漏洞类别：Local 漏洞等级： 漏洞信息 ElasticSearch Logstash is an open source, server-side data processing pipeline that ingests data from a multitude of sources simultaneously, transforms it, and then sends it to your favorite 'stash'. A Directory Traversal vulnerability ha…

漏洞类别：Local 漏洞等级： 漏洞信息 The Access Policy Manager customization configuration section does not properly validate file types or file contents when uploading files. A remote authenticated user can upload files to the target system. This can be exploited by users w…

漏洞类别：Local 漏洞等级： 漏洞信息 The Configuration Utility implemented in vulnerable versions of F5 BIG-IP ASM fails to properly validate user-supplied input. A remote authenticated user can supply a specially crafted request to view files on the target system that are l…

漏洞类别：Local 漏洞等级： 漏洞信息 The Configuration Utility implemented in vulnerable versions of F5 BIG-IP ASM fails to properly validate user-supplied input. A remote authenticated user can supply a specially crafted request to view files on the target system that are l…

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 It was discovered that curl incorrectly reused client certificates when built with NSS. It was discovered that curl incorrectly handled escaping certain strings. It was discovered that curl incorrectly handled storing cookies. It was dis…

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 It was discovered that the NVIDIA graphics drivers incorrectly sanitized user mode inputs. 漏洞危害 A local attacker could use this issue to possibly gain root privileges. 解决方案 Refer to Ubuntu advisory USN-3122-1 for affected packages and pa…

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 It was discovered that the Hotspot component of OpenJDK did not properly check arguments of the System.arraycopy() function in certain cases. It was discovered that OpenJDK did not restrict the set of algorithms used for Jar integrity ve…

漏洞类别：Local 漏洞等级： 漏洞信息 Apple Mac OS X security update for Sierra 10.12.1, El Capitan v10.11.6 and Yosemite v10.10.5 is not installed. The update addresses 16 vulnerabilities in total. The vulnerabilities are caused due to several memory corrupting issues among …

漏洞类别：Local 漏洞等级： 漏洞信息 Safari is a Web-browser developed by Apple which is based on the WebKit engine. The update addresses multiple vulnerabilities affecting the WebKit which includes several memory corrupting issues for OS X Yosemite, El Capitan and macOS Sie…

漏洞类别：Local 漏洞等级： 漏洞信息 An x86 virtualization software package developed by Oracle. Multiple vulnerabilities were reported in Oracle VM VirtualBox. A remote user can exploit a flaw in the Oracle VM VirtualBox VirtualBox Remote Desktop Extension (VRDE) component …

漏洞类别：Cisco 漏洞等级： 漏洞信息 A vulnerability in the implementation of the DHCPv4 relay agent in Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service condition on an affected device. The vulnerability is due to improper val…

漏洞类别：Cisco 漏洞等级： 漏洞信息 A vulnerability in the Border Gateway Protocol (BGP) implementation of Cisco NX-OS System Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition due to the device unexpectedly reloading. The …

漏洞类别：SUSE 漏洞等级： 漏洞信息 Suse has released security update for bind to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 漏洞危害 This vulnerability can be used to cause a limited deni…

漏洞类别：SUSE 漏洞等级： 漏洞信息 Suse has released security update for curl to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 漏洞危害 This vulnerabilit…

漏洞类别：SUSE 漏洞等级： 漏洞信息 Suse has released security update for bind to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP2 SUSE …

漏洞类别：SUSE 漏洞等级： 漏洞信息 Suse has released security update for the linux kernel to fix the vulnerabilities. Affected Products: openSUSE Leap 42.1 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Upgrade to the latest packages which conta…

漏洞类别：Local 漏洞等级： 漏洞信息 Apple Xcode is a development application for Macintosh OS X. A vulnerable version of Xcode was found on the target host. The update resolves a type conversion issue existed that could lead to conversions returning unexpected values. 漏洞危害 …

漏洞类别：AIX 漏洞等级： 漏洞信息 AIX contains an unspecified vulnerability in lsmcode that impacts AIX. Affected Versions:- AIX 6.1, 7.1, 7.2 漏洞危害 The vulnerability could allow a locally authenticated user to obtain root level privileges. 解决方案 The vendor has released fixes…

漏洞类别：AIX 漏洞等级： 漏洞信息 AIX contains an unspecified vulnerability in lquerylv in LVM that impacts AIX. Affected Versions:- AIX 5.3, 6.1, 7.1, 7.2 漏洞危害 The vulnerability could allow a locally authenticated user to obtain root level privileges. 解决方案 The vendor has r…

发布时间：2016-11-07 10:26:29浏览次数：1 次点赞数：0 漏洞类别：Local漏洞等级： 漏洞信息 Apple Xcode is a development application for Macintosh OS X. A vulnerable version of Xcode was found on the target host. The update resolves the following security issues: - A register allocation issue…

漏洞类别：Local漏洞等级： 漏洞信息 cURL is a computer software project providing a library and command-line tool for transferring data using various protocols. cURL contains the following vulnerabilities: CVE-2016-8615: If cookie state is written into a cookie jar file that…

漏洞类别：Local 漏洞等级： 漏洞信息 Apple Mac OS X v10.11 is missing on the target host. Apple Mac OS X El Capitan 10.11 is now available to resolve multiple security vulnerabilities. Refer to Apple Security Update APPLE-SA-2015-09-30-3 for further details on these vulnerab…

漏洞类别：Local 漏洞等级： 漏洞信息 IBM Lotus Domino is a client/server product designed for collaborative working environments.Domino Server supports email, scheduling, instant messaging and data-driven applications. IBM Domino contains a cross-site scripting and two image…

报送者:恒安嘉新（北京）科技有限公司 CNVD-ID CNVD-2016-10625 发布时间 2016-11-04 危害级别 中 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 影响产品 Schneider Electric Magelis XBT GTW Advanced Open Touchscreen Panels (Windows XPe) Schneider Electric Magelis XBT GT Advanced Touchscreen Panels All Schneider El…

报送者:恒安嘉新（北京）科技有限公司 CNVD-ID CNVD-2016-10624 发布时间 2016-11-04 危害级别 高 (AV:N/AC:M/Au:N/C:N/I:N/A:C) 影响产品 Schneider Electric Magelis XBT GTW Advanced Open Touchscreen Panels (Windows XPe) Schneider Electric Magelis XBT GT Advanced Touchscreen Panels All Schneider El…