漏洞类别:RedHat 漏洞等级: 漏洞信息 Xen is a virtual machine monitor An out of bounds array access issue was found in the Xen virtual machine monitor, built with the QEMU ioport support. It could occur while doing ioport read/write operations, if guest was to supply a 32bi…
漏洞类别:RedHat 漏洞等级: 漏洞信息 The kernel packages contain the Linux kernel, the core of any Linux operating system. A use-after-free vulnerability was found in the kernels socket recvmmsg subsystem. This may allows remote attackers to corrupt memory and may allow exe…
CVE
CVE-2016-9636 Oracle Enterprise Linux Security Update for gstreamer-plugins-good (ELSA-2016-2975)
漏洞类别:OEL 漏洞等级: 漏洞信息 Oracle Enterprise Linux has released security update for gstreamer-plugins-good to fix the vulnerabilities. Affected Products: Oracle Linux 6 漏洞危害 Successful exploitation of the vulnerabilities may allow an remote attacker to cause an appli…
CVE
CVE-2016-9445Oracle Enterprise Linux Security Update for gstreamer-plugins-bad-free (ELSA-2016-2974)
漏洞类别:OEL 漏洞等级: 漏洞信息 Oracle Enterprise Linux has released security update for gstreamer-plugins-bad-free to fix the vulnerabilities. Affected Products: Oracle Linux 6 漏洞危害 Sucessful exploitation may cause information leakage. 解决方案 To resolve this issue, upgrade…
漏洞类别:OEL 漏洞等级: 漏洞信息 Oracle Enterprise Linux has released security update for thunderbird to fix the vulnerabilities. Affected Products: Oracle Linux 7 Oracle Linux 6 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 To resolve this is…
漏洞类别:OEL 漏洞等级: 漏洞信息 Oracle Enterprise Linux has released security update for vim to fix the vulnerabilities. Affected Products: Oracle Linux 7 Oracle Linux 6 漏洞危害 Successful exploitation may lead to the execution of arbitrary code 解决方案 To resolve this issue, u…
漏洞类别:OEL 漏洞等级: 漏洞信息 Oracle Enterprise Linux has released security update for xen to fix the vulnerabilities. Affected Products: Oracle Linux 5 漏洞危害 A privileged guest user/process could use this flaw to potentially escalate their privileges on a host. 解决方案 To …
漏洞类别:OEL 漏洞等级: 漏洞信息 Oracle Enterprise Linux has released security update for elsa-2016-2962-1 important: oracle linux 5 kernel to fix the vulnerabilities. Affected Products: Oracle Linux 5 漏洞危害 On successful exploitation it allows remote attackers to corrupt m…
漏洞类别:CentOS 漏洞等级: 漏洞信息 CentOS has released security update for kvm to fix the vulnerabilities. Affected Products: centos 5 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 To resolve this issue, upgrade to the latest packages which c…
漏洞类别:Local 漏洞等级: 漏洞信息 Design interactive animations with cutting-edge drawing tools and publish them to multiple platforms with Adobe Animate. This update resolves a critical memory corruption vulnerability (CVE-2016-7866). Affected Version Adobe Animate 15.2.…
漏洞类别:Local 漏洞等级: 漏洞信息 Adobe ColdFusion Builder an IDE that can be used to build applications for ColdFusion. Adobe ColdFusion Builder is exposed to a information disclosure vulnerability (CVE-2016-7887). Affected Products: Adobe ColdFusion Builder 2016 Update …
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that shared bind mounts in a mount namespace exponentially added entries without restriction to the Linux kernel's mount table. It was discovered that the KVM implementation for x86/x86_64 in the Linux kernel could dere…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 A use-after-free condition in the TTY implementation in the Linux kernel. It was discovered that the Video For Linux Two (v4l2) implementation in the Linux kernel did not properly handle multiple planes when processing a VIDIOC_DQBUF ioc…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that shared bind mounts in a mount namespace exponentially added entries without restriction to the Linux kernel's mount table. It was discovered that a race condition existed in the procfs environ_read function in the …
