Today, Adobe officially released the June security update, which fixed multiple vulnerabilities in Adobe’s products, including Adobe Framemaker, Adobe Experience Manager, and Adobe Flash Player. Vulnerability Details Adobe Framemaker Adobe Framemaker security update released...
Today, Microsoft officially released the Microsoft June Patch Tuesday to fix multi security vulnerabilities in its product. This security update patched for 129 vulnerabilities, mainly covering the Windows operating system, Windows application store, IE/Edge...
RiskSense has released a new report that provides in-depth discovery of vulnerabilities in currently popular open-source software, including the number of vulnerabilities, which software is most vulnerable to threats, and the main types of...
Recently, Cisco officially released security advisories for multiple vulnerabilities in IOS (Cisco Internetworking Operating System) components, the vulnerability number is CVE-2020-3227/CVE-2020-3205/CVE-2020-3198/CVE-2020-3258 and vulnerability rating is high risk. Cisco Internetwork Operating System (IOS) is a...
Recently, IBM officially issued a notice to fix the remote code execution (CVE-2020-4450) vulnerability in WebSphere Application Server (WAS). This vulnerability was caused by the deserialization of the IIOP protocol. Attackers can remotely attack...
Recently, we have detected that researchers have published PoC for the remote code execution vulnerability of the SMBv3 protocol (CVE-2020-0796), which greatly increased the potential harm of the vulnerability. Users who have not fixed...
Recently, Spring Cloud Config officially released a new version to fix directory traversal vulnerability. The vulnerability number is CVE-2020-5410, and the vulnerability level is medium. Spring Cloud Config provides server-side and client-side support for...
Recently, Apache officially released a security bulletin that fixed an Apache Kylin remote command execution vulnerability (CVE-2020-1956). There are some restful APIs in Kylin, which can connect the operating system commands with the string entered...
ZDI released the Parallels Desktop (PD) Virtual Machine Escalate Privileges Vulnerability Risk Notice, the vulnerability number is CVE-2020-8871. Parallels Desktop is the most popular virtual machine software under the MacOS platform, designed to provide...
Recently, Cisco issued a notice saying that it fixed a high-risk vulnerability (CVE-2020-3280) in Cisco Unified Contact Center Express (Unified CCX). The vulnerability stems from the fact that during the deserialization operation of the...
Recently, Apache Tomcat issued a notice saying that a remote code execution vulnerability (CVE-2020-9484) originating from a persistent session was fixed. To exploit this vulnerability, an attacker needs to meet the following four conditions at...
A memory corruption vulnerability (CVE-2020-12651) was fixed in the latest version 8.7.2 of SecureCRT. When the CSI function receives a large negative number as a parameter, it may allow the remote system to destroy...
The US Cybersecurity and Infrastructure Security Agency (CISA) recently released a list of the ten most commonly exploited vulnerabilities between 2016 and 2019, including seven Microsoft product vulnerabilities (Office, Windows, SharePoint, .NET Framework) Apache...
Microsoft is rolling out the May 2020 Patch Tuesday. This security update fixed 111 patch vulnerabilities, mainly covers the Windows operating system, IE / Edge browser, ChakraCore, Dynamics, Visual Studio, Android applications, .Net Framework,...
The latest version of the Ubuntu Server installer leaked the password into its log file. Subiquity is the installer for Ubuntu Server. It has been around for almost 3 years, but it was not...
Björn Ruytenberg, a security researcher at the Eindhoven University of Technology, revealed that all PCs manufactured before 2019 may be hacked due to defects in commonly used Thunderbolt ports. Even if the PC is...
