漏洞类别:Local 漏洞等级: 漏洞信息 Adobe ColdFusion is an application for developing Web sites. Adobe has released a security hotfix for ColdFusion versions 11 and 10. This hotfix resolves a vulnerability that could lead to information disclosure. Affected Versions: ColdFu…
漏洞类别:Local 漏洞等级: 漏洞信息 Cisco WebEx Player is used to play recorded meetings in the ".wrf" file format. A remote code execution vulnerability has been identified in Cisco WebEx Player for WRF files. Affected Versions: Cisco WebEx Player for WRF Files version T29…
CVE
VMware Workstation Pro, VMware Workstation Player and VMware Fusion DLL Hijacking Vulnerability (VMSA-2016-0010)漏洞银行丨0DAY BANK
漏洞类别:Local 漏洞等级: 漏洞信息 VMware Workstation is a hosted hypervisor that runs on x64 versions of Windows and Linux operating systems. A DLL hijacking vulnerability is present in the VMware Tools "Shared Folders" (HGFS) feature running on Microsoft Windows. Affecte…
漏洞类别:SUSE 漏洞等级: 漏洞信息 Suse has released security update for tomcat6 to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Server 11-SP4 漏洞危害 This vulnerability could be exploited to gain partial access to sensitive information. Malicious users co…
漏洞类别:SUSE 漏洞等级: 漏洞信息 Suse has released security update for wget to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 漏洞危害 This vulnerability could be exploited to gain partial access to sensiti…
漏洞类别:SUSE 漏洞等级: 漏洞信息 Suse has released security update for mariadb to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Workstation Extension 12-SP1 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP1 SUSE …
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for wireshark to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 漏洞危害 This vulne…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for cracklib to fix the vulnerabilities. Affected Products: SUSE Studio Onsite 1.3 SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Debuginfo …
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for php53 to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Debuginfo 11-SP4 漏洞危害 This vulnerabi…
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 Package updates are available for Amazon Linux that fix the following vulnerabilities: CVE-2016-5636: 1345856: CVE-2016-5636 python: Heap overflow in zipimporter module A vulnerability was discovered in Python, in the built-in zipi…
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 Package updates are available for Amazon Linux that fix the following vulnerabilities: CVE-2015-5343: 1289959: CVE-2015-5343 subversion: (mod_dav_svn) integer overflow when parsing skel-encoded request bodies CVE-2015-3187: It was …
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 Amazon Linux Security Advisory for apache-commons-collections: AL2012-2016-144 漏洞危害 Allows unauthorized disclosure of information; allows unauthorized modification; allows disruption of service. 解决方案 Administrators are advised to a…
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 Package updates are available for Amazon Linux that fix the following vulnerabilities: CVE-2016-3959: 1324343: CVE-2016-3959 golang: infinite loop in several big integer routines. 漏洞危害 Allows unauthorized disclosure of information;…
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 Package updates are available for Amazon Linux that fix the following vulnerabilities: CVE-2016-2518: 1331468: CVE-2016-2518 ntp: out-of-bounds references on crafted packet An out-of-bounds access flaw was found in the way ntpd pro…
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 Package updates are available for Amazon Linux that fix the following vulnerabilities: CVE-2016-4579: 1335396: CVE-2016-4579 libksba: Out-of-bounds read in _ksba_ber_parse_tl CVE-2016-4574: 1334831: CVE-2016-4574 libksba: Incomplet…
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 Package updates are available for Amazon Linux that fix the following vulnerabilities: CVE-2016-5240: 1333417: CVE-2016-5240 ImageMagick: SVG converting issue resulting in DoS CVE-2016-5239: 1334188: CVE-2016-5239 ImageMagick,Graph…
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 Package updates are available for Amazon Linux that fix the following vulnerabilities: CVE-2016-5387: It was discovered that httpd used the value of the Proxy header from HTTP requests to initialize the HTTP_PROXY environment varia…
漏洞类别:Local 漏洞等级: 漏洞信息 SAP NetWeaver is an integrated technology computing platform and is the technical foundation for many SAP applications since the SAP Business Suite. It provides the development and runtime environment for SAP applications and can be used …
漏洞类别:RedHat 漏洞等级: 漏洞信息 Mozilla Thunderbird is a standalone mail and newsgroup client. This update upgrades Thunderbird to version 45.3.0. Security Fix(es): * Multiple flaws were found in the processing of malformed web content. A web page containing malicious …
漏洞类别:RedHat 漏洞等级: 漏洞信息 Red Hat Identity Management (IdM) is a centralized authentication, identity management, and authorization solution for both traditional and cloud-based enterprise environments. Security Fix(es): * An insufficient permission check issue w…
漏洞类别:跨站攻击 漏洞等级: 漏洞详情: 【风险概述】:导致论坛站点用户信息被窃取等风险; 【漏洞描述】:Discuz的helper_mobile.php存在跨站漏洞,攻击者可利用该漏洞窃取论坛站点用户信息。 【影响版本】:全版本 【修复建议】: 修改文件:source/class/helper/helper_mobile.php 找到以下两行: $query_sting_tmp = str_replace(array('&mobile=yes','mobile=yes'), array(''), $…
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 It was discovered that the Python CGIHandler class did not properly protect against the HTTP_PROXY variable name clash in a CGI context. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a Python…
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 A use after free vulnerability was found in tcp_xmit_retransmit_queue and other tcp_* functions. 漏洞危害 Allows unauthorized disclosure of information; allows unauthorized modification; allows disruption of service. 解决方案 Please refer …
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 A heap-based buffer overflow in the parse_packet function in network.c in collectd allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted network packet. 漏洞危害 Allows una…
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 A heap-based buffer overflow in the parse_packet function in network.c in collectd allows remote attackers to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted network packet. 漏洞危害 Allows una…