Joomla is a free and open-source content management system for publishing web content on websites. Web content applications include discussion forums, photo galleries, e-Commerce, and user communities, and numerous other web-based applications. On March...
On March 09, 2021, Microsoft had released a risk notice for the Patch Tuesday March 2021. The security update patches 89 vulnerabilities, mainly covering the following components: Windows operating system, Azure, IE and Edge,...
The Chrome browser will block the browser’s access to TCP port 554 to prevent attacks using the NAT Slipstreaming 2.0 vulnerability. Last year, security researchers disclosed a new version of the NAT Slipstreaming vulnerability,...
Last summer, ARM Company disclosed the Straight Line Speculation (SLS) vulnerability, and they soon introduced safeguards against SLS in the GCC and LLVM compilers. Compiler-based SLS mitigation measures include adding speculative barrier sequences around...
Microsoft Exchange Server 2013-2019 has security vulnerabilities, and tens of thousands of government and enterprise organizations have been attacked by hackers. At present, only 10% of government and enterprise organizations have fixed this vulnerability,...
Earlier, we have mentioned that a major security vulnerability has occurred in Microsoft Exchange, affecting all versions of Microsoft Exchange Server 2013-2019. In response to this security crisis, Microsoft has urgently issued a security...
The GRUB Bootloader was affected by the “BootHole” vulnerability last year, and security issues impacted its UEFI Secure Boot support. Today, multi vulnerabilities in GRUB have been made public. GNU GRUB is a bootloader...
Google Chrome released a new stable version v89.0.4389.72 yesterday. This version not only adds some new features but also brings various fixes to solve security vulnerabilities. The Chrome engineer said that the new version...
Recently, Alexander Popov, a Linux security developer from Positive Technologies, discovered and fixed five security vulnerabilities in the implementation of Linux kernel virtual sockets. Attackers can use this vulnerability (CVE-2021-26708) to obtain root permissions...
On March 2, 2021, VMware released a risk notice for View Planner, the vulnerability number is CVE-2021-21978. The CVSSv3 base score is 8.6. There is a flaw in View Planner’s handling of uploaded files....
If you are using Microsoft Exchange Server, you should now install the emergency security update released by Microsoft to fix serious security vulnerabilities. According to the Microsoft Security Bulletin, the CVE-2021-26858 and CVE-2021-27065 zero-day...
On March 1, the Apache Software Foundation issued a security notice to fix an RCE vulnerability (CVE-2021-25329) via session persistence. This vulnerability is bypassed by the CVE-2020-9484 patch. If Tomcat’s session persistence using an...
Google often announces security vulnerabilities in Microsoft products with its security rules, even if sometimes Microsoft has not had time to fix the vulnerabilities, Google will disclose the details. The reason given by the...
Previously, some researchers accidentally discovered that Microsoft’s NTFS file system was flawed, and users only needed to access a path containing certain special strings and it would crash. Although this problem is unlikely to...
Built on Python, Salt uses simple and human-readable YAML combined with event-driven automation to deploy and configure complex IT systems. In addition to leveling-up vRealize Automation SaltStack Config, Salt can be found under the...
On February 23, 2021, VMware had released risk notices for the vCenter Server and ESXi. VMware fixed two high-risk vulnerabilities in ESXi and vSphere Client (HTML5). Malicious attackers with access to network ports can...
