漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for gst-plugins-good0.10 to fix the vulnerabilities. 漏洞危害 Successful exploitation of the vulnerability can allow an attacker to defeat address space layout randomization and data execution prevention. …
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for gst-plugins-good1.0 to fix the vulnerabilities. 漏洞危害 Successful exploitation of the vulnerability can allow an attacker to defeat address space layout randomization and data execution prevention. 解…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for icu to fix the vulnerability. Affected OS: Fedora 24 漏洞危害 Successful Exploitation could allows remote attackers to cause a denial of service (application crash) or possibly have unspecified other i…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for p7zip to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 Successful exploitation of the vulnerability can allow an attacker to cause a Denial of Service. 解决方案 Fedora has issued updated packages …
漏洞类别:RedHat 漏洞等级: 漏洞信息 Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. A flaw was found in…
漏洞类别:RedHat 漏洞等级: 漏洞信息 Mozilla Firefox is an open source web browser. A flaw was found in the processing of malformed web content. A web page containing malicious content could cause Firefox to crash or, potentially, execute arbitrary code with the privileges …
CVE
CVE-2016-9311 Cisco Nexus Network Time Protocol Daemon Multiple Vulnerabilities (cisco-sa-20161123-ntpd)
漏洞类别:Cisco 漏洞等级: 漏洞信息 Multiple Cisco products incorporate a version of the Network Time Protocol daemon (ntpd) package. Following vulnerabilities exists in NTP :- Network Time Protocol Trap Service Denial of Service Vulnerability Network Time Protocol Broadcas…
漏洞类别:Local 漏洞等级: 漏洞信息 Google Chrome is a web browser for multiple platforms developed by Google. This Google Chrome update fixes the following vulnerabilities: CVE-2016-5208 Universal XSS in Blink. CVE-2016-5207 Universal XSS in Blink. CVE-2016-5206 Same-origi…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that the __get_user_asm_ex implementation in the Linux kernel for x86/x86_64 contained extended asm statements that were incompatible with the exception table. It was discovered that the filesystem implementation in the…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that the driver for Areca RAID Controllers in the Linux kernel did not properly validate control messages. A stack-based buffer overflow in the Broadcom IEEE802.11n FullMAC driver in the Linux kernel. 漏洞危害 A local attac…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that the driver for Areca RAID Controllers in the Linux kernel did not properly validate control messages. 漏洞危害 A local attacker could use this to cause a denial of service (system crash) or possibly gain privileges. 解决…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that c-ares incorrectly handled certain hostnames. 漏洞危害 A remote attacker could use this issue to cause applications using c-ares to crash, resulting in a denial of service, or possibly execute arbitrary code. 解决方案 Refe…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that ImageMagick incorrectly handled certain malformed image files. 漏洞危害 If a user or automated system using ImageMagick were tricked into opening a specially crafted image, an attacker could exploit this to cause a den…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that data: URLs can inherit the wrong origin after a HTTP redirect in some circumstances. A use-after-free was discovered in SVG animations. 漏洞危害 An attacker could potentially exploit this to bypass same-origin restrict…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that the Vim text editor did not properly validate values for the 'filetype', 'syntax', and 'keymap' options. 漏洞危害 An attacker could trick a user into opening a file with specially crafted modelines and possibly execute…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that python-cryptography incorrectly handled certain HKDF lengths. 漏洞危害 This could result in python-cryptography returning an empty string instead of the expected derived key. 解决方案 Refer to Ubuntu advisory USN-3138-1 fo…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for moodle to fix the vulnerability. Affected OS: Fedora 23 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Fedora has issued updated packages to fix this vulnerability. Upd…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for moin to fix the vulnerability. Affected OS: Fedora 23 Fedora 24 Fedora 25 漏洞危害 Successful exploitation of the vulnerability can allow an attacker to perform JavaScript injection. 解决方案 Fedora has is…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for perl-dbd-mysql to fix the vulnerability. Affected OS: Fedora 24 漏洞危害 Successful exploitation can lead to Out-Of-Bounds Read and cause Information Disclosure. 解决方案 Fedora has issued updated packages…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for python-tornado to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 Successful exploitation can allow an attacker to set arbitrary cookies and bypass XSRF protection. 解决方案 Fedora has issued update…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for vagrant to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 Successful exploitation can allow an unprivileged local user to insert arbitrary nfs exports. 解决方案 Fedora has issued updated packages t…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for vagrant to fix the vulnerability. Affected OS: Fedora 24 漏洞危害 Successful exploitation can allow an unprivileged local user to insert arbitrary nfs exports. 解决方案 Fedora has issued updated packages t…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for vagrant to fix the vulnerability. Affected OS: Fedora 23 漏洞危害 Sucessful Exploitation can allow an unprivileged local user to insert arbitrary nfs exports. 解决方案 Fedora has issued updated packages to…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for calamares to fix the vulnerability. Affected OS: Fedora 25 Fedora 24 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Fedora has issued updated packages to fix this vulne…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for drupal8 to fix the vulnerability. Affected OS: Fedora 25 Fedora 24 漏洞危害 Successful exploitation of the vulnerabilities can allow an attacker to: 1) Cause a denial of Service. 2) Inject external URL…