漏洞类别:Local 漏洞等级: 漏洞信息 Adobe Reader and Acrobat are applications for handling PDF files. They are prone to multiple vulnerabilities that could potentially allow an attacker to take control of an affected system. Affected Software: Acrobat DC Continuous 2017.009…
CVE
CVE-2017-6316 Citrix NetScaler SD-WAN and CloudBridge Virtual WAN Management Interface Remote Code Execution Vulnerability
漏洞类别:CGI 漏洞等级: 漏洞信息 NetScaler SD-WAN creates a reliable WAN from diverse network links, including MPLS, broadband, and wireless, continuously measuring and monitoring each link for loss, latency, jitter and congestion. With CloudBridge virtual WAN, users can c…
漏洞类别:Local 漏洞等级: 漏洞信息 IBM WebSphere Application Server is designed to facilitate the creation of various enterprise Web applications. IBM WebSphere Application Server has a insecure file permissions vulnerability resulting in log files to have different permis…
漏洞类别:Local 漏洞等级: 漏洞信息 SecureCRT client provides terminal emulation with the strong encryption, broad range of authentication options, and data integrity for SSH protocol used for secure network administration and end user access. SecureFX provides the strong e…
漏洞类别:Local 漏洞等级: 漏洞信息 Microsoft Skype is an instant messaging app that provides online text message and video chat services. A remote user can create a specially crafted DLL. When the target user installs Skype from the same directory as the specially crafted …
漏洞类别:Local 漏洞等级: 漏洞信息 McAfee Network DLP allows enterprises to enforce policies for information leaving the network through email, webmail, instant messaging (IM), wikis, blogs etc. McAfee Network Data Loss Prevention is prone to several vulnerabilities which …
漏洞类别:VMware 漏洞等级: 漏洞信息 VMware vCenter is the centralized management tool for the vSphere suite. The target is missing Update 3b, which corrects the following security issue: A local user on the host system can exploit an insecure library loading flaw in the LD…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for ncurses to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP3 SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server 12-SP3 SU…
漏洞类别:RedHat 漏洞等级: 漏洞信息 Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. Quick Emulator (QEMU) built with the Network Block Device (NBD) Server support is vulnerable to a crash via a SIGPIPE signal. T…
漏洞类别:RedHat 漏洞等级: 漏洞信息 The kernel packages contain the Linux kernel, the core of any Linux operating system. A use-after-free flaw was found in the Linux kernel which enables a race condition in the L2TPv3 IP Encapsulation feature. A local user could use this …
漏洞类别:RedHat 漏洞等级: 漏洞信息 The kernel packages contain the Linux kernel, the core of any Linux operating system. The NFSv2 and NFSv3 server implementations in the Linux kernel through 4.10.13 lacked certain checks for the end of a buffer. A remote attacker could t…
漏洞类别:RedHat 漏洞等级: 漏洞信息 The kernel packages contain the Linux kernel, the core of any Linux operating system. It was found that reporting emulation failures to user space could lead to either a local (CVE-2014-7842) or a L2->L1 (CVE-2010-5313) denial of serv…
漏洞类别:Local 漏洞等级: 漏洞信息 Hangul (also known as Hangul Word Processor or HWP) is a proprietary word processing application from Hancom Inc.. Hangul has specialized support for Korean language. Hangul Word Processor is prone to a heap-based buffer overflow vulnerab…
漏洞类别:Local 漏洞等级: 漏洞信息 Tableau Server, by Tableau Software, is an online solution for sharing, distributing, and collaborating on content created in Tableau. Shareable. Create workbooks and views, dashboards, and data sources in Tableau Desktop, and then publis…
漏洞类别:General remote services 漏洞等级: 漏洞信息 GitHub is a web-based Git or version control repository and Internet hosting service. There is a bug that resulted in a static value being used as the Ruby on Rails session secret for GitHub Enterprise's management conso…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for librsvg to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP3 SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server 12-SP3 SU…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for libxml2 to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 漏洞危害 This vulnerability could be exploited to gain parti…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for puppet to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Desktop 12-SP3 SUSE Linux Enterprise Desktop 12-SP2 漏洞危害 This vulnerability could be exploited to gain partial access to sens…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for tcmu-runner to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP3 SUSE Linux Enterprise Server 12-SP3 漏洞危害 This vulnerability can be used to cause a limit…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for ncurses to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 漏洞危害 This vulnerability could be exploited to gain parti…
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 Issue Overview: Exploitable memory corruption due to UFO to non-UFO path switch (CVE-2017-1000112 ) heap out-of-bounds in AF_PACKET sockets (CVE-2017-1000111 ) QID Detection Logic: This authenticated QID verifies if the version of …
漏洞类别:RedHat 漏洞等级: 漏洞信息 The kernel packages contain the Linux kernel, the core of any Linux operating system. An use-after-free flaw was found in the Linux kernel which enables a race condition in the L2TPv3 IP Encapsulation feature. A local user could use this…
漏洞类别:RedHat 漏洞等级: 漏洞信息 The gtk-vnc packages provide a VNC viewer widget for GTK. It was found that gtk-vnc lacked proper bounds checking while processing messages using RRE, hextile, or copyrect encodings. A remote malicious VNC server could use this flaw to c…
漏洞类别:RedHat 漏洞等级: 漏洞信息 MariaDB is a multi-user, multi-threaded SQL database server that is binary compatible with MySQL. It was discovered that the mysql and mysqldump tools did not correctly handle database and table names containing newline characters. A dat…
漏洞类别:RedHat 漏洞等级: 漏洞信息 OpenSSH is an SSH protocol implementation supported by a number of Linux, UNIX, and similar operating systems. A covert timing channel flaw was found in the way OpenSSH handled authentication of non-existent users. A remote unauthenticat…