漏洞信息 net/ipv4/tcp_input.c in the Linux kernel before 4.7 does not properly determine the rate of challenge ACK segments. An attacker which knows a connections client IP, server IP and server port can abuse the challenge ACK mechanism to determine the accuracy …

漏洞信息 Squid is a high-performance proxy caching server for web clients, supporting FTP, Gopher, and HTTP data objects. Security Fix(es): * It was found that the fix for CVE-2016-4051 released via RHSA-2016:1138 did not properly prevent the stack overflow in the…

漏洞信息 The Network Time Protocol (NTP) is used to synchronize a computer's time with another referenced time source. These packages include the ntpd service which continuously adjusts system time and utilities used to query and configure the ntpd service. Securi…

漏洞信息 - Multiple remote code execution vulnerabilities exist in Microsoft Office software when the Office software fails to properly handle objects in memory. - An information disclosure vulnerability exists when Microsoft OneNote improperly discloses its memor…

漏洞信息 A remote code execution vulnerability exists when Microsoft Windows PDF Library improperly handles objects in memory. This security update is rated Critical for all supported editions of Windows 8.1, Windows Server 2012, Windows RT 8.1, Windows Server 201…

漏洞信息 Microsoft Windows Authentication is vulnerable to multiple Elevation of Privilege issues. The security update resolves the following vulnerabilities: An elevation of privilege vulnerability exists when Windows Netlogon improperly establishes a secure comm…

漏洞信息 A security feature bypass vulnerability exists when Windows Secure Boot improperly loads a boot manager that is affected by the vulnerability. An attacker who successfully exploited this vulnerability could disable code integrity checks, allowing test-sig…

漏洞信息 This security update resolves a vulnerability in Microsoft Windows. The update addresses the vulnerability by preventing Universal Outlook from disclosing usernames and passwords. This security update is rated Important for Windows 10 and Windows 10 Versi…

漏洞信息 This security update is rated Critical for Internet Explorer 9 (IE 9), and Internet Explorer 11 (IE 11) on affected Windows clients, and Moderate for Internet Explorer 9 (IE 9), Internet Explorer 10 (IE 10), and Internet Explorer 11 (IE 11) on affected Wi…

漏洞信息 The security update addresses the vulnerabilities by correcting how the Windows font library handles embedded fonts. This security update is rated Critical for: - All supported releases of Microsoft Windows. - Affected editions of Microsoft Office 2007 an…

漏洞信息 Multiple elevation of privilege vulnerabilities exist when the Windows kernel-mode driver fails to properly handle objects in memory. An attacker who successfully exploited these vulnerabilities could run arbitrary code in kernel mode. An attacker could t…

漏洞信息 This security update resolves vulnerabilities in Microsoft Edge. The most severe of the vulnerabilities could allow remote code execution if a user views a specially crafted webpage using Microsoft Edge. This security update is rated Critical for Microsof…

0DAYbank一个全新的互联网漏洞公开播报网站，本站主要通过网络搜集全球互联网公开漏洞，统计分析，为部署安全型网络提供强有力的参考.本站工作人员均不参与黑客行为，所有数据均来源于互联网。目前已经覆盖全球500多家企业和地区，为安全研究人员提供强有力参考分析。www.0daybank.org