漏洞类别：Cisco 漏洞等级： 漏洞信息 A vulnerability in the implementation of 802.11v Basic Service Set (BSS) Transition Management functionality in Cisco Wireless LAN Controllers could allow an unauthenticated, adjacent attacker to cause an affected device to reload unexpec…

漏洞类别：Local 漏洞等级： 漏洞信息 Apache Struts is an open-source Model-View-Controller (MVC) framework for creating elegant, modern Java web applications. The REST Plugin is using an outdated JSON-lib library which is vulnerable and allow perform a DoS attack using malic…

漏洞类别：Local 漏洞等级： 漏洞信息 PostgreSQL, often simply Postgres, is an object-relational database management system (ORDBMS). Following vulnerabilities are fixed: CVE-2017-15099: INSERT ... ON CONFLICT DO UPDATE fails to enforce SELECT privileges Affected Versions: Po…

漏洞类别：Local 漏洞等级： 漏洞信息 PostgreSQL, often simply Postgres, is an object-relational database management system (ORDBMS). Following vulnerabilities are fixed: CVE-2017-15098: Memory disclosure in JSON functions Affected Versions: PostgreSQL 10.x before 10.1, 9.6.x…

漏洞类别：Local 漏洞等级： 漏洞信息 PostgreSQL, often simply Postgres, is an object-relational database management system (ORDBMS). Following vulnerabilities are fixed: CVE-2017-12172: Start scripts permit database administrator to modify root-owned files Affected Versions:…

漏洞类别：CGI 漏洞等级： 漏洞信息 Interspire Email Marketer is an email marketing software that allows you to create, send and track email marketing. The function that checks whether the user is already logged in the init.php source file allows remote attackers to bypass au…

漏洞类别：CGI 漏洞等级： 漏洞信息 CMS Made Simple is an Open Source Content Management System. It is built using PHP and the Smarty Engine, which keeps content, functionality, and templates separated. The vulnerability exists because the template engine implemented in CMSMS…

漏洞类别：RedHat 漏洞等级： 漏洞信息 JBoss Web is the web container, based on Apache Tomcat, in Red Hat JBoss Enterprise Application Platform. A flaw was found in the way the DiskFileItem class handled NULL characters in file names. A remote attacker able to supply a serial…

漏洞类别：RedHat 漏洞等级： 漏洞信息 Mozilla Firefox is an open source web browser. A privacy flaw was discovered in Firefox. In Private Browsing mode, a web worker could write persistent data to IndexedDB, which was not cleared when exiting and would persist across multipl…

漏洞类别：RedHat 漏洞等级： 漏洞信息 The System Security Services Daemon (SSSD) service provides a set of daemons to manage access to remote directories and authentication mechanisms. It was found that sssd's sysdb_search_user_by_upn_res() function did not sanitize requests…

漏洞类别：Cisco 漏洞等级： 漏洞信息 A vulnerability in the Simple Network Management Protocol (SNMP) subsystem of Cisco Wireless LAN Controllers could allow an authenticated, remote attacker to cause an affected device to restart, resulting in a denial of service condition.…

漏洞类别：Cisco 漏洞等级： 漏洞信息 A vulnerability in the email message filtering feature of Cisco AsyncOS Software for the Cisco Email Security Appliance could allow an unauthenticated, remote attacker to cause an affected device to run out of memory and stop scanning and…

漏洞类别：Cisco 漏洞等级： 漏洞信息 A vulnerability in the Cisco Email Security Appliance (ESA) could allow an unauthenticated, remote attacker to conduct a HTTP response splitting attack. The vulnerability is due to the failure of the application or its environment to prop…

漏洞类别：Local 漏洞等级： 漏洞信息 The Microsoft Malware Protection Engine is a part of several Microsoft antimalware products. A remote code execution vulnerability exists when the Microsoft Malware Protection Engine does not properly scan a specially crafted file, leadin…

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 It was discovered that the firmware for several Intel WLAN devices incorrectly handled WPA2 in relation to Wake on WLAN. 漏洞危害 A remote attacker could use this issue with key reinstallation attacks to obtain sensitive information. (CVE-20…

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 It was discovered that libxml2 incorrecty handled certain parameter entities. 漏洞危害 An attacker could use this issue with specially constructed XML data to cause libxml2 to consume resources, leading to a denial of service. 解决方案 Refer to …

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 It was discovered that Evince incorrectly handled printing certain DVI files. 漏洞危害 If a user were tricked into opening and printing a specially-named DVI file, an attacker could use this issue to execute arbitrary code. 解决方案 Refer to Ubu…

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 Multiple security issues were discovered in Thunderbird. 漏洞危害 If a user were tricked in to opening a specially crafted website in a browsing-like context, an attacker could potentially exploit these to bypass same-origin restrictions, ca…

漏洞类别：CGI 漏洞等级： 漏洞信息 Splunk Enterprise captures, indexes and correlates real-time data in a searchable repository from which it can generate graphs, reports, alerts, dashboards, and visualizations. Splunk Enterprise is affected by multiple SAML vulnerabilities:…

漏洞类别：RedHat 漏洞等级： 漏洞信息 Liblouis is an open source braille translator and back-translator named in honor of Louis Braille. A missing fix for one stack-based buffer overflow in findTable() for CVE-2014-8184 was discovered. An attacker could cause denial of servi…

漏洞类别：SUSE 漏洞等级： 漏洞信息 SUSE has released security update for the linux kernel to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 漏洞危害 This …

漏洞类别：SUSE 漏洞等级： 漏洞信息 SUSE has released security update for the linux kernel to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP3 SUSE Linux Enterprise Server 12-SP3 SUSE Linux Enterprise Desktop 12-SP3 漏洞危害 This …

漏洞类别：SUSE 漏洞等级： 漏洞信息 SUSE has released security update for shibboleth-sp to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP3 SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server 12-…

漏洞类别：SUSE 漏洞等级： 漏洞信息 SUSE has released security update for libxcursor to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP3 SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server 12-SP3…

漏洞类别：SUSE 漏洞等级： 漏洞信息 SUSE has released security update for mozillafirefox to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP3 SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server 12…