Google announced a new experimental abuse research funding program for abuse-related strategies and product issues outside the scope of existing vulnerability research funding and vulnerability reward programs (VRP). According to the introduction, the amount...
Well-known virtualization solution provider VMware recently issued an emergency security bulletin: The high-risk vulnerability in VMware vCenter Server is being exploited. This vulnerability is scored 9.8 points (out of 10 points). At least one...
Automattic, the company behind the WordPress content management system, will force a security update to be deployed on more than 5 million websites running the Jetpack WordPress plugin. Jetpack is a very popular WordPress...
For Apple’s self-developed M1 processor, some developers have now discovered that it has a huge loophole, so serious that it cannot be repaired if Apple does not modify the design. The Asahi Linux crew...
On May 26, 2021, VMware officially released a risk notice for the remote code execution vulnerability in VMware vCenter Server, which was discovered by Ricter Z, a security researcher at 360 Noah Lab. The...
Apple recently released related security updates to fix three macOS and tvOS zero-day vulnerabilities that are currently vulnerable to attackers. The first two vulnerabilities are CVE-2021-30663 and CVE-2021-30665, which affect the WebKit engine on...
Google disclosed the latest security vulnerabilities discovered by researchers in a security bulletin issued earlier this month. The company has currently fixed the vulnerabilities and provided the patch to the manufacturer. Whether users can...
Fingerprintjs, a developer of network fraud detection solutions, was researching anti-fraud technologies, it unexpectedly discovered that major browsers have program flood vulnerabilities. The test found that Google browser, Firefox browser, Tor Onion browser, and...
On May 17, 2021, XStream issues an alert about remote command execution vulnerability. The CVE number is CVE-2021-29505. This vulnerability has low complexity and high risk. XStream is a simple library to serialize objects...
On May 11, Microsoft officially released the May security update patch, which fixes a remote code execution vulnerability in the HTTP protocol stack (CVE-2021-31166), which exists in the HTTP protocol stack (http.sys). In the...
Some network security researchers have discovered a series of different vulnerabilities in the wireless transmission protocol, that is, WiFi. These vulnerabilities are all related to the way WiFi handles large blocks of data, some...
The second Tuesday of every month is the day when Microsoft releases routine updates. Adobe now also releases updates along with Microsoft. Adobe also launched new security updates according to the release process. The...
On May 11, Microsoft released the May 2021 Patch Tuesday, repairing 55 security vulnerabilities, involving Windows, Microsoft Office, Exchange Server, Visual Studio Code, Internet Explorer, and other widely used products, including high-risk types of...
Checkpoint researchers have discovered a serious security vulnerability in Qualcomm Mobile Station Modem (MSM). Attackers can use this vulnerability to access the text messages, call history, and monitor calls of mobile phone users. Qualcomm...
Apache OpenOffice, an Open Source office-document productivity suite comprising six productivity applications: Writer, Calc, Impress, Draw, Math, and Base. The OpenOffice suite is based around the OpenDocument Format (ODF), supports 41 languages, and ships...
