IBM officially released a security announcement on January 27. Some versions of IBM QRadar SIEM have high-risk vulnerabilities (CVE-2020-4888). Remote attackers can use this vulnerability to execute arbitrary commands on the system. The exploit...
Apache ActiveMQ is the most popular open-source, multi-protocol, Java-based messaging server. It supports industry-standard protocols so users get the benefits of client choices across a broad range of languages and platforms. Recently, Apache issued a...
Druid is a high-performance real-time analytics database. Druid’s main value add is to reduce time to insight and action. Druid is designed for workflows where fast queries and ingest really matter. Druid excels at...
Apache Shiro is a powerful and easy-to-use Java security framework that performs authentication, authorization, cryptography, and session management. With Shiro’s easy-to-understand API, you can quickly and easily secure any application – from the smallest...
Microsoft has tried to fix security vulnerabilities in Windows Installer components many times, and it has not been able to completely solve the problem since it was found in 2019. At that time, a...
Google recently blocked 7 TCP ports in the Chrome browser. If users visit websites that use these ports, they will not be able to access these websites. The purpose of this move is mainly...
Recently, IBM officially released a security bulletin to fix an XML External Entity Injection (XXE) vulnerability (CVE-2020-4949) in the WebSphere Application Server (WAS), because WAS did not correctly process XML data. An attacker can...
On January 27, 2021, RedHat issued a risk notice for heap-based buffer overflow vulnerability, the vulnerability number is CVE-2021-3156. The vulnerability level is a high risk. CVSS v3 Base Score is 7.0. Attackers can...
VLC player launched a new version to support Apple M1, which is a new version developed based on the ARM64 architecture so that Apple M1 users can get the best performance. If Apple M1...
Drupal is a free and open-source web content management framework written in PHP and distributed under the GNU General Public License. Drupal provides a back-end framework for at least 12% of the top 10,000...
Recently, JSOF issued a risk notice on dnsmasq, an open-source DNS forwarding software in common use. DNSpooq is the collective name of the security vulnerabilities disclosed this time named by JSOF. The report mainly...
On January 19, 2021, Oracle officially released the Critical Patch Update (CPU) Advisory for January 2021. This security update fixed 329 security vulnerabilities, of which Oracle Fusion Middleware has 60 vulnerability patch updates, mainly...
Since October last year, Windows security researcher Jonas Lykkegaard has posted multiple tweets on Twitter, stating that entering a path in the browser address will immediately cause Windows 10 to crash and display BSOD....
Microsoft Defender supports multiple operating systems to provide users with security protection services. Of course, even security software sometimes has the vulnerability. For example, Microsoft recently pushed a scan engine update to fix a...
The Microsoft Office team has already released the latest security update to users. This security update fixes security vulnerabilities in multiple office software components. According to the security bulletin, the most common security vulnerabilities...
According to the Microsoft Security Bulletin, the company has fixed the vulnerability that the Windows 10 secure boot function was bypassed in the security update released this month. The secure boot function is usually...
