Vulnerability • InfoTech News

1 min read

Vulnerability

CVE-2020-15257: containerd-shim API Exposed to Host Network Containers Vulerability Alert

3 days ago ddos

On November 30, 2020, containerd had issued a risk notice for containerd's privilege escalation vulnerability. The vulnerability number is CVE-2020-15257,...

2 min read

Vulnerability

0Patch releases updates for Windows 7/Server 2008 to fix privilege escalation vulnerabilities

5 days ago ddos

Last week we mentioned that the researcher found that Windows 7 and Windows Server 2008 (R2) performance monitoring registry has...

2 min read

Vulnerability

Security researchers discovered Windows 7/Windows Server 2008 zero-day vulnerability

1 week ago ddos

A few days ago, French security researchers accidentally discovered vulnerabilities in Windows 7 and Windows Server 2008, which have been...

1 min read

Vulnerability

CVE-2020-28949, CVE-2020-28948: Drupal Arbitrary PHP Code Execution Vulnerability Alert

1 week ago ddos

On November 25, 2020, Drupal issued a risk notice for Drupal code execution vulnerabilities, the vulnerability number is CVE-2020-28949/CVE-2020-28948. The...

2 min read

Vulnerability

Chrome v87 fixes NAT Slipstreaming attack

2 weeks ago ddos

Google Chrome has released Chrome version 87. In this new version, Google brings many new features and major improvements in...

2 min read

Vulnerability

Cisco Multiple Critical Vulnerabilities Alert

2 weeks ago ddos

On November 18, 2020, Cisco officially issued risk notices for multiple serious vulnerabilities, the vulnerabilities numbered CVE-2020-27130, CVE-2020-3531, CVE-2020-3586, and...

1 min read

Vulnerability

CVE-2020-13671: Drupal Remote Code Execution Vulnerability Alert

2 weeks ago ddos

On November 18, 2020, Drupal issued a risk notice for Drupal code execution vulnerability, the vulnerability number is CVE-2020-13671. The...

1 min read

Vulnerability

CVE-2020-8277: Node.js Denial of Service Vulnerability Alert

2 weeks ago ddos

Recently, Node.js officially released a security update to fix a denial of service vulnerability (CVE-2020-8277). Attackers can trigger a denial...

1 min read

Vulnerability

Citrix SD-WAN Multiple High-Risk Vulnerability Alert

2 weeks ago ddos

On November 10, 2020, Citrix released Citrix SDWAN Center Security Update to warn about the vulnerability. These vulnerabilities numbers are...

2 min read

Vulnerability

Researchers have discovered new weaknesses in the DNS system for poisoning

3 weeks ago ddos

DNS is the domain name resolution system. Our Internet life at the bottom completely relies on key infrastructure such as...

1 min read

Vulnerability

CVE-2020-26217: XStream Remote Code Execution Vulnerability Alert

3 weeks ago ddos

On November 16, 2020, XStream issued a risk notice for XStream remote code execution vulnerability. The vulnerability number is CVE-2020-26217....

1 min read

Vulnerability

CVE-2020-13958: Apache OpenOffice Arbitrary Code Execution Vulnerability Alert

3 weeks ago ddos

On November 10th, Apache OpenOffice releases version 4.1.8 to fix arbitrary code execution vulnerability. Apache OpenOffice 4 is vulnerable to...

1 min read

Vulnerability

CVE-2020-12321: Intel Wireless Bluetooth products Escalation of Privilege Vulnerability Alert

3 weeks ago ddos

On November 10, 2020, Intel officially released a risk notice for the Intel Wireless Bluetooth products privilege escalation vulnerability. The...

1 min read

Vulnerability

CVE-2020-17051: Windows Network File System Remote Code Execution Vulnerability Alert

3 weeks ago ddos

On November 10, 2020, Microsoft had issued a risk notice for a remote code execution vulnerability in the Windows network...

1 min read

Vulnerability

Researcher publishes PoC for CVE-2020-13935 Apache Tomcat WebSocket DoS Vulnerability

4 weeks ago ddos

Recently, the Apache Tomcat WebSocket DoS vulnerability (CVE-2020-13935) PoC has been made public. Apache officially disclosed the vulnerability on July...

CVE-2020-15257: containerd-shim API Exposed to Host Network Containers Vulerability Alert

0Patch releases updates for Windows 7/Server 2008 to fix privilege escalation vulnerabilities

Security researchers discovered Windows 7/Windows Server 2008 zero-day vulnerability

CVE-2020-28949, CVE-2020-28948: Drupal Arbitrary PHP Code Execution Vulnerability Alert

Chrome v87 fixes NAT Slipstreaming attack

Cisco Multiple Critical Vulnerabilities Alert

CVE-2020-13671: Drupal Remote Code Execution Vulnerability Alert

CVE-2020-8277: Node.js Denial of Service Vulnerability Alert

Citrix SD-WAN Multiple High-Risk Vulnerability Alert

Researchers have discovered new weaknesses in the DNS system for poisoning

CVE-2020-26217: XStream Remote Code Execution Vulnerability Alert

CVE-2020-13958: Apache OpenOffice Arbitrary Code Execution Vulnerability Alert

CVE-2020-12321: Intel Wireless Bluetooth products Escalation of Privilege Vulnerability Alert

CVE-2020-17051: Windows Network File System Remote Code Execution Vulnerability Alert

Researcher publishes PoC for CVE-2020-13935 Apache Tomcat WebSocket DoS Vulnerability

Interpol arrests 3 business email scammers in Nigeria

Advantech was attacked by ransomware, hackers demanded a ransom of $12.6 million

French IT giant suffered a ransomware attack and lost between €40m and €50m

Japanese game developer Capcom suffered a ransomware attack

Advantech was attacked by ransomware, hackers demanded a ransom of $12.6 million

300,000 to 350,000 Spotify accounts ended up compromised

Hackers stole nude photos and videos of hundreds of female sports stars and celebrities in the UK and leaked them online

Lazada RedMart leaked 1.1 million account information