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that a race condition existed in the procfs environ_read function in the Linux kernel, leading to an integer underflow. 漏洞危害 A local attacker could use this to expose sensitive information (kernel memory). 解决方案 Refer to…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for php-ssh2 to fix the vulnerabilities. 漏洞危害 If only DSA-3732-1 is installed, it can cause segfaults in php-ssh2. 解决方案 Refer to Debian security advisory DSA 3732-2 to address this issue and obtain fur…
漏洞类别:Ubuntu 漏洞等级: 漏洞信息 It was discovered that the ndr_pull_dnsp_nam function in Samba contained an integer overflow. It was discovered that Samba clients always requested a forwardable ticket when using Kerberos authentication. It was discovered that Kerberos …
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for python-bottle to fix the vulnerabilities. 漏洞危害 Successful exploitation can allowe an attacker to perform CRLF attacks such as HTTP header injection. 解决方案 Refer to Debian security advisory DSA 3743-…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for flightgear to fix the vulnerabilities. 漏洞危害 Successful exploitation of the vulnerabilities can allow a malicious script to overwrite arbitrary files with the privileges of the user running Flight G…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for tor to fix the vulnerabilities. 漏洞危害 Sucessful exploitation of the vulnerability may cause a Denial of Service. 解决方案 Refer to Debian security advisory DSA 3741-1 to address this issue and obtain fu…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for samba to fix the vulnerabilities. 漏洞危害 A target server, which is present in the current or trusted domain/realm, can be given a valid general purpose Kerberos "Ticket Granting Ticket" (TGT), which …
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for tomcat8 to fix the vulnerabilities. 漏洞危害 Successful exploitation of the vulnerabilities may cause privilege escalation, information disclosure, and remote code execution. 解决方案 Refer to Debian secur…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for tomcat7 to fix the vulnerabilities. 漏洞危害 Successful exploitation of the vulnerabilities may cause privilege escalation, information disclosure, and remote code execution. 解决方案 Refer to Debian secur…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for php5 to fix the vulnerabilities. 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Refer to Debian security advisory DSA 3737-1 to address this issue and obtain further de…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for libupnp to fix the vulnerabilities. 漏洞危害 Sucessful exploitation may lead to denial of service or remote code execution. 解决方案 Refer to Debian security advisory DSA 3736-1 to address this issue and o…
漏洞类别:Debian 漏洞等级: 漏洞信息 Debian has released security update for game-music-emu to fix the vulnerabilities. 漏洞危害 Sucessful exploitation may lead to execution of arbitrary code. 解决方案 Refer to Debian security advisory DSA 3735-1 to address this issue and obtain fu…
漏洞类别:Web Application 漏洞等级: 漏洞信息 XSS vulnerabilities occur when the Web application echoes user-supplied data in an HTML response sent to the Web browser. For example, a Web application might include the user's name as part of a welcome message or display a hom…
漏洞类别:SUSE 漏洞等级: 漏洞信息 Suse has released security update for xen to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP1 漏洞危害 This vulnerability…
CVE
CVE-2016-5649 Netgear DGN2200, DGND3700 and WNDR4500 Sensitive Information Disclosure Vulnerability
漏洞类别:CGI 漏洞等级: 漏洞信息 Netgear DGN2200, DGND3700 and WNDR4500 series routers are wireless modem routers. Netgear DGN2200, DGND3700 and WNDR4500 series routers are exposed to a sensitive information disclosure vulnerability. Affected Versions: Firmware version DGN…
漏洞类别:CGI 漏洞等级: 漏洞信息 WAGO PLCs are used for various commercial facilities, critical manufacturing, energy, and transportation systems. WAGO PLCs are exposed to authentication bypass vulnerability that allows an attacker to change system settings without authent…
