漏洞类别：OEL 漏洞等级： 漏洞信息 Oracle Enterprise Linux has released security update for kvm to fix the vulnerabilities. Affected Products: Oracle Linux 5 漏洞危害 A privileged guest user could use this flaw to execute arbitrary code on the host with the privileges of the hos…

漏洞类别：RedHat 漏洞等级： 漏洞信息 Twisted is an event-based framework for internet applications. Twisted Web is a complete web server, aimed at hosting web applications using Twisted and Python, but fully able to serve static pages too. Security Fix(es): * It was discove…

漏洞类别：RedHat 漏洞等级： 漏洞信息 Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. Security Fix(es): *…

漏洞类别：RedHat 漏洞等级： 漏洞信息 The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for v…

漏洞类别：SUSE 漏洞等级： 漏洞信息 Suse has released security update for postgresql94 to fix the vulnerabilities. Affected Products: SUSE Manager 2.1 SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Debuginfo 11…

漏洞类别：SUSE 漏洞等级： 漏洞信息 Suse has released security update for pidgin to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 漏洞危害 This vulnerability could be exploited to gain par…

漏洞类别：SUSE 漏洞等级： 漏洞信息 Suse has released security update for postgresql94 to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 漏洞危害 This vuln…

漏洞类别：SUSE 漏洞等级： 漏洞信息 Suse has released security update for php5 to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Module for Web Scripting 12 漏洞危害 This vulnerability could be exploited to…

漏洞类别：Web Application 漏洞等级： 漏洞信息 The Apache Struts web framework is a free open source solution for creating Java web applications. Apache Struts is prone to multiple remote code execution vulnerabilities CVE-2013-2251 and CVE-2013-2248, because it fails to ade…

漏洞类别：CGI 漏洞等级： 漏洞信息 Exponent CMS is a free, open source, open standards modular enterprise software framework and content management system (CMS) written in the PHP. The vulnerability exists because of improper sanitization of user supplied input passed 'expon…

漏洞类别：Local 漏洞等级： 漏洞信息 iTunes is a digital media player application for Mac OS and Windows developed by Apple. WebKit in Apple iTunes for Windows is prone to multiple vulnerabilities like Memory Corruption, DNS Rebinding and Code Execution. Affected Versions: A…

漏洞类别：CGI 漏洞等级： 漏洞信息 Liferay makes software that helps companies create digital experiences on web, mobile and connected devices. Liferay is vulnerable to a stored XSS when an user is created with an malicious payload on the FirstName field. Affected Version Li…

漏洞类别：Windows 漏洞等级： 漏洞信息 KB3080079 provides support for Transport Layer Security (TLS) 1.1 and TLS 1.2 in Windows 7 Service Pack 1 (SP1) or Windows Server 2008 R2 SP1 for Remote Desktop Services (RDS). 漏洞危害 TLS 1.1 and TLS 1.2 support will not be available for …

漏洞类别：RedHat 漏洞等级： 漏洞信息 The Red Hat Virtualization Manager is a centralized management platform that allows system administrators to view and manage virtual machines. The Manager provides a comprehensive range of features including search capabilities, resource…

漏洞类别：General remote services 漏洞等级： 漏洞信息 Cisco Wireless LAN Controller helps manage light-weight access points in large quantities by the network administrator or network operations center. The Cisco Wireless LAN Controller (WLC) product family is affected by t…

漏洞类别：General remote services 漏洞等级： 漏洞信息 Cisco Wireless LAN Controller helps manage light-weight access points in large quantities by the network administrator or network operations center. CVE-2013-3474: Cisco Wireless LAN Controller Software contains a vulner…

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 A flaw in processing a compressed text chunk in a PNG image could cause the image to have a large size when decompressed. It was discovered that Pillow incorrectly validated input. It was discovered that Pillow incorrectly handled certai…

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 It was discovered that Bind incorrectly handled building responses to certain specially crafted requests. 漏洞危害 A remote attacker could possibly use this issue to cause Bind to crash, resulting in a denial of service. 解决方案 Refer to Ubuntu…

漏洞类别：Debian 漏洞等级： 漏洞信息 Debian has released security update for bind9 to fix the vulnerabilities. 漏洞危害 A defect in the rendering of messages into packets can cause named to exit with an assertion failure in buffer.c while constructing a response to a query that…

漏洞类别：Fedora 漏洞等级： 漏洞信息 Fedora has released security update for vfrnav to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Fedora has issued updated packages to fix this vulnerability. Upd…

漏洞类别：Fedora 漏洞等级： 漏洞信息 Fedora has released security update for opensslj to fix the vulnerability. Affected OS: Fedora 24 漏洞危害 This vulnerability could be exploited to gain partial access to sensitive information. 解决方案 Fedora has issued updated packages to fix …

漏洞类别：CGI 漏洞等级： 漏洞信息 EMC Documentum Platform: Critical enterprise content management access and control of all your information assets. Documentum is prone to following vulnerabilities : Privilege Escalation (CVE-2014-2506):Authenticated non-privileged users ar…

漏洞类别：Cisco 漏洞等级： 漏洞信息 OpenSSL Software Foundation released 16 OpenSSL vulnerabilities: Fourteen track issues that could result in a denial of service (DoS) condition One (CVE-2016-2183, aka SWEET32) tracks an implementation of a Birthday attack against Transpo…

漏洞类别：Cisco 漏洞等级： 漏洞信息 he Smart Install client feature in Cisco IOS and IOS XE Software contains a vulnerability that could allow an unauthenticated, remote attacker to cause a memory leak and eventual denial of service condition on an affected device. The vuln…

漏洞类别：Cisco 漏洞等级： 漏洞信息 Multiple vulnerabilities in the multicast subsystem of Cisco IOS and IOS XE Software could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition. The issues are in IPv4 Multicast Source Discovery Protocol…