2026年2月4日星期三

Google Chrome 多個漏洞

Google Chrome 多個漏洞

發佈日期: 2026年02月04日

風險: 中度風險

類型: 用戶端 - 瀏覽器

於 Google Chrome 發現多個漏洞。遠端攻擊者可利用這些漏洞,於目標系統觸發遠端執行任意程式碼及繞過保安限制。

影響

  • 遠端執行程式碼
  • 繞過保安限制

受影響之系統或技術

  • Google Chrome 144.0.7559.132 (Linux) 之前的版本
  • Google Chrome 144.0.7559.132/.133 (Mac) 之前的版本
  • Google Chrome 144.0.7559.132/.133 (Windows) 之前的版本

解決方案

在安裝軟體之前,請先瀏覽供應商之網站,以獲得更多詳細資料。

安裝軟件供應商提供的修補程式:

  • 更新至 144.0.7559.132 (Linux) 或之後版本
  • 更新至 144.0.7559.132/.133 (Mac) 或之後版本
  • 更新至 144.0.7559.132/.133 (Windows) 或之後版本

漏洞識別碼

資料來源

相關連結

沒有留言:

Google Chrome Multiple Vulnerabilities

Google Chrome Multiple Vulnerabilities

Release Date: 4 Feb 2026

RISK: Medium Risk

TYPE: Clients - Browsers

Multiple vulnerabilities were identified in Google Chrome. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution and security restriction bypass on the targeted system.

Impact

  • Remote Code Execution
  • Security Restriction Bypass

System / Technologies affected

  • Google Chrome prior to 144.0.7559.132 (Linux)
  • Google Chrome prior to 144.0.7559.132/.133 (Mac)
  • Google Chrome prior to 144.0.7559.132/.133 (Windows)

Solutions

Before installation of the software, please visit the software vendor web-site for more details.

Apply fixes issued by the vendor:

  • Update to version 144.0.7559.132 (Linux) or later
  • Update to version 144.0.7559.132/.133 (Mac) or later
  • Update to version 144.0.7559.132/.133 (Windows) or later

Vulnerability Identifier

Source

Related Link

沒有留言:

2026年2月3日星期二

OpenSSL 多個漏洞

OpenSSL 多個漏洞

發佈日期: 2026年02月03日

風險: 中度風險

類型: 保安軟件及應用設備 - 保安軟件及應用設備

於 OpenSSL 中發現多個漏洞。遠端攻擊者可利用這些漏洞,於目標系統觸發遠端執行任意程式碼、阻斷服務狀況、資料篡改及敏感資料洩露。

影響

  • 阻斷服務
  • 遠端執行程式碼
  • 資料洩露
  • 篡改

受影響之系統或技術

  • OpenSSL 1.0.2 版本
  • OpenSSL 1.1.1 版本
  • OpenSSL 3.0 版本
  • OpenSSL 3.3 版本
  • OpenSSL 3.4 版本
  • OpenSSL 3.5 版本
  • OpenSSL 3.6 版本

解決方案

在安裝軟體之前,請先瀏覽軟體供應商之網站,以獲得更多詳細資料。

 

  • 對於 1.0.2 版本,更新至 1.0.2zn 版本
  • 對於 1.1.1 版本,更新至 1.1.1ze 版本
  • 對於 3.0 版本,更新至 3.0.19 版本
  • 對於 3.3 版本,更新至 3.3.6 版本
  • 對於 3.4 版本,更新至 3.4.4 版本
  • 對於 3.5 版本,更新至 3.5.5 版本
  • 對於 3.6 版本,更新至 3.6.1 版本

漏洞識別碼

資料來源

相關連結

沒有留言:

OpenSSL Multiple Vulnerabilities

OpenSSL Multiple Vulnerabilities

Release Date: 3 Feb 2026

RISK: Medium Risk

TYPE: Security software and application - Security Software & Appliance

Multiple vulnerabilities were identified in OpenSSL. A remote attacker could exploit some of these vulnerabilities to trigger remote code execution, denial of service condition, data manipulation and sensitive information disclosure on the targeted system.

Impact

  • Denial of Service
  • Remote Code Execution
  • Information Disclosure
  • Data Manipulation

System / Technologies affected

  • OpenSSL version 1.0.2
  • OpenSSL version 1.1.1
  • OpenSSL version 3.0
  • OpenSSL version 3.3
  • OpenSSL version 3.4
  • OpenSSL version 3.5
  • OpenSSL version 3.6

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.

