Microsoft on Tuesday patched an extremely serious security vulnerability that exists in a core encryption component of all versions of Windows. The National Security Agency found and reported this flaw. The vulnerability affects the...
An academic study published by Princeton University pointed out that the five major U.S. prepaid wireless carriers are extremely vulnerable to SIM swapping attacks. It specifically refers to the attacker calling the mobile service...
Cable Modems is a network device that can connect both a cable television network and a broadband network. Such equipment is usually installed when the operator provides users with both radio and television programs...
Researchers at Cisco Talos discovered two buffer overflow vulnerabilities in OpenCV version 4.1.0, namely CVE-2019-5063 (CVSS score 8.8) and CVE-2019-5064 (CVSS score 8.8). OpenCV (Open source computer vision) is a library of programming functions mainly aimed at...
Researchers found that there was a vulnerability in the Microsoft Access database application. If it is not patched, it may have adverse effects on thousands of US companies. The vulnerability discovered by Mimecast’s team...
Recently, a bug bounty hunter discovered that an API key of Starbucks was exposed in a public GitHub repository, and reported the vulnerability through the HackerOne bug bounty platform. This flaw is Starbucks’ highest...
On January 3, 2020, we monitored that mongo-express officially released the CVE-2019-10758 vulnerability warning, with a high vulnerability level. At present, the number of users of mongo-express should be more in the MongoDB admin...
Security researchers have discovered three serious remote code execution vulnerabilities in the Ruckus wireless routers that can be used by hackers to bypass the router and remotely control. It is understood that these vulnerabilities...
Two security researchers, Miguel Mendez Z. — (s1kr10s) and Pablo Pollanco — (secenv) discovered a critical security flaw in the firmware of the D-Link DIR-859 router, unauthenticated RCE, which allows an attacker to take...
Nvidia has released an emergency security update for the GeForce Experience software to all users. The update aims to fix high-risk security vulnerabilities in GeForce Experience components. GeForce Experience is an auxiliary application of...
Recently, the Tencent Blade Team discovered a set of SQLite vulnerabilities called “Magellan 2.0”, allowing hackers to remotely run various malicious programs on the Chrome browser. There are 5 vulnerabilities in this group, numbered...
Hackers can use vulnerabilities (CVE-2019-19781) in Citrix’s Application Delivery Controller (NetScaler ADC) and Gateway (NetScaler Gateway) to sneak into the company’s intranet. The vulnerability was discovered by Mikhail Klyuchnikov of Positive Technologies. It is...
Twitter issued a new security alert. The company said that the security team found a serious security vulnerability in the Twitter app for Android. An attacker could directly access the user’s account information by...
On December 17, Microsoft officially released the CVE-2019-1491 vulnerability warning and patch. Microsoft SharePoint is a set of corporate business collaboration platforms from Microsoft. The platform is used to integrate business information and enable...
Recently, Django officially released a security bulletin to fix a security vulnerability. The high-risk vulnerability is CVE-2019-19844. Django’s password-reset form uses a case-insensitive query to retrieve accounts matching the email address requesting the password...
360 Group cooperated with Mercedes-Benz and fixed 19 related potential vulnerabilities in Mercedes-Benz intelligent connected cars. It is reported that this is the first technology company partner selected by Mercedes-Benz worldwide. The Sky-Go Team...
