漏洞类别:RedHat 漏洞等级: 漏洞信息 Chromium is an open-source web browser, powered by WebKit (Blink). A flaw was found in the processing of malformed web content. A web page containing malicious content could cause Chromium to crash, execute arbitrary code, or disclose se…
漏洞类别:RedHat 漏洞等级: 漏洞信息 IBM Java SE version 7 Release 1 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit…
漏洞类别:RedHat 漏洞等级: 漏洞信息 IBM Java SE version 8 includes the IBM Java Runtime Environment and the IBM Java Software Development Kit. This update fixes multiple vulnerabilities in the IBM Java Runtime Environment and the IBM Java Software Development Kit. Further …
漏洞类别:CGI 漏洞等级: 漏洞信息 Pexip Infinity is a video communications software that can be deployed on infrastructure of organizations in public, private or hybrid cloud environments. Pexip Infinity is vulnerable to input validation failure vulnerabilities in multiple …
漏洞类别:OEL 漏洞等级: 漏洞信息 Oracle Enterprise Linux has released security update for jasper to fix the vulnerabilities. Affected Products: Oracle Linux 7 Oracle Linux 6 漏洞危害 This vulnerability could be exploited to gain partial access to sensitive information. Malicio…
漏洞列表
Security Policy 2017-05-15 22:28:08 EOL/Obsolete Software: Cisco ASA Software Version 9.5 Detected
漏洞类别:Security Policy 漏洞等级: 漏洞信息 An obsolete version of Cisco ASA was detected on the host. Support for Cisco ASA version 9.5 ended on May 3, 2017. No further releases or security fixes will be available for Cisco ASA version 9.5. QID Detection Logic (Authentic…
漏洞类别:Web Application 漏洞等级: 漏洞信息 The logout links discovered by the Web Application Scanning engine are provided in the Results section. These links were present on the target Web Application, but were not crawled. Crawling these links will terminate the active…
漏洞类别:Backdoors and trojan horses 漏洞等级: 漏洞信息 WannaCrypt/WannaCry/Wanna Decryptor is a ransomware worm that is reportedly spreading by exploiting a flaw in SMB. It is said to exploit the SMB vulnerability. The spreading mechanism is said to be designed on the ET…
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 Infinite recursion in ahash.c by triggering EBUSY on a full queue: A vulnerability was found in crypto/ahash.c in the Linux kernel which allows attackers to cause a denial of service (API operation calling its own callback, and inf…
漏洞列表
CVE-2017-3509 2017-05-12 09:42:13 Amazon Linux Security Advisory for java-1.8.0-openjdk: ALAS-2017-827
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 Improper re-use of NTLM authenticated connections (Networking, 8163520): It was discovered that the HTTP client implementation in the Networking component of OpenJDK could cache and re-use an NTLM authenticated connection in a diff…
漏洞类别:Security Policy 漏洞等级: 漏洞信息 Support for Windows 10 Version 1507 (Build 10240) ended on May 9th, 2017. Microsoft will no longer release security patches and quality updates. Refer to Windows 10 version 1507 will no longer receive security updates for more i…
漏洞类别:Local 漏洞等级: 漏洞信息 Adobe Flash Player is a Cross-platform plugin plays animations, videos and sound files in .SWF format. These vulnerabilities that could potentially allow an attacker to take control of the affected system. ( CVE-2017-3068, CVE-2017-3069, …
CVE
CVE-2017-0254 Microsoft Office and Microsoft Office Services and Web Apps Security Update May 2017
漏洞类别:Office Application 漏洞等级: 漏洞信息 Microsoft releases security updates on May 2017 to fix following vulnerabilities: - Microsoft Office Memory Corruption Vulnerability (CVE-2017-0254). - Microsoft SharePoint XSS Vulnerability (CVE-2017-02545). - Microsoft Offi…
漏洞类别:Internet Explorer 漏洞等级: 漏洞信息 Internet Explorer is a web-browser developed by Microsoft which is included in Microsoft Windows Operating Systems. Microsoft has released Cumulative Security Updates for Internet Explorer which addresses various vulnerabiliti…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for libosip2 to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Desktop 12-SP2 …
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for the linux kernel to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 漏洞危害 This …
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for audiofile to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 漏洞危害 This vulnerability could be exploited to gain par…
CVE
CVE-2016-1950 SUSE Enterprise Linux Security Update for MozillaFirefox, mozilla-nss, mozilla-nspr (SUSE-SU-2017:1175-1)
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for mozillafirefox, mozilla-nss, mozilla-nspr to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 漏洞危害 This vulnerabilit…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for wireshark to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 漏洞危害 This vulnerability can be used to cause a complet…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for ghostscript to fix the vulnerabilities. 漏洞危害 This vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availability. 解决方案 Refer to Debian sec…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for tiff to fix the vulnerabilities. 漏洞危害 This vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availability. 解决方案 Refer to Debian security a…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for tomcat7 to fix the vulnerabilities. 漏洞危害 This vulnerability could be exploited to gain partial access to sensitive information. 解决方案 Refer to Debian security advisory DSA 3842-1 to address this iss…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for libxstream-java to fix the vulnerabilities. 漏洞危害 Successful exploitation of the vulnerability may allow attackers to cause Denial of Service attacks. 解决方案 Refer to Debian security advisory DSA 3841…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for mysql-connector-java to fix the vulnerabilities. 漏洞危害 This vulnerability could be exploited to gain partial access to sensitive information. Malicious users could also use this vulnerability to cha…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for freetype to fix the vulnerabilities. 漏洞危害 This vulnerability could be exploited to gain partial access to sensitive information. Malicious users could also use this vulnerability to change partial …