漏洞类别:CGI 漏洞等级: 漏洞信息 Netgear WNR2000 series routers are wireless modem routers. Netgear WNR2000 series routers are exposed to multiple vulnerabilities including information disclosure, stack buffer overflow and remote code execution. 漏洞危害 Successfully exploitin…
漏洞类别:CGI 漏洞等级: 漏洞信息 Apache TomEE is the Java Enterprise Edition of Apache Tomcat (Tomcat + Java EE = TomEE) that combines several Java enterprise projects including Apache OpenEJB, Apache OpenWebBeans, Apache OpenJPA, Apache MyFaces and others. The flaw exists…
漏洞类别:SUSE 漏洞等级: 漏洞信息 Suse has released security update for dnsmasq to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP2 SUSE Linux Enterprise Desktop 12-SP1 …
漏洞类别:SUSE 漏洞等级: 漏洞信息 Suse has released security update for wget to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Server 12-SP1 SUSE Linux Enterprise Desktop 12-SP2 SUSE Linux Enterprise Desktop 12-SP1 漏洞危…
漏洞类别:SUSE 漏洞等级: 漏洞信息 Suse has released security update for imagemagick to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP…
漏洞类别:SUSE 漏洞等级: 漏洞信息 Suse has released security update for imagemagick to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 漏洞危害 This vulnerability could be exploited to gain p…
漏洞类别:SUSE 漏洞等级: 漏洞信息 Suse has released security update for gd to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 漏洞危害 This vulnerability can be used to cause a limited denial…
漏洞类别:SUSE 漏洞等级: 漏洞信息 Suse has released security update for libgme to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP2 SUS…
漏洞类别:SUSE 漏洞等级: 漏洞信息 Suse has released security update for mozillafirefox to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12…
漏洞类别:SUSE 漏洞等级: 漏洞信息 Suse has released security update for xen to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 漏洞危害 This vulnerability could be exploited to gain complete …
漏洞类别:SUSE 漏洞等级: 漏洞信息 Suse has released security update for gd to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Software Development Kit 12-SP1 SUSE Linux Enterprise Server 12-SP2 SUSE Li…
漏洞类别:SUSE 漏洞等级: 漏洞信息 Suse has released security update for mozillafirefox to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 漏洞危害 This vulnerability could be exploited to gai…
漏洞类别:SUSE 漏洞等级: 漏洞信息 Suse has released security update for zlib to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 11-SP4 SUSE Linux Enterprise Server 11-SP4 漏洞危害 This vulnerability could be exploited to gain partial …
漏洞类别:SUSE 漏洞等级: 漏洞信息 Suse has released security update for xen to fix the vulnerabilities. Affected Products: SUSE Linux Enterprise Software Development Kit 12-SP2 SUSE Linux Enterprise Server 12-SP2 SUSE Linux Enterprise Desktop 12-SP2 漏洞危害 This vulnerability…
漏洞类别:Web server 漏洞等级: 漏洞信息 The HP System Management Homepage (SMH) is a web-based interface that consolidates the management of ProLiant and Integrity servers running Microsoft Windows or Linux, or HP 9000 and HP Integrity servers running HP-UX 11i. Multiple p…
漏洞类别:RedHat 漏洞等级: 漏洞信息 Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and support services. A flaw was found in…
漏洞类别:RedHat 漏洞等级: 漏洞信息 GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer-plugins-good packages contain a collection of well-supported plug-ins of good quality and under the LGPL license. Multiple fla…
漏洞类别:RedHat 漏洞等级: 漏洞信息 GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer-plugins-bad-free package contains a collection of plug-ins for GStreamer. An integer overflow flaw, leading to a heap-based bu…
漏洞类别:RedHat 漏洞等级: 漏洞信息 Mozilla Thunderbird is a standalone mail and newsgroup client. Multiple flaws were found in the processing of malformed web content. A web page containing malicious content could cause Thunderbird to crash or, potentially, execute arbitr…
漏洞类别:Local 漏洞等级: 漏洞信息 Citrix NetScaler Application Delivery Controller is an application delivery management solution. Citrix has addressed an unauthorized redirect vulnerability which could allow an attacker to get session cookies of redirected a AAA user. Th…