 

  • For version 1.0.2, upgrade to version 1.0.2zn
  • For version 1.1.1, upgrade to version 1.1.1ze
  • For version 3.0, upgrade to version 3.0.19
  • For version 3.3, upgrade to version 3.3.6
  • For version 3.4, upgrade to version 3.4.4
  • For version 3.5, upgrade to version 3.5.5
  • For version 3.6, upgrade to version 3.6.1

Vulnerability Identifier

Source

Related Link

沒有留言:

RedHat Linux 核心多個漏洞

RedHat Linux 核心多個漏洞

發佈日期: 2026年02月03日

風險: 中度風險

類型: 操作系統 - LINUX

於 RedHat Linux核心發現多個漏洞。遠端攻擊者可利用這些漏洞,於目標系統觸發阻斷服務狀況、權限提升、遠端執行任意程式碼、洩露敏感資料及繞過保安限制。

影響

  • 阻斷服務
  • 遠端執行程式碼
  • 資料洩露
  • 權限提升
  • 繞過保安限制

受影響之系統或技術

  • Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.6 aarch64
  • Red Hat CodeReady Linux Builder for ARM 64 8 aarch64
  • Red Hat CodeReady Linux Builder for ARM 64 9 aarch64
  • Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.6 s390x
  • Red Hat CodeReady Linux Builder for IBM z Systems 9 s390x
  • Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.6 ppc64le
  • Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le
  • Red Hat CodeReady Linux Builder for Power, little endian 9 ppc64le
  • Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.6 x86_64
  • Red Hat CodeReady Linux Builder for x86_64 8 x86_64
  • Red Hat CodeReady Linux Builder for x86_64 9 x86_64
  • Red Hat Enterprise Linux Server - AUS 9.6 x86_64
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 7 s390x
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support 7 x86_64
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, big endian 7 ppc64
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, little endian 7 ppc64le
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 ppc64le
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6 aarch64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 aarch64
  • Red Hat Enterprise Linux for ARM 64 8 aarch64
  • Red Hat Enterprise Linux for ARM 64 9 aarch64
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 s390x
  • Red Hat Enterprise Linux for IBM z Systems 8 s390x
  • Red Hat Enterprise Linux for IBM z Systems 9 s390x
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 ppc64le
  • Red Hat Enterprise Linux for Power, little endian 8 ppc64le
  • Red Hat Enterprise Linux for Power, little endian 9 ppc64le
  • Red Hat Enterprise Linux for Real Time 8 x86_64
  • Red Hat Enterprise Linux for Real Time for NFV 8 x86_64
  • Red Hat Enterprise Linux for Real Time for x86_64 - Extended Life Cycle Support 7 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 x86_64
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 x86_64
  • Red Hat Enterprise Linux for x86_64 8 x86_64
  • Red Hat Enterprise Linux for x86_64 9 x86_64

解決方案

在安裝軟體之前,請先瀏覽供應商之網站,以獲得更多詳細資料。

 

安裝供應商提供的修補程式:

漏洞識別碼

資料來源

相關連結

沒有留言:

RedHat Linux Kernel Multiple Vulnerabilities

RedHat Linux Kernel Multiple Vulnerabilities

Release Date: 3 Feb 2026

RISK: Medium Risk

TYPE: Operating Systems - Linux

Multiple vulnerabilities were identified in RedHat Linux Kernel. A remote attacker could exploit some of these vulnerabilities to trigger denial of service condition, elevation of privilege, remote code execution, sensitive information disclosure and security restriction bypass on the targeted system.

Impact

  • Denial of Service
  • Remote Code Execution
  • Information Disclosure
  • Elevation of Privilege
  • Security Restriction Bypass

System / Technologies affected

  • Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.6 aarch64
  • Red Hat CodeReady Linux Builder for ARM 64 8 aarch64
  • Red Hat CodeReady Linux Builder for ARM 64 9 aarch64
  • Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.6 s390x
  • Red Hat CodeReady Linux Builder for IBM z Systems 9 s390x
  • Red Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.6 ppc64le
  • Red Hat CodeReady Linux Builder for Power, little endian 8 ppc64le
  • Red Hat CodeReady Linux Builder for Power, little endian 9 ppc64le
  • Red Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.6 x86_64
  • Red Hat CodeReady Linux Builder for x86_64 8 x86_64
  • Red Hat CodeReady Linux Builder for x86_64 9 x86_64
  • Red Hat Enterprise Linux Server - AUS 9.6 x86_64
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support (for IBM z Systems) 7 s390x
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support 7 x86_64
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, big endian 7 ppc64
  • Red Hat Enterprise Linux Server - Extended Life Cycle Support for IBM Power, little endian 7 ppc64le
  • Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.6 ppc64le
  • Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.6 aarch64
  • Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.6 aarch64
  • Red Hat Enterprise Linux for ARM 64 8 aarch64
  • Red Hat Enterprise Linux for ARM 64 9 aarch64
  • Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.6 s390x
  • Red Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.6 s390x
  • Red Hat Enterprise Linux for IBM z Systems 8 s390x
  • Red Hat Enterprise Linux for IBM z Systems 9 s390x
  • Red Hat Enterprise Linux for Power, little endian - Extended Update Support 9.6 ppc64le
  • Red Hat Enterprise Linux for Power, little endian 8 ppc64le
  • Red Hat Enterprise Linux for Power, little endian 9 ppc64le
  • Red Hat Enterprise Linux for Real Time 8 x86_64
  • Red Hat Enterprise Linux for Real Time for NFV 8 x86_64
  • Red Hat Enterprise Linux for Real Time for x86_64 - Extended Life Cycle Support 7 x86_64
  • Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.6 x86_64
  • Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.6 x86_64
  • Red Hat Enterprise Linux for x86_64 8 x86_64
  • Red Hat Enterprise Linux for x86_64 9 x86_64

Solutions

Before installation of the software, please visit the vendor web-site for more details.

