CVE中文漏洞信息库 - SCAP中文社区

CVE漏洞信息库 (107,514项)		2,188个相关厂商或团体; 107,514条漏洞信息; 38,594条到OVAL定义的映射
		50,073条到CWE定义的映射; 90,883篇机器译文; 70,643条CNNVD映射
		22,650条Exploit-DB数据 13,576条到Exploit-DB的映射
		95,507条PacketStorm数据 24,580条到PacketStorm的映射

最近发布的CVE条目

CVE-2017-8445
2017-08-18 16:29:00

[原文]An error was found in the X-Pack Security TLS trust manager for versions 5.0.0 to 5.5.1. If reloading the trust material fails...

CVSS

N/A

CVE-2017-8446
2017-08-18 16:29:00

[原文]The Reporting feature in X-Pack in versions prior to 5.5.2 and standalone Reporting plugin versions versions prior to 2.4.6 ha...

CVSS

N/A

CVE-2007-5199
2017-08-18 16:29:00

[原文]A single byte overflow in catalogue.c in X.Org libXfont 1.3.1 allows remote attackers to have unspecified impact.

CVSS

N/A

CVE-2007-5341
2017-08-18 16:29:00

[原文]Remote code execution in the Venkman script debugger in Mozilla Firefox before 2.0.0.8.

CVSS

N/A

CVE-2017-9684
2017-08-18 15:29:00

[原文]In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition in a USB driver can lead to a...

CVSS

N/A

CVE-2017-9685
2017-08-18 15:29:00

[原文]In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition in a WLAN driver can lead to ...

CVSS

N/A

CVE-2017-9682
2017-08-18 15:29:00

[原文]In all Qualcomm products with Android releases from CAF using the Linux kernel, a race condition in two KGSL driver functions ...

CVSS

N/A

CVE-2017-9678
2017-08-18 15:29:00

[原文]In all Qualcomm products with Android releases from CAF using the Linux kernel, in a video driver, memory corruption can poten...

CVSS

N/A

最近修订的CVE条目

CVE-2017-6872
2017-08-19 10:17:07

[原文]A vulnerability was discovered in Siemens OZW672 (all versions) and OZW772 (all versions) that could allow an attacker with ac...

CVSS

6.4

CVE-2017-10087
2017-08-19 10:15:19

[原文]Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that ...

CVSS

6.8

CVE-2017-10086
2017-08-19 10:15:01

[原文]Vulnerability in the Java SE component of Oracle Java SE (subcomponent: JavaFX). Supported versions that are affected are Java...

CVSS

6.8

CVE-2017-10089
2017-08-19 10:14:25

[原文]Vulnerability in the Java SE component of Oracle Java SE (subcomponent: ImageIO). Supported versions that are affected are Jav...

CVSS

6.8

CVE-2017-10090
2017-08-19 10:13:46

[原文]Vulnerability in the Java SE, Java SE Embedded component of Oracle Java SE (subcomponent: Libraries). Supported versions that ...

CVSS

6.8

TOP50 厂商或团体

CVSS基础分值

CWE/SANS Top 25^[?] 2011

OWASP TOP 10 2010^[?]

OWASP TOP 10 2013 Candidate^[?]

[1] 注入 [CWE-77,CWE-89,CWE-564]
[2] 错误的认证和会话管理 [CWE-287]
[3] 跨站脚本（XSS） [CWE-79]
[4] 不安全的直接对象引用 [CWE-639,CWE-22]
[5] 安全配置缺陷 [CWE-2]
[6] 敏感数据暴露 [CWE-310,CWE-312,CWE-319,CWE-326]
[7] 缺少功能级别访问控制 [CWE-285]
[8] 跨站请求伪造（CSRF） [CWE-352]
[9] 使用已知包含漏洞的组件 [-]
[10] 未验证的重定向和传递 [CWE-601]

CVE数据库

检索CVE

关于CVE

CVE资源

Wise Words

三人行，必有我师焉。择其善者而从之，其不善者而改之。

-- 孔子

关于SCAP中文社区

SCAP中文社区是国内第一个以SCAP为主题的中文开放社区。了解更多信息，请查阅[关于本站]。

版权声明

CVE/CWE/OVAL均为MITRE公司的注册商标，它们的官方数据源均保存在MITRE公司的相关网站。

CVE 通用漏洞与披露Common Vulnerabilities and Exposures

最近发布的CVE条目

最近修订的CVE条目

TOP50 厂商或团体

CVSS基础分值

CWE/SANS Top 25[?] 2011

OWASP TOP 10 2010[?]

OWASP TOP 10 2013 Candidate[?]

CVE数据库

检索CVE

关于CVE

CVE资源

Wise Words

关于SCAP中文社区

版权声明

CWE/SANS Top 25^[?] 2011

OWASP TOP 10 2010^[?]

OWASP TOP 10 2013 Candidate^[?]