On May 17, 2021, XStream issues an alert about remote command execution vulnerability. The CVE number is CVE-2021-29505. This vulnerability has low complexity and high risk. XStream is a simple library to serialize objects...
On May 11, Microsoft officially released the May security update patch, which fixes a remote code execution vulnerability in the HTTP protocol stack (CVE-2021-31166), which exists in the HTTP protocol stack (http.sys). In the...
Some network security researchers have discovered a series of different vulnerabilities in the wireless transmission protocol, that is, WiFi. These vulnerabilities are all related to the way WiFi handles large blocks of data, some...
The second Tuesday of every month is the day when Microsoft releases routine updates. Adobe now also releases updates along with Microsoft. Adobe also launched new security updates according to the release process. The...
On May 11, Microsoft released the May 2021 Patch Tuesday, repairing 55 security vulnerabilities, involving Windows, Microsoft Office, Exchange Server, Visual Studio Code, Internet Explorer, and other widely used products, including high-risk types of...
Checkpoint researchers have discovered a serious security vulnerability in Qualcomm Mobile Station Modem (MSM). Attackers can use this vulnerability to access the text messages, call history, and monitor calls of mobile phone users. Qualcomm...
Apache OpenOffice, an Open Source office-document productivity suite comprising six productivity applications: Writer, Calc, Impress, Draw, Math, and Base. The OpenOffice suite is based around the OpenDocument Format (ODF), supports 41 languages, and ships...
VMware vRealize Business for Cloud automates cloud costing analysis, consumption metering, cloud comparison, and planning, delivering the cost visibility and business insights you need to run your cloud more efficiently. On May 5, 2021,...
Microsoft security researchers have discovered more than 20 critical remote code execution (RCE) vulnerabilities in Internet of Things (IoT) devices and operational technology (OT) industrial systems. These 25 security vulnerabilities are collectively referred to...
Apache OFBiz is an open-source enterprise resource planning system. It provides a suite of enterprise applications that integrate and automate many of the business processes of an enterprise. OFBiz is an Apache Software Foundation...
Some cybersecurity researchers have discovered that criminals use fake application bundles to plant malware on Macs. Recently, a Mac malware researcher stated that hackers can create a fake application bundle by using a script...
According to a new report by the website security company Patchstack, 580 WordPress vulnerabilities were disclosed in 2020, but most of them affect third-party plugins and themes, rather than the core of WordPress. The...
The maintainer of the Linux kernel project Greg Kroah-Hartman decided to prohibit the University of Minnesota (UMN) from contributing to the open-source Linux project. The reason is that researchers at the University of Minnesota...
WebSphere Application Server is a software product that performs the role of a web application server. More specifically, it is a software framework and middleware that hosts Java-based web applications. It is the flagship...
Pulse Connect is an enterprise-class high-performance VPN system, which is widely used in enterprises. On April 20, 2021, PulseSecure released a risk notice for Pulse Connect Secure remote code execution, the vulnerability number is...
