On November 25, 2020, Drupal issued a risk notice for Drupal code execution vulnerabilities, the vulnerability number is CVE-2020-28949/CVE-2020-28948. The vulnerability level is a high risk. Remote attackers can cause arbitrary code execution by...
Google Chrome has released Chrome version 87. In this new version, Google brings many new features and major improvements in the performance of Google Chrome. This article mainly introduces the major security vulnerabilities fixed...
On November 18, 2020, Cisco officially issued risk notices for multiple serious vulnerabilities, the vulnerabilities numbered CVE-2020-27130, CVE-2020-3531, CVE-2020-3586, and CVE-2020-3470. There are a total of 4 serious vulnerabilities in this notice. Attackers can...
On November 18, 2020, Drupal issued a risk notice for Drupal code execution vulnerability, the vulnerability number is CVE-2020-13671. The security risk is Critical. An unauthorized remote attacker can cause arbitrary code execution by...
Recently, Node.js officially released a security update to fix a denial of service vulnerability (CVE-2020-8277). Attackers can trigger a denial of service attack through DNS requests. Vulnerability Detail The vulnerable version of the Node.js...
On November 10, 2020, Citrix released Citrix SDWAN Center Security Update to warn about the vulnerability. These vulnerabilities numbers are CVE-2020-8271, CVE-2020-8272, and CVE-2020-8273. The exploit code (PoC) of CVE-2020-8271 has been made public....
DNS is the domain name resolution system. Our Internet life at the bottom completely relies on key infrastructure such as DNS. Of course, although the DNS system is very important, loopholes will inevitably be...
On November 16, 2020, XStream issued a risk notice for XStream remote code execution vulnerability. The vulnerability number is CVE-2020-26217. The vulnerability level is critical. There is a blacklist bypass in the old version...
On November 10th, Apache OpenOffice releases version 4.1.8 to fix arbitrary code execution vulnerability. Apache OpenOffice 4 is vulnerable to remote code execution attacks. If the victim opens a carefully crafted .odt file on...
On November 10, 2020, Intel officially released a risk notice for the Intel Wireless Bluetooth products privilege escalation vulnerability. The vulnerability number is CVE-2020-12321. The vulnerability level is critical, and CVSS Base Score: 9.6....
On November 10, 2020, Microsoft had issued a risk notice for a remote code execution vulnerability in the Windows network file system. The vulnerability number is CVE-2020-17051, the vulnerability level is critical. The CVSS:3.0...
Recently, the Apache Tomcat WebSocket DoS vulnerability (CVE-2020-13935) PoC has been made public. Apache officially disclosed the vulnerability on July 14, 2020. The vulnerability exploitation tool has been made public. To prevent your system...
On November 3, 2020, SaltStack has issued risk notices for multiple high-risk vulnerabilities. The vulnerabilities number are CVE-2020-16846, CVE-2020-17490, CVE-2020-25592. These vulnerabilities level is critical. Unauthorized remote attackers can cause arbitrary command execution by...
Recently, Google’s Project Zero only announced the Windows 10 zero-day security vulnerabilities. Although Microsoft has not repaired this security, the flaw relevant details have been disclosed. Once again, Google is now revealing new vulnerabilities....
On October 02, 2020, Apache Shiro had issued a risk notice about the Shiro authentication bypass vulnerability. The vulnerability number is CVE-2020-17510. The vulnerability level is high risk. Apache Shiro focuses on ease-of-use, so...
Microsoft announced information about the Windows Zerologon vulnerability in August. Of course, when the vulnerability was announced, security updates have also been released to block the vulnerability. This vulnerability received a CVSSv3 score of...