 

Apply fixes issued by the vendor:

Vulnerability Identifier

Source

Related Link

沒有留言:

2026年2月2日星期一

Microsoft Edge 遠端執行程式碼漏洞

Microsoft Edge 遠端執行程式碼漏洞

發佈日期: 2026年02月02日

風險: 中度風險

類型: 用戶端 - 瀏覽器

於微軟 Edge 發現一個漏洞。遠端攻擊者可利用此漏洞,於目標系統觸發阻斷服務狀況及遠端執行任意程式碼。

影響

  • 遠端執行程式碼
  • 阻斷服務

受影響之系統或技術

  • Microsoft Edge 144.0.3719.104 之前的版本

解決方案

在安裝軟體之前,請先瀏覽供應商之網站,以獲得更多詳細資料。

安裝軟件供應商提供的修補程式:

  • 更新至 144.0.3719.104 或之後版本

漏洞識別碼

資料來源

相關連結

沒有留言:

Microsoft Edge Remote Code Execution Vulnerability

Microsoft Edge Remote Code Execution Vulnerability

Release Date: 2 Feb 2026

RISK: Medium Risk

TYPE: Clients - Browsers

A vulnerability was identified in Microsoft Edge. A remote attacker could exploit this vulnerability to trigger denial of service condition and remote code execution on the targeted system.

Impact

  • Remote Code Execution
  • Denial of Service

System / Technologies affected

  • Microsoft Edge version prior to 144.0.3719.104

Solutions

Before installation of the software, please visit the software vendor web-site for more details.

Apply fixes issued by the vendor:

  • Update to version 144.0.3719.104 or later

Vulnerability Identifier

Source

Related Link

沒有留言:

SUSE Linux 內核多個漏洞

SUSE Linux 內核多個漏洞

發佈日期: 2026年02月02日

風險: 中度風險

類型: 操作系統 - LINUX

於 SUSE Linux 內核發現多個漏洞。遠端攻擊者可利用這些漏洞,於目標系統觸發阻斷服務狀況、遠端執行任意程式碼、權限提升、洩露敏感資料、繞過保安限制及資料篡改。

 

影響

  • 遠端執行程式碼
  • 資料洩露
  • 阻斷服務
  • 篡改
  • 權限提升
  • 繞過保安限制

受影響之系統或技術

  • Basesystem Module 15-SP7
  • Development Tools Module 15-SP7
  • Legacy Module 15-SP7
  • openSUSE Leap 15.5
  • SUSE Linux Enterprise Desktop 15 SP7
  • SUSE Linux Enterprise High Availability Extension 15 SP7
  • SUSE Linux Enterprise High Performance Computing 12 SP5
  • SUSE Linux Enterprise High Performance Computing 15 SP5
  • SUSE Linux Enterprise High Performance Computing ESPOS 15 SP5
  • SUSE Linux Enterprise High Performance Computing LTSS 15 SP5
  • SUSE Linux Enterprise Live Patching 12-SP5
  • SUSE Linux Enterprise Live Patching 15-SP5
  • SUSE Linux Enterprise Live Patching 15-SP7
  • SUSE Linux Enterprise Micro 5.2
  • SUSE Linux Enterprise Micro 5.5
  • SUSE Linux Enterprise Micro for Rancher 5.2
  • SUSE Linux Enterprise Real Time 15 SP5
  • SUSE Linux Enterprise Real Time 15 SP7
  • SUSE Linux Enterprise Server 11 SP4
  • SUSE Linux Enterprise Server 11 SP4 LTSS EXTREME CORE
  • SUSE Linux Enterprise Server 12 SP5
  • SUSE Linux Enterprise Server 12 SP5 LTSS
  • SUSE Linux Enterprise Server 12 SP5 LTSS Extended Security
  • SUSE Linux Enterprise Server 15 SP5
  • SUSE Linux Enterprise Server 15 SP5 LTSS
  • SUSE Linux Enterprise Server 15 SP7
  • SUSE Linux Enterprise Server for SAP Applications 12 SP5
  • SUSE Linux Enterprise Server for SAP Applications 15 SP5
  • SUSE Linux Enterprise Server for SAP Applications 15 SP7
  • SUSE Linux Enterprise Workstation Extension 15 SP7

解決方案

在安裝軟體之前,請先瀏覽供應商之網站,以獲得更多詳細資料。

 

安裝供應商提供的修補程式:

漏洞識別碼

資料來源

相關連結

沒有留言:
訂閱: 留言 (Atom)

Google Chrome 多個漏洞

Google Chrome 多個漏洞 發佈日期: 2026年02月04日 風險: 中度風險 類型: 用戶端 - 瀏覽器 於 Google Chr...