漏洞类别：SUSE 漏洞等级： 漏洞信息 Suse has released security update for ntp to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Server 11-SP4 漏洞危害 This vulnerability could be exploited to cause Denial of Service. 解决方案 Upgrade to the latest packages which c…

漏洞类别：SUSE 漏洞等级： 漏洞信息 Suse has released security update for ntp to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP2 SUSE Linux Enterprise Desktop 12-SP1 漏洞危害…

漏洞类别：SUSE 漏洞等级： 漏洞信息 Suse has released security update for tiff to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP2 SUSE …

漏洞类别：SUSE 漏洞等级： 漏洞信息 Suse has released security update for curl to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 SUSE Linux Enterprise Server 11-SECURITY 漏洞危害 This vulnerab…

漏洞类别：Database 漏洞等级： 漏洞信息 IBM DB2 is vulnerable to a privilege escalation due to loading libraries from insecure locations. A local user could place a malicious library in a location that a SETGID or SETUID binary would execute and gain root level access. Affec…

漏洞类别：Database 漏洞等级： 漏洞信息 When a table is renamed and a new table is created with the old name, users who had access on the old table may be able to access the new table. A user may incorrectly acquire privileges on a table if the table is created with the same…

漏洞类别：RedHat 漏洞等级： 漏洞信息 Kernel-based Virtual Machine (KVM) is a full virtualization solution for Linux on a variety of architectures. A heap buffer overflow flaw was found in QEMU's Cirrus CLGD 54xx VGA emulator's VNC display driver support; the issue could occ…

漏洞类别：RedHat 漏洞等级： 漏洞信息 The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. A denial of service flaw was found in the way BIND handled a query response containing CNAME or DNAME resource records in an unusual…

漏洞类别：Local 漏洞等级： 漏洞信息 Java Runtime Environment (JRE) is a platform that supports the execution of programs that are developed using the Java programming language. The JRE platform also supports Java Applets, which can be loaded from Web pages. JRE and JDK are …

漏洞类别：Solaris 漏洞等级： 漏洞信息 Multiple vulnerabilities affecting Oracle Solaris 10 could allow malicious users to compromise the confidentiality, integrity or availability of the targeted system. Oracle has released Solaris 10 patches required to resolve the vulnera…

漏洞类别：Solaris 漏洞等级： 漏洞信息 The target does not have Solaris 11.3 SRU 19.5.0 applied. The Support Repository Updates provide patch bundles/updates that primarily contain bug fixes. 漏洞危害 Exploitation could allow an attacker to compromise a vulnerable system. 解决方案 A…

漏洞类别：Database 漏洞等级： 漏洞信息 This Critical Patch Update contains 25 new security fixes for Oracle MySQL. Affected Versions: MySQL Server, version(s) 5.5.54 and prior, 5.6.35 and prior, 5.7.17 and prior 漏洞危害 Successful exploitation could allow an attacker to affect…

漏洞类别：Database 漏洞等级： 漏洞信息 Oracle released a Critical Patch Update advisory for April 2017 that addresses several security vulnerabilities. The following Oracle database component are affected: - OSQL*Plus - OJVM 漏洞危害 An attacker could affect the confidentiality…

漏洞类别：Database 漏洞等级： 漏洞信息 Oracle Database Patch Set Updates are proactive cumulative patches containing recommended bug fixes that are released on a regular schedule. Affected Software: Oracle Database 11.2.0.4 漏洞危害 Failure to apply this patch could lead to los…

漏洞类别：Database 漏洞等级： 漏洞信息 Oracle Database Patch Set Updates are proactive cumulative patches containing recommended bug fixes that are released on a regular schedule. Affected Software: Oracle Database 12.1.0.2 漏洞危害 Failure to apply this patch could lead to los…

漏洞类别：Cisco 漏洞等级： 漏洞信息 Cisco Adaptive Security Appliance (ASA) Software contains a vulnerability that could allow an authenticated, remote attacker to cause a denial of service condition. ASA receives a RADIUS packet with a crafted attribute value during a radi…

漏洞类别：Local 漏洞等级： 漏洞信息 Wireshark is a network protocol analyzer available for multiple operating systems. It lets you capture and interactively browse the traffic running on a computer network. Multiple vulnerabilities were reported in Wireshark. A remote user …

漏洞类别：RedHat 漏洞等级： 漏洞信息 LibreOffice is an open source, community-developed office productivity suite. It was found that LibreOffice disclosed contents of a file specified in an embedded object's preview. An attacker could potentially use this flaw to expose det…

漏洞类别：Web server 漏洞等级： 漏洞信息 Oracle WebLogic Server (formerly known as BEA WebLogic Server) is an application server for building and deploying enterprise applications and services. The Oracle WebLogic Server component in Oracle Fusion Middleware for versions 10…

漏洞类别：AIX 漏洞等级： 漏洞信息 There are multiple vulnerabilities in IBM SDK Java Technology Edition Versions 6, 7, 7.1, 8 that are used by AIX. These issues were disclosed as part of the IBM Java SDK updates in October 2016. The following vulnerabilities exists in IBM A…

漏洞类别：Windows 漏洞等级： 漏洞信息 ETERNALBLUE is an exploit from the recent Shadow Brokers leak. This zero day exploit is remotely exploitable on systems running SMBv1 and NBT. This information comes from the Shadow Brokers' "Equation Group" data dump. This Zero Day is …

漏洞类别：Windows 漏洞等级： 漏洞信息 ETERNALBLUE is an exploit from the recent Shadow Brokers leak. This zero day exploit is remotely exploitable on systems running SMBv1 and NBT. This information comes from the Shadow Brokers' "Equation Group" data dump. This Zero Day is …

漏洞类别：Windows 漏洞等级： 漏洞信息 ETERNALROMANCE is an exploit tool which uses remote SMBv1 vulnerabilities. This information comes from the Shadow Brokers' "Equation Group" data dump. This Zero Day is actively being exploited with the "ETERNALROMANCE" exploit. Affected…

漏洞类别：Windows 漏洞等级： 漏洞信息 ETERNALCHAMPION / ETERNALSYSTEM are exploits from the recent Shadow Brokers leak. This zero day exploit is remotely exploitable on systems running SMBv1. This information comes from the Shadow Brokers' "Equation Group" data dump. This Z…

漏洞类别：Mail services 漏洞等级： 漏洞信息 IBM Lotus Domino is a client/server product designed for collaborative working environments. Domino Server supports email, scheduling, instant messaging and data-driven applications. This information comes from the Shadow Brokers'…