漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for libquicktime to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP3 SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server 12-S…
漏洞类别:Web server 漏洞等级: 漏洞信息 Boa is a single-tasking, high-performance Web server for Unix-based systems. The vulnerability allows the injection of "../.." using the FILECAMERA variable sent by GET to read files with root privileges. Affected version: BOA Webser…
CVE
CVE-2017-6664 Cisco IOS XE Autonomic Networking Infrastructure Certificate Revocation Vulnerability (cisco-sa-20170726-anicrl)
漏洞类别:Cisco 漏洞等级: 漏洞信息 A vulnerability in the Autonomic Networking feature of Cisco IOS XE Software could allow an unauthenticated, remote, autonomic node to access the Autonomic Networking infrastructure of an affected system, after the certificate for the aut…
CVE
CVE-2017-6665 Cisco IOS and IOS XE Autonomic Control Plane Channel Information Disclosure Vulnerability(cisco-sa-20170726-aniacp)
漏洞类别:Cisco 漏洞等级: 漏洞信息 A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to reset the Autonomic Control Plane (ACP) of an affected system and view ACP packets th…
CVE
CVE-2017-66634 Cisco IOS and IOS XE Autonomic Networking Infrastructure Denial of Service Vulnerability (cisco-sa-20170726-anidos)
漏洞类别:Cisco 漏洞等级: 漏洞信息 A vulnerability in the Autonomic Networking feature of Cisco IOS Software and Cisco IOS XE Software could allow an unauthenticated, adjacent attacker to cause autonomic nodes of an affected system to reload, resulting in a denial of servi…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for qemu to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 This vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availability. 解决方案 Fedor…
漏洞类别:Local 漏洞等级: 漏洞信息 IBM WebSphere Application Server is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts.. There is a potential cross-site req…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for heimdal to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 This vulnerability could be exploited to gain partial access to sensitive information. Malicious users could also use this vulnerabilit…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for kernel to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 This vulnerability could be exploited to gain complete access to sensitive information. Malicious users could also use this vulnerabilit…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that the Linux kernel did not properly initialize a Wake- on-Lan data structure. A race condition in the Advanced Linux Sound Architecture (ALSA) subsystem in the Linux kernel. It was discovered that the DRM driver for …
漏洞类别:Web server 漏洞等级: 漏洞信息 Apache HTTP Server is an HTTP web server application. Apache HTTP Server is exposed to following vulnerabilities: - Apache HTTP Request Parsing Whitespace Defects (CVE-2016-8743). - HTTP/2 CONTINUATION denial of service (CVE-2016-874…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that the Apache HTTP Server mod_auth_digest module incorrectly cleared values when processing certain requests. 漏洞危害 A remote attacker could use this issue to cause the server to crash, resulting in a denial or service,…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for libreoffice to fix the vulnerabilities. Affected Products: openSUSE Leap 42.2 漏洞危害 This vulnerability could be exploited to gain partial access to sensitive information. Malicious users could also use …
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for systemd to fix the vulnerabilities. Affected Products: openSUSE Leap 42.2 漏洞危害 This vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availabi…
漏洞类别:RedHat 漏洞等级: 漏洞信息 Graphite2 is a project within SIL's Non-Roman Script Initiative and Language Software Development groups to provide rendering capabilities for complex non-Roman writing systems. Various vulnerabilities have been discovered in Graphite2. …
漏洞类别:RedHat 漏洞等级: 漏洞信息 The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. It was discovered that the DCG implementation in the RMI component of OpenJDK failed to correctly handle refe…
漏洞类别:Local 漏洞等级: 漏洞信息 The auth_password function in auth-passwd.c in sshd in OpenSSH before 7.3 does not limit password lengths for password authentication, which allows remote attackers to cause a denial of service (crypt CPU consumption) via a long string. A…
漏洞类别:Local 漏洞等级: 漏洞信息 Certain values in a TLS abbreviated handshake when using a client SSL profile with the Session Ticket option enabled may cause disruption of service to the Traffic Management Microkernel (TMM). The Session Ticket option is disabled by def…
漏洞类别:Local 漏洞等级: 漏洞信息 Safari is a Web-browser developed by Apple which is based on the WebKit engine. The update addresses multiple vulnerabilities affecting WebKit and Safari for OS X Yosemite, El Capitan and macOS Sierra. 漏洞危害 Successful exploitation of the …
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 Security Fix(es): A flaw was found in the way BIND handled TSIG authentication for dynamic updates. A remote attacker able to communicate with an authoritative BIND server could use this flaw to manipulate the contents of a zone, b…
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 The c-ares function `ares_parse_naptr_reply()`, which is used for parsing NAPTR responses, could be triggered to read memory outside of the given input buffer if the passed in DNS response packet was crafted in a particular way. ( …
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for apport to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Server 11-SP4 漏洞危害 This vulnerability could be exploited to gain complete access to sensitive information. Malicious users co…
CVE
CVE-2016-9262 2017-07-26 21:16:34 SUSE Enterprise Linux Security Update for jasper (SUSE-SU-2017:1916-1)
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for jasper to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 漏洞危害 This vulnerabil…
漏洞类别:RedHat 漏洞等级: 漏洞信息 The jboss-ec2-eap packages provide scripts for Red Hat JBoss Enterprise Application Platform running on the Amazon Web Services (AWS) Elastic Compute Cloud (EC2). It was found that the log file viewer in Red Hat JBoss Enterprise Applicat…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that libiberty incorrectly handled certain string operations. It was discovered that libiberty incorrectly handled parsing certain binaries. It was discovered that libiberty incorrectly handled parsing certain binaries.…