报送者:恒安嘉新(北京)科技有限公司 CNVD-ID CNVD-2016-10623 发布时间 2016-11-04 危害级别 中 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 影响产品 Cisco StarOS on ASR 5000 >=18.0 BUGTRAQ ID 94071 CVE ID CVE-2016-6455 漏洞描述 Cisco ASR 5000系列是一个运营商级平台,可用于部署高需求的3G网络以及向长期演进(LTE) 迁移。 Cisco ASR 5500系列路由器装配DPC2后…
报送者:恒安嘉新(北京)科技有限公司 CNVD-ID CNVD-2016-10622 发布时间 2016-11-04 危害级别 高 (AV:N/AC:L/Au:N/C:N/I:N/A:C) 影响产品 Cisco Application Policy Infrastructure Controller (APIC) Cisco Nexus 9000 Series Switches in ACI mode BUGTRAQ ID 94077 CVE ID CVE-2016-6457 漏洞描述 Cisco Applicat…
报送者:蓝盾信息安全技术股份有限公司 CNVD-ID CNVD-2016-10621 发布时间 2016-11-04 危害级别 低 (AV:L/AC:L/Au:N/C:N/I:N/A:P) 影响产品 Huawei Mate 8 NXT-CL00C92B182 Huawei Mate 8 NXT-DL00C17B182 Huawei Mate 8 NXT-TL00C01B182 Huawei Mate 8 NXT-TL10C00B197 Huawei Mate 8 NXT-TL00C01B197 Huawei Mat…
报送者:蓝盾信息安全技术股份有限公司 CNVD-ID CNVD-2016-10620 发布时间 2016-11-04 危害级别 中 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 影响产品 QEMU QEMU 0 BUGTRAQ ID 93956 漏洞描述 QEMU(又名Quick Emulator)是法国程序员法布里斯-贝拉(Fabrice Bellard)所研发的一套模拟处理器软件。该软件具有速度快、跨平台等特点。 QEMU 'hw/9pfs/9p.c'存在整数溢出漏洞,攻击者可以利用该漏洞使程序崩溃…
报送者:蓝盾信息安全技术股份有限公司 CNVD-ID CNVD-2016-10619 发布时间 2016-11-04 危害级别 中 (AV:N/AC:L/Au:N/C:N/I:N/A:P) 影响产品 QEMU QEMU 0 BUGTRAQ ID 93962 漏洞描述 QEMU(又名Quick Emulator)是法国程序员法布里斯-贝拉(Fabrice Bellard)所研发的一套模拟处理器软件。该软件具有速度快、跨平台等特点。 'hw/9pfs/9p.c'存在拒绝服务漏洞,攻击者可以利用该漏洞发起拒绝服务攻击。 …
漏洞类别:CGI 漏洞等级: 漏洞信息 SAP NetWeaver Application Server (AS) or SAP Web Application Server is a component of the solution which works as a web application server to SAP solutions. The vulnerability exists in the implemented webdynpro service, which is an example …
漏洞类别:Local 漏洞等级: 漏洞信息 An update for rh-postgresql94-postgresql is now available for Red Hat Software Collections. A flaw was found in the way PostgreSQL server handled certain SQL statements containing CASE/WHEN commands. A remote, authenticated attacker could…
漏洞类别:Local 漏洞等级: 漏洞信息 An update for rh-ror41-rubygem-actionview is now available for Red Hat Software Collections. It was discovered that Action View tag helpers did not escape quotes when using strings declared as HTML safe as attribute values. A remote attac…
漏洞类别:RedHat 漏洞等级: 漏洞信息 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): *A flaw was found in the Linux kernel's keyring handling code: the key_reject_and_link() function could be forced to free an arbitrar…
漏洞类别:RedHat 漏洞等级: 漏洞信息 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-…
漏洞类别:RedHat 漏洞等级: 漏洞信息 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: * A race condition was found in the way the Linux kernel's memory subsystem handled the copy-on-write (COW) breakage of private read-on…
CVE
Cisco Wireless LAN Controller Wireless Web Authentication Denial of Service Vulnerability (Cisco-SA-20150508-CVE-2015-0723)
漏洞类别:General remote services 漏洞等级: 漏洞信息 A vulnerability in the wireless web authentication subsystem of Cisco Wireless LAN Controller (WLC) could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition. The vulnerability exists…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for php7 to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 漏洞危害 This vulnerability could be exploited to gain partial access to sensitive information. Mal…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for php53 to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 漏洞危害 This vulnerability could be exploited to gain partial…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for gd to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 漏洞危害 This vulnerability could be exploited to gain partial ac…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for gd to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 漏洞危害 This vulnerability …
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for imagemagick to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 漏洞危害 This vulne…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for flash-player to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Desktop 12-SP1 漏洞危害 This vulnerability could be exploited to gain partial access to sensitive information. Malicious us…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for openslp to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 漏洞危害 This vulnerabi…
漏洞类别:Local 漏洞等级: 漏洞信息 Apple Xcode is a development application for Macintosh OS X. A vulnerable version of Xcode was found on the target host. The update resolves the following security issues: - Multiple vulnerabilities existed in Git versions prior to 2.5.4.…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that Bind incorrectly handled certain responses containing a DNAME answer. 漏洞危害 A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. 解决方案 Refer to Ubuntu advisory USN…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that the Mailman administrative web interface did not protect against cross-site request forgery (CSRF) attacks. It was discovered that the Mailman user options page did not protect against cross-site request forgery (C…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that the GD library incorrectly handled certain malformed Tiff images. It was discovered that the GD library incorrectly handled certain integers when processing WebP images. It was discovered that the GD library incorr…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that DBus incorrectly validated the source of ActivationFailure signals. It was discovered that DBus incorrectly handled certain format strings. 漏洞危害 A local attacker could use this issue to cause a denial of service. T…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that DBus incorrectly validated the source of ActivationFailure signals. It was discovered that DBus incorrectly handled certain format strings. 漏洞危害 A local attacker could use this issue to cause a denial of service. T…