 漏洞信息 Adobe ColdFusion Builder an IDE that can be used to build applications for ColdFusion. Adobe ColdFusion Builder is exposed to a information disclosure vulnerability (CVE-2016-7887). Affected Products: Adobe ColdFusion Builder 2016 Update …
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that shared bind mounts in a mount namespace exponentially added entries without restriction to the Linux kernel's mount table. It was discovered that the KVM implementation for x86/x86_64 in the Linux kernel could dere…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 A use-after-free condition in the TTY implementation in the Linux kernel. It was discovered that the Video For Linux Two (v4l2) implementation in the Linux kernel did not properly handle multiple planes when processing a VIDIOC_DQBUF ioc…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that shared bind mounts in a mount namespace exponentially added entries without restriction to the Linux kernel's mount table. It was discovered that a race condition existed in the procfs environ_read function in the …
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that a race condition existed in the procfs environ_read function in the Linux kernel, leading to an integer underflow. 漏洞危害 A local attacker could use this to expose sensitive information (kernel memory). 解决方案 Refer to…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for php-ssh2 to fix the vulnerabilities. 漏洞危害 If only DSA-3732-1 is installed, it can cause segfaults in php-ssh2. 解决方案 Refer to Debian security advisory DSA 3732-2 to address this issue and obtain fur…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that the ndr_pull_dnsp_nam function in Samba contained an integer overflow. It was discovered that Samba clients always requested a forwardable ticket when using Kerberos authentication. It was discovered that Kerberos …
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for python-bottle to fix the vulnerabilities. 漏洞危害 Successful exploitation can allowe an attacker to perform CRLF attacks such as HTTP header injection. 解决方案 Refer to Debian security advisory DSA 3743-…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for flightgear to fix the vulnerabilities. 漏洞危害 Successful exploitation of the vulnerabilities can allow a malicious script to overwrite arbitrary files with the privileges of the user running Flight G…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for tor to fix the vulnerabilities. 漏洞危害 Sucessful exploitation of the vulnerability may cause a Denial of Service. 解决方案 Refer to Debian security advisory DSA 3741-1 to address this issue and obtain fu…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for samba to fix the vulnerabilities. 漏洞危害 A target server, which is present in the current or trusted domain/realm, can be given a valid general purpose Kerberos "Ticket Granting Ticket" (TGT), which …
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for tomcat8 to fix the vulnerabilities. 漏洞危害 Successful exploitation of the vulnerabilities may cause privilege escalation, information disclosure, and remote code execution. 解决方案 Refer to Debian secur…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for tomcat7 to fix the vulnerabilities. 漏洞危害 Successful exploitation of the vulnerabilities may cause privilege escalation, information disclosure, and remote code execution. 解决方案 Refer to Debian secur…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for php5 to fix the vulnerabilities. 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Refer to Debian security advisory DSA 3737-1 to address this issue and obtain further de…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for libupnp to fix the vulnerabilities. 漏洞危害 Sucessful exploitation may lead to denial of service or remote code execution. 解决方案 Refer to Debian security advisory DSA 3736-1 to address this issue and o…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for game-music-emu to fix the vulnerabilities. 漏洞危害 Sucessful exploitation may lead to execution of arbitrary code. 解决方案 Refer to Debian security advisory DSA 3735-1 to address this issue and obtain fu…
漏洞类别:Web Application 漏洞等级: 漏洞信息 XSS vulnerabilities occur when the Web application echoes user-supplied data in an HTML response sent to the Web browser. For example, a Web application might include the user's name as part of a welcome message or display a hom…
漏洞类别:SUSE 漏洞等级: 漏洞信息 Suse has released security update for xen to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 漏洞危害 This vulnerability…