漏洞类别：CGI 漏洞等级： 漏洞信息 Jira is a proprietary issue tracking product, developed by Atlassian. It provides bug tracking, issue tracking, and project management functions. Atlassian JIRA Server is prone to a cross-site request-forgery vulnerability in auditing/setti…

漏洞类别：Security Policy 漏洞等级： 漏洞信息 Jenkins is an open source automation server written in Java. Support for Jenkins 1.x ended on 2016-07-07. No further bug fixes, enhancements, security updates or technical support is available for this version. QID Detection Log…

漏洞类别：Local 漏洞等级： 漏洞信息 Safari is a Web-browser developed by Apple which is based on the WebKit engine. Visiting a malicious website may lead to address bar spoofing [CVE-2017-13790, CVE-2017-13789]. Processing maliciously crafted web content may lead to arbitra…

漏洞类别：Database 漏洞等级： 漏洞信息 MongoDB is an open source database project, which is available for a number of operating systems, including Microsoft Windows and Linux. We have obtained a list of MongoDB users along with their passwords and/or password hashes. This i…

漏洞类别：Security Policy 漏洞等级： 漏洞信息 MongoDB authentication was enabled but it was not performed for this particular host because the host's IP address is not included in any MongoDB authentication records. 漏洞危害 Vulnerabilities that require MongoDB authentication m…

漏洞类别：Security Policy 漏洞等级： 漏洞信息 MongoDB authentication was enabled during the scan but login attempts failed for this type of the MongoDB authentication record. The authentication credentials include: 1) User name 2) Password or reference to a Vault authentica…

漏洞类别：Database 漏洞等级： 漏洞信息 The result section displays the MongoDB Database Server version. 漏洞危害 解决方案 0daybank

漏洞类别：Database 漏洞等级： 漏洞信息 MongoDB authentication was performed. The Result section in your detailed results shows the credentials used for authentication. Authentication credentials include a user name, password, and database name on the host. 漏洞危害 解决方案 0dayban…

漏洞类别：CGI 漏洞等级： 漏洞信息 Oracle Identity Manager (OIM) enables enterprises to manage the entire user life-cycle across all enterprise resources both within and beyond a firewall. Vulnerability exists in the Oracle Identity Manager component of Oracle Fusion Middlew…

漏洞类别：Information gathering 漏洞等级： 漏洞信息 Java Development Kit/Java Runtime Environment 1.8 installed on the target machine. 漏洞危害 解决方案 0daybank

漏洞类别：Local 漏洞等级： 漏洞信息 iCloud is a cloud storage and cloud computing service from Apple Inc. WebKit in Apple iCloud for Windows is prone to multiple memory corruption vulnerabilities which may lead to arbitrary code execution. Affected Versions: Apple iCloud pr…

漏洞类别：RedHat 漏洞等级： 漏洞信息 Django is a high-level Python Web framework that encourages rapid development and a clean, pragmatic design. A redirect flaw, where the is_safe_url() function did not correctly sanitize numeric-URL user input, was found in python-django.…

漏洞类别：SUSE 漏洞等级： 漏洞信息 SUSE has released security update for apache2 to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 漏洞危害 This vulnerability could be exploited to gain compl…

漏洞类别：Local 漏洞等级： 漏洞信息 iTunes is a digital media player application for Mac OS and Windows developed by Apple. Multiple vulnerabilities were reported in Apple iTunes for Windows. A remote user can cause arbitrary code to be executed on the target user's system.…

漏洞类别：CGI 漏洞等级： 漏洞信息 SAP NetWeaver Application Server (AS) or SAP Web Application Server is a component of the solution which works as a web application server to SAP solutions. SAP NetWeaver AS JAVA 7.3 is affected by a Cross-Site Scripting vulnerability in th…

漏洞类别：CGI 漏洞等级： 漏洞信息 SAP NetWeaver Application Server (AS) or SAP Web Application Server is a component of the solution which works as a web application server to SAP solutions. SAP NetWeaver AS JAVA 7.4 is affected by a Cross-Site Scripting vulnerability in th…

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 It was discovered that Quagga incorrectly handled certain BGP UPDATE messages. It was discovered that Quagga incorrectly handled memory in the telnet vty CLI. 漏洞危害 A remote attacker could possibly use this issue to cause Quagga to crash,…

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 It was discovered a heap-based buffer overflow in the tipc_msg_build() function in the Linux kernel. It was discovered that a race condition existed in the timerfd subsystem of the Linux kernel when handling might_cancel queuing. It was …

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 It was discovered that the KVM subsystem in the Linux kernel did not properly bound guest IRQs. It was discovered that the Flash-Friendly File System (f2fs) implementation in the Linux kernel did not properly validate superblock metadata…

漏洞类别：Ubuntu 漏洞等级： 漏洞信息 It was discovered that Poppler incorrectly handled certain files. 漏洞危害 If a user or automated system were tricked into opening a crafted PDF file, an attacker could cause a denial of service. 解决方案 Refer to Ubuntu advisory USN-3467-1 for …

漏洞类别：Information gathering 漏洞等级： 漏洞信息 Java Development Kit/Java Runtime Environment 1.9 installed on the target machine. 漏洞危害 解决方案 0daybank

漏洞类别：RedHat 漏洞等级： 漏洞信息 Liblouis is an open source braille translator and back-translator named in honor of Louis Braille. Multiple flaws were found in the processing of translation tables in liblouis. An attacker could crash or potentially execute arbitrary co…

漏洞类别：Local 漏洞等级： 漏洞信息 iTunes is a digital media player application for Mac OS and Windows developed by Apple. An access control issue was addressed by restricting access to iOS backups to iTunes. Affected Versions: Apple iTunes prior to 12.7 Available for OS X…

漏洞类别：Cisco 漏洞等级： 漏洞信息 A vulnerability in the UDP processing code of Cisco IOS and Cisco IOS XE Software could allow an unauthenticated, remote attacker to cause the input queue of an affected system to hold UDP packets, causing an interface queue wedge and a d…

漏洞类别：Local 漏洞等级： 漏洞信息 Apache Struts is an open-source Model-View-Controller (MVC) framework for creating elegant, modern Java web applications. A RCE attack is possible when developer is using wrong construction in Freemarker tags (CVE-2017-12611). Affected so…