报送者:蓝盾信息安全技术有限公司 CNVD-ID CNVD-2016-10154 发布时间 2016-10-27 危害级别 中 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 影响产品 Google Chrome <54.0.2840.59 BUGTRAQ ID 93528 CVE ID CVE-2016-5183 漏洞描述 Google Chrome是一款流行的Web浏览器。 Google Chrome PDFium存在内存错误引用漏洞。攻击者可以利用漏洞在浏览器的上下文中执行任意代码，或引起拒绝…

报送者:蓝盾信息安全技术有限公司 CNVD-ID CNVD-2016-10153 发布时间 2016-10-27 危害级别 中 (AV:N/AC:M/Au:N/C:P/I:P/A:P) 影响产品 Google Chrome <54.0.2840.59 BUGTRAQ ID 93528 CVE ID CVE-2016-5182 漏洞描述 Google Chrome是一款流行的Web浏览器。 Google Chrome Blink存在堆溢出漏洞。攻击者可以利用漏洞在浏览器的上下文中执行任意代码，或引起拒绝服务条件…

漏洞类别：CGI 漏洞等级： 漏洞信息 Joomla! is a free and open-source content management system written in PHP. It uses object oriented programming techniques and is built on a model-view-controller web application framework. It includes features such as page caching, RSS fee…

漏洞类别：Cisco 漏洞等级： 漏洞信息 A vulnerability in the Identity Firewall feature of Cisco ASA Software could allow an unauthenticated, remote attacker to cause a reload of the affected system or to remotely execute code. The vulnerability is due to a buffer overflow in …

漏洞类别：CentOS 漏洞等级： 漏洞信息 CentOS has released security update for kernel to fix the vulnerabilities. Affected Products: centos 7 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 To resolve this issue, upgrade to the latest packages whic…

漏洞类别：Local 漏洞等级： 漏洞信息 Firefox is a free and open-source web browser developed for Windows, OS X, and Linux, with a mobile version for Android. The Mozilla Foundation has released updates to address multiple vulnerabilities in Firefox. CVE-2016-5287: Crash in n…

漏洞类别：General remote services 漏洞等级： 漏洞信息 MatrixSSL is an Open-Source TLS/SSL implementation. The software is exposed to following security vulnerabilities: - Heap-based Buffer Overflow - CVE-2016-6890. - Improper Restriction of Operations within the Bounds of a…

漏洞类别：CGI 漏洞等级： 漏洞信息 Red Hat JBoss Operations Network (or JBoss ON or JON) is free software/open-source Java EE-based network management software. Red Hat JBoss Operations Network provides built-in management and monitoring capabilities to effectively administe…

漏洞类别：CGI 漏洞等级： 漏洞信息 Vtiger CRM is an open source CRM application developed by the company Vtiger and is available as free open source software based on PHP and MySQL, and as a subscription-based cloud application through Vtiger's website. Vtiger CRM contains a…

漏洞类别：CGI 漏洞等级： 漏洞信息 Vtiger CRM is an open source CRM application developed by the company Vtiger and is available as free open source software based on PHP and MySQL, and as a subscription-based cloud application through Vtiger's website. Vtiger CRM contains a…

漏洞类别：RedHat 漏洞等级： 漏洞信息 The Berkeley Internet Name Domain (BIND) is an implementation of the Domain Name System (DNS) protocols. BIND includes a DNS server (named); a resolver library (routines for applications to use when interfacing with DNS); and tools for v…

漏洞类别：CentOS 漏洞等级： 漏洞信息 CentOS has released security update for bind97 to fix the vulnerabilities. Affected Products: centos 5 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 To resolve this issue, upgrade to the latest packages whic…

漏洞类别：CentOS 漏洞等级： 漏洞信息 CentOS has released security update for bind to fix the vulnerabilities. Affected Products: centos 6 centos 5 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 To resolve this issue, upgrade to the latest packag…

漏洞类别：CentOS 漏洞等级： 漏洞信息 CentOS has released security update for java-1.8.0-openjdk to fix the vulnerabilities. Affected Products: centos 6 centos 7 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 To resolve this issue, upgrade to the…

漏洞类别：CentOS 漏洞等级： 漏洞信息 CentOS has released security update for tomcat to fix the vulnerabilities. Affected Products: centos 7 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 To resolve this issue, upgrade to the latest packages whic…

漏洞类别：CentOS 漏洞等级： 漏洞信息 CentOS has released security update for kernel to fix the vulnerabilities. Affected Products: centos 7 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 To resolve this issue, upgrade to the latest packages whic…

漏洞类别：CentOS 漏洞等级： 漏洞信息 CentOS has released security update for tomcat6 to fix the vulnerabilities. Affected Products: centos 6 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 To resolve this issue, upgrade to the latest packages whi…

漏洞类别：CentOS 漏洞等级： 漏洞信息 CentOS has released security update for kernel to fix the vulnerabilities. Affected Products: centos 6 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 To resolve this issue, upgrade to the latest packages whic…

漏洞类别：CentOS 漏洞等级： 漏洞信息 CentOS has released security update for thunderbird to fix the vulnerabilities. Affected Products: centos 6 centos 5 centos 7 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 To resolve this issue, upgrade to t…

漏洞类别：SUSE 漏洞等级： 漏洞信息 Suse has released security update for php5 to fix the vulnerabilities. Affected Products: openSUSE 13.2 漏洞危害 Successful exploitation allows attacker to compromise the system. 解决方案 Upgrade to the latest packages which contain a patch. To in…

漏洞类别：Local 漏洞等级： 漏洞信息 Adobe has released security updates for Adobe Flash Player for Windows, Macintosh, Linux, which address a critical vulnerability that could potentially allow an attacker to take control of the affected system. Adobe is aware of a report t…

漏洞类别：General remote services 漏洞等级： 漏洞信息 Remote system is accessible using default username or password via telnet. These default credentials are being actively attacked by Mirai Botnet. 漏洞危害 Successfully exploiting this vulnerability cant allow a remote attack…

漏洞类别：Cisco 漏洞等级： 漏洞信息 A vulnerability in the Simple Network Management Protocol (SNMP) code of Cisco Adaptive Security Appliance (ASA) Software could allow an authenticated, remote attacker to cause a reload of the affected system. The vulnerability is due to …

漏洞类别：Cisco 漏洞等级： 漏洞信息 A vulnerability in the Tomcat service throttling mechanism of the Cisco Unified Communications Manager could allow an authenticated, remote attacker to cause a denial of service condition. The vulnerability is due to sending multiple auth…

漏洞类别：Cisco 漏洞等级： 漏洞信息 A vulnerability in the Overlay Transport Virtualization (OTV) generic routing encapsulation (GRE) implementation of the Cisco Nexus 7000 and 7700 Series Switches could allow an unauthenticated, adjacent attacker to cause a reload of the a…