漏洞类别：SUSE 漏洞等级： 漏洞信息 Suse has released security update for freerdp to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP1 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 漏洞危害…

漏洞类别：SUSE 漏洞等级： 漏洞信息 Suse has released security update for x window system client libraries to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 1…

漏洞类别：SUSE 漏洞等级： 漏洞信息 Suse has released security update for ghostscript-library to fix the vulnerabilities. Affected Products: SUSE OpenStack Cloud 5 SUSE Manager Proxy 2.1 SUSE Manager 2.1 SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterp…

漏洞类别：SUSE 漏洞等级： 漏洞信息 Suse has released security update for ghostscript-library to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server for SAP 12 SUSE Linux Enterprise Server 12-SP1 SUSE…

国家信息安全漏洞共享平台 CNVD-ID CNVD-2016-08934 发布时间 2016-10-14 危害级别 高 (AV:L/AC:L/Au:N/C:C/I:C/A:C) 影响产品 Microsoft Windows 7 for x64-based Systems SP1 BUGTRAQ ID 93279 漏洞描述 Microsoft Windows是美国微软（Microsoft）公司发布的一系列操作系统。kernel是其中的内核。 Microsoft Windows存在本地代码执行漏洞，由于未能充分过滤用户…

  国家信息安全漏洞共享平台 CNVD-ID CNVD-2016-08938 发布时间 2016-10-14 危害级别 高 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 影响产品 Microsoft Internet Explorer 10 Microsoft Internet Explorer 11 Microsoft Edge 0 BUGTRAQ ID 93381 CVE ID CVE-2016-3387 漏洞描述 Microsoft Internet Explorer（IE）和Micro…

国家信息安全漏洞共享平台 CNVD-ID CNVD-2016-08940 发布时间 2016-10-14 危害级别 高 (AV:N/AC:L/Au:N/C:P/I:P/A:P) 影响产品 Microsoft Windows 7 SP1 Microsoft Windows Vista sp2 Microsoft Windows 8.1 Microsoft Windows 10 Gold Microsoft Windows 10 1511 Microsoft Windows 10 1607 BUGTRAQ ID 933…

  CNVD-ID CNVD-2016-07112 发布时间 2016-10-15 危害级别 中 (AV:N/AC:M/Au:N/C:N/I:P/A:N) 影响产品 WordPress Border Loading Bar 1.0 漏洞描述 WordPress是WordPress软件基金会的一套使用PHP语言开发的博客平台。该平台支持在PHP和MySQL的服务器上架设个人博客网站。 WordPress插件Border Loading Bar存在跨站脚本漏洞，允许攻击者利用该漏洞窃取基于cookie的身份验…

漏洞类别：Amazon Linux 漏洞等级： 漏洞信息 It was discovered that the MySQL logging functionality allowed writing to MySQL configuration files. An administrative database user, or a database user with FILE privileges, could possibly use this flaw to run arbitrary commands w…

漏洞类别：Amazon Linux 漏洞等级： 漏洞信息 It was discovered that OpenSSL did not always use constant time operations when computing Digital Signature Algorithm (DSA) signatures. A local attacker could possibly use this flaw to obtain a private DSA key belonging to another …

漏洞类别：Amazon Linux 漏洞等级： 漏洞信息 ext/mysqlnd/mysqlnd_wireprotocol.c in PHP before 5.6.26 and 7.x before 7.0.11 does not verify that a BIT field has the UNSIGNED_FLAG flag, which allows remote MySQL servers to cause a denial of service (heap-based buffer overflow) …

漏洞类别：Amazon Linux 漏洞等级： 漏洞信息 ext/standard/var_unserializer.re in PHP before 5.6.26 mishandles object-deserialization failures, which allows remote attackers to cause a denial of service (memory corruption) or possibly have unspecified other impact via an unser…

漏洞类别：Amazon Linux 漏洞等级： 漏洞信息 A possible heap overflow was discovered in the EscapeParenthesis() function (CVE-2016-7447 ). Various issues were found in the processing of SVG files in GraphicsMagick (CVE-2016-7446 ). The TIFF reader had a bug pertaining to use …

漏洞类别：AIX 漏洞等级： 漏洞信息 IBM AIX is prone to the following vulnerabilities: When the UseLogin feature is enabled and PAM is configured to read .pam_environment files in user home directories, allows local users to gain privileges by triggering a crafted environment…

漏洞类别：Local 漏洞等级： 漏洞信息 OpManager offers network monitoring, physical and virtual server monitoring, flow-based bandwidth analysis, firewall log analysis and archiving, configuration and change management, and IP address and switch port management, thereby provi…

漏洞类别：Local 漏洞等级： 漏洞信息 Wireshark is a network protocol analyzer available for multiple operating systems. It lets you capture and interactively browse the traffic running on a computer network. The application is exposed to multiple denial of service vulnerabil…

漏洞类别：RedHat 漏洞等级： 漏洞信息 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * Linux kernel built with the 802.1Q/802.1ad VLAN(CONFIG_VLAN_8021Q) OR Virtual eXtensible Local Area Network(CONFIG_VXLAN) with Tran…

漏洞类别：RedHat 漏洞等级： 漏洞信息 Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. Security Fix(es): * It was discovered that the Tomcat packages installed configuration file /usr/lib/tmpfiles.d/tomcat.conf writeable to t…

漏洞类别：RedHat 漏洞等级： 漏洞信息 Apache Tomcat is a servlet container for the Java Servlet and JavaServer Pages (JSP) technologies. Security Fix(es): * It was discovered that the Tomcat packages installed certain configuration files read by the Tomcat initialization scr…

漏洞类别：SUSE 漏洞等级： 漏洞信息 Suse has released security update for systemd to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 漏洞危害 This vulnerabi…

漏洞类别：SUSE 漏洞等级： 漏洞信息 Suse has released security update for xen to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 漏洞危害 This vulnerability…

漏洞类别：SUSE 漏洞等级： 漏洞信息 Suse has released security update for libreoffice to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 漏洞危害 This vulnerability could be exploited to gain par…

漏洞类别：SUSE 漏洞等级： 漏洞信息 Suse has released security update for compat-openssl098 to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Server for SAP 12-SP1 SUSE Linux Enterprise Module for Legacy Software 12 SUSE Linux Enterprise Desktop 12-SP1 漏洞危…

漏洞类别：Windows 漏洞等级： 漏洞信息 This security update resolves a vulnerability in Microsoft Windows. The vulnerability could allow remote code execution if Microsoft Video Control fails to properly handle objects in memory. This security update is rated Critical on the…

漏洞类别：Internet Explorer 漏洞等级： 漏洞信息 Microsoft released an update for Windows 8.1, Windows Server 2012, Windows Server 2012 R2, Windows RT 8.1, and Windows 10. The update addresses the vulnerabilities described in Adobe Security bulletin APSB16-32. This security …