漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for tomcat to fix the vulnerability. Affected OS: Fedora 24 Fedora 25 漏洞危害 This vulnerability could be exploited to gain partial access to sensitive information. 解决方案 Fedora has issued updated packages…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for ansible to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 Successful exploitation of the vulnerability allows arbitrary code execution. 解决方案 Fedora has issued updated packages to fix this vulne…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for java-1.8.0-openjdk to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Fedora has issued updated packages to fix this vulner…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for kernel to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 Successful exploitation of the vulnerability allows local users to read or write to kernel memory locations in the first megabyte. 解决方案 …
漏洞类别:RedHat 漏洞等级: 漏洞信息 The JBoss Enterprise Application Platform (or JBoss EAP) is a subscription-based/open-source Java EE-based application server runtime platform used for building, deploying, and hosting highly-transactional Java applications and services.…
漏洞类别:CGI 漏洞等级: 漏洞信息 Joomla! is a free and open-source content management system written in PHP. It uses object oriented programming techniques and is built on a model-view-controller web application framework. It includes features such as page caching, RSS fee…
漏洞类别:CGI 漏洞等级: 漏洞信息 JIRA is a proprietary issue tracking product, developed by Atlassian. It provides bug tracking, issue tracking, and project management functions. JIRA 6.4.x reached end of life on March 17th, 2017 and is no longer be supported by Atlassian.…
漏洞类别:CGI 漏洞等级: 漏洞信息 JIRA is a proprietary issue tracking product, developed by Atlassian. It provides bug tracking, issue tracking, and project management functions. The vulnerability exists because of incorrect implementation of a XML parser and deserializer …
漏洞类别:OEL 漏洞等级: 漏洞信息 Oracle Enterprise Linux has released security update for nss to fix the vulnerabilities. Affected Products: Oracle Linux 5 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 To resolve this issue, upgrade to the lat…
漏洞类别:Information gathering 漏洞等级: 漏洞信息 A redirect from a HTTPS connection to HTTP was detected. Communications sent over HTTP are not encrypted and its is recommended to use HTTPS instead as it is more secure. 漏洞危害 解决方案 0day
漏洞类别:Information gathering 漏洞等级: 漏洞信息 Cisco Identity Services Engine (ISE) is a network administration product that enables the creation and enforcement of security and access policies for endpoint devices connected to the company's routers and switches. The r…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for collectd to fix the vulnerability. Affected OS: Fedora 25 漏洞危害 This vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availability. 解决方案 F…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for collectd to fix the vulnerability. Affected OS: Fedora 24 漏洞危害 This vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availability. 解决方案 F…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for tigervnc to fix the vulnerability. Affected OS: Fedora 24 漏洞危害 This vulnerability can also be used to cause a limited denial of service in the form of interruptions in resource availability. 解决方案 F…
漏洞类别:Fedora 漏洞等级: 漏洞信息 Fedora has released security update for dovecot to fix the vulnerability. Affected OS: Fedora 24 Fedora 25 漏洞危害 Successful exploitation of the vulnerability allows denial of service attacks. 解决方案 Fedora has issued updated packages to fix…
漏洞类别:Hardware 漏洞等级: 漏洞信息 A privilege escalation vulnerability resides in Intel Active Management Technology (AMT), Intel Standard Manageability (ISM), and Intel Small Business Technology, which may allow an unprivileged attacker to gain control of the manageab…
漏洞类别:Windows 漏洞等级: 漏洞信息 ERRATICGOPHER is an exploit from the recent Shadow Brokers leak. This zero day exploit is remotely exploitable on systems running SMBv1. This information comes from the Shadow Brokers' "Equation Group" data dump. This Zero Day is active…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for ghostscript to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for mysql to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 漏洞危害 This vulnerability can be used to cause a limited den…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for minicom to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Server 11-SP4 漏洞危害 This vulnerability could be exploited to gain partial access to sensitive information. Malicious users co…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for kvm to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Server 11-SP4 漏洞危害 This vulnerability can also be used to cause a limited denial of service in the form of interruptions in reso…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that Ghostscript improperly handled parameters to the rsdparams and eqproc commands. A use-after-free vulnerability in the color management module of Ghostscript. A divide-by-zero error in the scan conversion code in Gh…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 An integer overflow in the xsltAddTextString() function in Libxslt. It was discovered that Libxslt mishandled namespace nodes. A use-after-error existed in the xsltDocumentFunctionLoadDocument() function in Libxslt. A type confusion erro…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that the DES and Triple DES ciphers were vulnerable to birthday attacks. It was discovered that NSS incorrectly handled Base64 decoding. This update refreshes the NSS package to version 3.28.4 which includes the latest …
CVE
CVE-2017-3302 Ubuntu Security Notification for Mysql-5.5, Mysql-5.7 Vulnerabilities (USN-3269-1)
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 Multiple security issues were discovered in MySQL and this update includes new upstream MySQL versions to fix these issues. MySQL has been updated to 5.5.55 in Ubuntu 14.04 LTS. Ubuntu 16.04 LTS, Ubuntu 16.10 and Ubuntu 17.04 have been u…