漏洞类别：Amazon Linux 漏洞等级： 漏洞信息 Use-after-free in processing SMB1 requests A use-after-free flaw was found in the way samba servers handled certain SMB1 requests. An unauthenticated attacker could send specially-crafted SMB1 requests to cause the server to crash …

漏洞类别：Amazon Linux 漏洞等级： 漏洞信息 Use-after-free in receive_msg function via vectors involving BDAT commands The receive_msg function in receive.c in the SMTP daemon in Exim 4.88 and 4.89 allows remote attackers to execute arbitrary code or cause a denial of servic…

漏洞类别：Local 漏洞等级： 漏洞信息 A potential security vulnerability has been identified with certain versions of Synaptics touchpad drivers that impacts all Synaptics OEM partners. An attacker would need administrative privileges in order to take advantage of the vulnera…

漏洞类别：SUSE 漏洞等级： 漏洞信息 SUSE has released security update for evince to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP3 SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server 12-SP3 SUS…

漏洞类别：SUSE 漏洞等级： 漏洞信息 SUSE has released security update for java-1_8_0-ibm to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP3 SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server 12…

漏洞类别：CGI 漏洞等级： 漏洞信息 Advantech/BroadWin WebAccess is a web-based application for human-machine interfaces (HMI), and supervisory control and data acquisition (SCADA). Advantech/BroadWin WebAccess is exposed to multiple vulnerabilities that can cause Cross-site …

漏洞类别：SUSE 漏洞等级： 漏洞信息 SUSE has released security update for the linux kernel to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP3 SUSE Linux Enterprise Server 12-SP3 SUSE Linux Enterprise Desktop 12-SP3 漏洞危害 This …

漏洞类别：SUSE 漏洞等级： 漏洞信息 SUSE has released security update for libraw to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP3 SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Desktop 12-SP3 SU…

漏洞类别：SUSE 漏洞等级： 漏洞信息 SUSE has released security update for postgresql96 to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP3 SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server 12-S…

漏洞类别：Cisco 漏洞等级： 漏洞信息 A vulnerability in the TLS protocol implementation of legacy Cisco ASA devices could allow an unauthenticated, remote attacker to access sensitive information. The vulnerability is due to improper implementation of countermeasures against…

漏洞类别：Local 漏洞等级： 漏洞信息 FortiClient is a comprehensive endpoint security solution. An Information Disclosure vulnerability has been identified in FortiClient which reveals VPN credentials. Affected Versions: FortiClient version 5.6.0 and earlier QID Detection Lo…

漏洞类别：Security Policy 漏洞等级： 漏洞信息 A vulnerability in the TLS protocol implementation on the crypto hardware SSL Software Development Kit (SDK) could allow an unauthenticated, remote attacker to access sensitive information. The vulnerability is due to improper i…

漏洞类别：Local 漏洞等级： 漏洞信息 Trend Micro Mobile Security is an essential component of Trend Micro complete user protection solution that gives you full visibility and control of mobile devices, apps, and data through a single built-in console. It strikes the right ba…

漏洞类别：Local 漏洞等级： 漏洞信息 IBM MQ is a message oriented middleware that allows independent and non-concurrent applications on a distributed system to communicate with each other. IBM MQ is vulnerable to Cross Site Scripting (XSS). Affected Versions: IBM MQ versions…

漏洞类别：CGI 漏洞等级： 漏洞信息 Splunk Enterprise captures, indexes and correlates real-time data in a searchable repository from which it can generate graphs, reports, alerts, dashboards and visualizations. Splunk Enterprise is affected by multiple cross site scripting v…

漏洞类别：CGI 漏洞等级： 漏洞信息 Apache Sling is a web framework that uses a Java Content Repository, such as Apache Jackrabbit, to store and manage content. A vulnerability in the 'org.apache.sling.auth.core.AuthUtil#isRedirectValid' method in Apache Sling Authentication …

漏洞类别：VMware 漏洞等级： 漏洞信息 The vCenter Server Appliance is a preconfigured Linux virtual machine, which is optimized for running VMware vCenter Server and the associated services on Linux. The target is missing Update 1d, which corrects the following security issu…

漏洞类别：VMware 漏洞等级： 漏洞信息 VMware ESXi is an enterprise level computer virtualization product. A vulnerability was reported in VMware ESXi. The ESXi Host Client contains a vulnerability that may allow for stored cross-site scripting (XSS). Exploiting the vulnerabi…

漏洞类别：VMware 漏洞等级： 漏洞信息 VMware ESXi is an enterprise level computer virtualization product. VMware ESXi contain a vulnerability that could allow an authenticated VNC session to cause a stack overflow via a specific set of VNC packets (CVE-2017-4941). The ESXi H…

漏洞类别：Local 漏洞等级： 漏洞信息 IBM WebSphere Portal is a solution for delivering web content and applications in an integrated, differentiated and personalized web experience. IBM has addressed multiple unspecified vulnerabilities related to IBM SDK Java that affects W…

漏洞类别：Local 漏洞等级： 漏洞信息 IBM WebSphere Application Server is designed to facilitate the creation of various enterprise Web applications. IBM WebSphere Application Server is affected by multiple vulnerabilities in IBM Java SDK . Affected Versions: IBM WebSphere Ap…

漏洞类别：Local 漏洞等级： 漏洞信息 IBM Tivoli Monitoring automates monitoring of essential system resources to detect bottlenecks and potential problems. There are several vulnerabilities in IBM SDK Java Technology Edition that is shipped as part of multiple IBM Tivoli Mon…

漏洞类别：Local 漏洞等级： 漏洞信息 Qsync is a cloud-based file synchronization service empowered by QNAP NAS. Simply add files to your local Qsync folder, and they will be available on your NAS and all its connected devices. One DLL Hijacking vulnerability was recently fou…

漏洞类别：Fedora 漏洞等级： 漏洞信息 Fedora has released security update for poppler to fix the vulnerability. Affected OS: Fedora 26 漏洞危害 This vulnerability could be exploited to gain partial access to sensitive information. Malicious users could also use this vulnerabilit…

漏洞类别：Fedora 漏洞等级： 漏洞信息 Fedora has released security update for perl-net-ping-external to fix the vulnerability. Affected OS: Fedora 25 Fedora 26 漏洞危害 This vulnerability could be exploited to gain complete access to sensitive information. Malicious users could …