漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for log4j12 to fix the vulnerability. Affected OS: Fedora 24 Fedora 25 漏洞危害 This vulnerability could be exploited to gain partial access to sensitive information. Malicious users could also use this vu…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for gnutls to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 Successful exploitation of the vulnerability will cause a Denial of Service. 解决方案 Fedora has issued updated packages to fix this vulnera…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for kernel to fix the vulnerability. Affected OS: Fedora 24 漏洞危害 This vulnerability could be exploited to gain complete access to sensitive information. Malicious users could also use this vulnerabilit…
CVE
CVE-2017-7507 漏洞信息:Ubuntu Security Notification for Gnutls26, Gnutls28 Vulnerabilities (USN-3318-1)
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that GnuTLS incorrectly handled decoding a status response TLS extension. It was discovered that GnuTLS incorrectly handled decoding certain OpenPGP certificates. 漏洞危害 A remote attacker could possibly use this issue to …
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that Irssi incorrectly handled certain DCC messages. It was discovered that Irssi incorrectly handled receiving incorrectly quoted DCC files. 漏洞危害 A malicious IRC server could use this issue to cause Irssi to crash, res…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for firefox-esr to fix the vulnerabilities. 漏洞危害 Successful exploitation of the vulnerability may lead to may lead to the execution of arbitrary code, denial of service or domain spoofing. 解决方案 Refer t…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for libosip2 to fix the vulnerabilities. 漏洞危害 This vulnerability could be exploited to gain partial access to sensitive information. Malicious users could also use this vulnerability to change partial …
CVE
CVE-2015-0254 漏洞信息: SUSE Enterprise Linux Security Update for jakarta-taglibs-standard (SUSE-SU-2017:1568-1)
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for jakarta-taglibs-standard to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Server 12-SP2 漏洞危害 This vulnerability could be exploited to gain partial access to sensitive information. M…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for openldap2 to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 漏洞危害 This vulnera…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for mercurial to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 漏洞危害 This vulnerability could be exploited to gain complete access to sensitive informatio…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for libxml2 to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 漏洞危害 This vulnerability could be exploited to gain parti…
漏洞类别:OEL 漏洞等级: 漏洞信息 Oracle Enterprise Linux has released security update for firefox to fix the vulnerabilities. Affected Products: Oracle Linux 7 Oracle Linux 6 漏洞危害 Successful exploitation of the vulnerability may lead to may lead to the execution of arbitra…
漏洞类别:OEL 漏洞等级: 漏洞信息 Oracle Enterprise Linux has released security update for qemu-kvm to fix the vulnerabilities. Affected Products: Oracle Linux 7 漏洞危害 This vulnerability can also be used to cause a limited denial of service in the form of interruptions in re…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for perltidy to fix the vulnerability. Affected OS: Fedora 24 Fedora 25 漏洞危害 Malicious users could use this vulnerability to change partial contents or configuration on the system. 解决方案 Fedora has issu…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for systemd to fix the vulnerability. Affected OS: Fedora 24 漏洞危害 This vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availability. 解决方案 Fe…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for mingw-poppler to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 This vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availability. 解…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for mingw-poppler to fix the vulnerability. Affected OS: Fedora 24 漏洞危害 This vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availability. 解…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for libsndfile to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 This vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availability. 解决方案…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for picocom to fix the vulnerability. Affected OS: Fedora 24 漏洞危害 This vulnerability could be exploited to gain complete access to sensitive information. Malicious users could also use this vulnerabili…
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 A flaw was found in the way sudo parsed tty information from the process status file in the proc filesystem. A local user with privileges to execute commands via sudo could use this flaw to escalate their privileges to root. (CVE-2…
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 Escape out of git-shell A flaw was found in the way git-shell handled command-line options for the restricted set of git-shell commands. A remote authenticated attacker could use this flaw to bypass git-shell restrictions, to view …
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 It was found that due to the way rpcbind uses libtirpc (libntirpc), a memory leak can occur when parsing specially crafted XDR messages. An attacker sending thousands of messages to rpcbind could cause its memory usage to grow with…
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 Memory leak when failing to parse XDR strings or bytearrays It was found that due to the way rpcbind uses libtirpc (libntirpc), a memory leak can occur when parsing specially crafted XDR messages. An attacker sending thousands of m…
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 Selectivity estimators bypass SELECT privilege checks It was found that some selectivity estimation functions did not check user privileges before providing information from pg_statistic, possibly leaking information. An unprivileg…
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 It was found that ghostscript did not properly validate the parameters passed to the .rsdparams and .eqproc functions. During its execution, a specially crafted PostScript document could execute code in the context of the ghostscri…