漏洞类别:CGI 漏洞等级: 漏洞信息 WordPress is an open source blogging tool and content management system based on PHP and MySQL. It has many features including a plug-in architecture and a template system. Page Layout Builder is a layout builder for WordPress. The vulnerab…
漏洞类别:General remote services 漏洞等级: 漏洞信息 A vulnerability in Cisco TelePresence Server Software could allow an unauthenticated, remote attacker to emulate Cisco TelePresence Server endpoints. The vulnerability is due to how session identification information is …
漏洞类别:Cisco 漏洞等级: 漏洞信息 Multiple Cisco products incorporate a version of the OpenSSL package affected by one or more vulnerabilities. Cisco ASA is exposed to following vulnerabilities: - Cisco ASA incorporate a version of the OpenSSL package that incorrectly han…
漏洞类别:Hardware 漏洞等级: 漏洞信息 Lexmark International, Inc.manufactures laser printers and imaging products. This QID provides information on the configurations of the target Lexmark printer. 漏洞危害 解决方案 0day
漏洞类别:Local 漏洞等级: 漏洞信息 AVG is an antivirus and security tool. A code injection vulnerability, called DoubleAgent, affects AVG Antivirus which allows a local attacker to bypass a self-protection mechanism, inject arbitrary code, and take full control of any AVG …
漏洞类别:Local 漏洞等级: 漏洞信息 Trend Micro provides an antivirus and internet content security software for PC and Mobile. Code injection vulnerability exists in multiple Trend Micro products, which may allow a local attacker to bypass a self-protection mechanism, inje…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for the linux kernel to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 漏洞危害 This …
漏洞类别:SUSE 洞等级: 漏洞信息 SUSE has released security update for libpng12 to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP2 SU…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for samba to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP2 SUSE…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for samba to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 漏洞危害 This vulnerabili…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for libpng16 to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP2 S…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for java-1_8_0-ibm to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12…
漏洞类别:SUSE 漏洞等级: 漏洞信息 SUSE has released security update for samba to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 漏洞危害 This vulnerability could be exploited to gain partial…
漏洞类别:Local 漏洞等级: 漏洞信息 The BIOS implementation on Dell Latitude, OptiPlex, Precision Mobile Workstation, and Precision Workstation Client Solutions (CS) devices with model-dependent firmware before A21 does not enforce a BIOS_CNTL locking protection mechanism u…
CVE
CVE-2016-2183 Birthday attacks against TLS ciphers with 64bit block size vulnerability (Sweet32)
漏洞类别:General remote services 漏洞等级: 漏洞信息 Legacy block ciphers having block size of 64 bits are vulnerable to a practical collision attack when used in CBC mode. All versions of SSL/TLS protocol support cipher suites which use DES or 3DES as the symmetric encryp…
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 Integer overflow in gd_io.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors involving the number of horizontal and vertical chunks in an image. (CVE-2016-10168 ) In…
漏洞类别:Amazon Linux' 漏洞等级: 漏洞信息 The skbs processed by ip_cmsg_recv() are not guaranteed to be linear (e.g. when sending UDP packets over loopback with MSGMORE). Using csum_partial() on potentially the whole skb len is dangerous; instead be on the safe side and u…
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 It was discovered that the code that parsed the HTTP request line permitted invalid characters. This could be exploited, in conjunction with a proxy that also permitted the invalid characters but with a different interpretation, to…
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 An integer overflow flaw was found in the way vim handled tree length values when reading an undo file. This bug could result in vim crashing when trying to process corrupted undo files. (CVE-2017-6350 ) An integer overflow flaw wa…
漏洞类别:Amazon Linux 漏洞等级: 漏洞信息 Integer overflow in gd_io.c in the GD Graphics Library (aka libgd) before 2.2.4 allows remote attackers to have unspecified impact via vectors involving the number of horizontal and vertical chunks in an image.(CVE-2016-10168 ) The…
漏洞类别:Web Application 漏洞等级: 漏洞信息 Apache Struts is a framework for building web applications. Apache Struts was found to be prone to a remote code execution vulnerability described in CVE-2017-5638 The vulnerability exists due to improper handling of requests wi…
漏洞类别:OEL 漏洞等级: 漏洞信息 Oracle Enterprise Linux has released security update for wireshark to fix the vulnerabilities. Affected Products: Oracle Linux 6 漏洞危害 Successful exploitation of the vulnerability allows a denial of service (application crash) via a crafted …
漏洞类别:OEL 漏洞等级: 漏洞信息 Oracle Enterprise Linux has released security update for curl to fix the vulnerabilities. Affected Products: Oracle Linux 6 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 To resolve this issue, upgrade to the la…
漏洞类别:OEL 漏洞等级: 漏洞信息 Oracle Enterprise Linux has released security update for samba to fix the vulnerabilities. Affected Products: Oracle Linux 6 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 To resolve this issue, upgrade to the l…
漏洞类别:OEL 漏洞等级: 漏洞信息 Oracle Enterprise Linux has released security update for coreutils to fix the vulnerabilities. Affected Products: Oracle Linux 6 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 To resolve this issue, upgrade to t…