漏洞类别:Local 漏洞等级: 漏洞信息 VX Search is an automated, rule-based file search solution on Windows. VX Search Enterprise is exposed to stack buffer overflow vulnerability. NOTE: The exploit is publicly available and could be weaponized in near future. Affected Versio…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for wordpress to fix the vulnerabilities. 漏洞危害 Cross-site request forgery (CSRF) vulnerability in the wp_ajax_wp_compression_test function in wp-admin/includes/ajax-actions.php in WordPress allows remo…
漏洞类别:Security Policy 漏洞等级: 漏洞信息 Authorware is a visual authoring tool for creating rich-media e-learning applications for delivery on corporate networks, CD/DVD, and the Web. Develop accessible applications that comply with learning management system (LMS) sta…
CVE
CVE-2015-0721 Cisco NX-OS Software-Based Products Authentication, Authorization, and Accounting Bypass Vulnerability (cisco-sa-20161005-nxaaa)
漏洞类别:Cisco 漏洞等级: 漏洞信息 A vulnerability in the SSH subsystem of the Cisco Nexus family of products could allow an authenticated, remote attacker to bypass authentication, authorization, and accounting (AAA) restrictions. The vulnerability is due to the improper …
漏洞类别:Cisco 漏洞等级: 漏洞信息 A vulnerability in the Internet Key Exchange version 2 (IKEv2) code of Cisco IOS and IOS XE could allow an unauthenticated, remote attacker to cause a reload of the affected device. The vulnerability is due to improper handling of crafted…
漏洞类别:OEL 漏洞等级: 漏洞信息 Oracle Enterprise Linux has released security update for thunderbird to fix the vulnerabilities. Affected Products: Oracle Linux 7 Oracle Linux 6 漏洞危害 Successful exploitation allows remote attackers to cause a denial of service or possibly …
漏洞类别:RedHat 漏洞等级: 漏洞信息 The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fix(es): * A flaw was found in the Linux kernel's keyring handling code, where in key_reject_and_link() an uninitialized variable would eventu…
漏洞列表
RedHat Red Hat Enterprise Linux 4 Extended Life Cycle Support Six-Month Notice (RHSA-2016:1986)
漏洞类别:RedHat 漏洞等级: 漏洞信息 In accordance with the Red Hat Enterprise Linux Errata Support Policy, Extended Life Cycle Support for Red Hat Enterprise Linux 4 will be retired as of March 31, 2017, and active support will no longer be provided. Accordingly, Red Hat w…
漏洞类别:Windows 漏洞等级: 漏洞信息 KB3080079 provides support for Transport Layer Security (TLS) 1.1 and TLS 1.2 in Windows 7 Service Pack 1 (SP1) or Windows Server 2008 R2 SP1 for Remote Desktop Services (RDS). 漏洞危害 TLS 1.1 and TLS 1.2 support will not be available for …
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for libdbd-mysql-perl to fix the vulnerabilities. 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Refer to Debian security advisory DSA 3684-1 to address this issue and obta…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for chromium-browser to fix the vulnerabilities. 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Refer to Debian security advisory DSA 3683-1 to address this issue and obtai…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for wordpress to fix the vulnerabilities. 漏洞危害 Cross-site request forgery (CSRF) vulnerability in the wp_ajax_wp_compression_test function in wp-admin/includes/ajax-actions.php in WordPress allows remo…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for c-ares to fix the vulnerabilities. 漏洞危害 Heap-based buffer overflow in the ares_create_query function in c-ares allows remote attackers to cause a denial of service (out-of-bounds write) or possibly…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for pdns to fix the vulnerability. Affected OS: Fedora 23 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Fedora has issued updated packages to fix this vulnerability. Updat…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for curl to fix the vulnerability. Affected OS: Fedora 23 漏洞危害 An attacker can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will like…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for mariadb to fix the vulnerability. Affected OS: Fedora 23 漏洞危害 Successful exploitation allows local users to create arbitrary configurations and bypass certain protection mechanisms by setting gener…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for nodejs-tough-cookie to fix the vulnerability. Affected OS: Fedora 23 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Fedora has issued updated packages to fix this vulne…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for mongodb to fix the vulnerability. Affected OS: Fedora 23 漏洞危害 The client in MongoDB uses world-readable permissions on .dbshell history files, which might allow local users to obtain sensitive info…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for community-mysql to fix the vulnerability. Affected OS: Fedora 23 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Fedora has issued updated packages to fix this vulnerabi…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for openjpeg2 to fix the vulnerability. Affected OS: Fedora 24 漏洞危害 convert.c in OpenJPEG allows remote attackers to cause a denial of service (NULL pointer dereference and application crash) via vecto…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for bind to fix the vulnerability. Affected OS: Fedora 24 漏洞危害 A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS request packet…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for bind99 to fix the vulnerability. Affected OS: Fedora 24 漏洞危害 A remote attacker could use this flaw to make named exit unexpectedly with an assertion failure via a specially crafted DNS request pack…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for systemd to fix the vulnerability. Affected OS: Fedora 24 漏洞危害 A flaw was found in the way systemd handled empty notification messages. A local attacker could use this flaw to make systemd freeze it…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for bash to fix the vulnerability. Affected OS: Fedora 24 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Fedora has issued updated packages to fix this vulnerability. Updat…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for openssh to fix the vulnerability. Affected OS: Fedora 24 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Fedora has issued updated packages to fix this vulnerability. Up…