Recently, Microsoft has issued a risk notice for Windows privilege escalation vulnerability, the vulnerability number is CVE-2021-36934 with the CVSS score of 7.8. Currently, there is no official patch for this vulnerability. An attacker...
On July 21, 2021, RedHat officially released a risk notice for the Linux kernel local privilege escalation vulnerability, the vulnerability number is CVE-2021-33909. This vulnerability is a type conversion vulnerability in the Linux kernel...
On July 21, 2021, Redis officially issued a risk notice for Redis remote code execution vulnerabilities, the vulnerability number is CVE-2021-32761 with the CVSS score of 7.5. Redis is an in-memory database that persists...
According to Google’s official blog, the company has released a new version to the Google Chrome stable version. This version not only fixes vulnerabilities but also enhances security. Google said that the site isolation...
The Israeli spyware developer NSO, which was exposed by the media many years ago, is now at the forefront again. The company was found to be attacking politicians and activists in many countries. NSO...
On July 19, 2021, Fortinet officially released a risk notice for FortiManager & FortiAnalyzer UAF remote code execution, the vulnerability number is CVE-2021-32589 with the CVSSv3 Score of 7.5. FortiManager and FortiAnalyzer can achieve...
Microsoft’s Windows Hello biometric verification is considered to have high security, such as infrared cameras and fingerprint recognition are usually not easy to forge. Passing infrared camera certification usually requires a living body test,...
On July 14, 2021, security researcher @theflow published an analysis report on the CVE-2021-22555 Linux Netfilter privilege escalation vulnerability. This vulnerability was used in kCTF to attack the kubernetes pod container to achieve virtualization...
Large technology companies usually have their own security teams, and they also cooperate with external security experts to discover security vulnerabilities in their products to improve product security. For example, Microsoft also cooperates with...
Earlier, some users found that if the iOS system is connected to a WiFi hotspot named %p%s%s%s%s%n, the iPhone’s wireless network function will be permanently disabled. Even if the user restarts the system or...
ForgeRock AM is open-source access management and permission control platform, which is widely used in universities and social organizations. On June 30, 2021, PortSwigger released a vulnerability analysis report on ForgeRock AM remote code...
PowerISO is a powerful CD/DVD/BD image file processing tool, which allows to open, extract, burn, create, edit, compress, encrypt, split and convert ISO files, and mount ISO files with an internal virtual drive. Recent...
Recently, The security researchers disclosed the POC of the Windows Print Spooler remote code execution vulnerability on GitHub, the vulnerability number is CVE-2021-1675 with the CVSS:3.0 score of 7.8 / 6.8. Windows Print Spooler...
On June 28, 2021, Trend Micro released a risk notice for the security update of the password manager, the vulnerability number is CVE-2021-32461 (CVSSv3 Scores: 7.0), CVE-2021-32462 (CVSSv3 Scores 8.8). Trend Micro Windows Password...
Istio is an open-source service mesh that layers transparently onto existing distributed applications. Istio’s powerful features provide a uniform and more efficient way to secure, connect, and monitor services. Istio is the path to...
