On January 19, 2021, Oracle officially released the Critical Patch Update (CPU) Advisory for January 2021. This security update fixed 329 security vulnerabilities, of which Oracle Fusion Middleware has 60 vulnerability patch updates, mainly...
Since October last year, Windows security researcher Jonas Lykkegaard has posted multiple tweets on Twitter, stating that entering a path in the browser address will immediately cause Windows 10 to crash and display BSOD....
Microsoft Defender supports multiple operating systems to provide users with security protection services. Of course, even security software sometimes has the vulnerability. For example, Microsoft recently pushed a scan engine update to fix a...
The Microsoft Office team has already released the latest security update to users. This security update fixes security vulnerabilities in multiple office software components. According to the security bulletin, the most common security vulnerabilities...
According to the Microsoft Security Bulletin, the company has fixed the vulnerability that the Windows 10 secure boot function was bypassed in the security update released this month. The secure boot function is usually...
Ignition is a beautiful and customizable error page for Laravel applications running on Laravel 5.5 and newer. It is the default error page for all Laravel 6 applications. It also allows to publicly share your...
According to BleepingComputer reports, researchers recently discovered a serious vulnerability in Windows 10. The vulnerability is mainly located in the NTFS file system and is very easy to trigger. The attacker only needs to...
On January 04, 2021, FortiWeb issued a risk notice for multiple high-risk vulnerabilities in FortiWeb. The vulnerability numbers are CVE-2020-29015, CVE-2020-29016, CVE-2020-29019, and CVE-2020-29018. Vulnerability Detail CVE-2020-29015 A blind SQL injection in the user...
The Apache mailing list archives published two vulnerability (CVE-2020-17518 & CVE-2020-17519) reports. These vulnerabilities were submitted by the Ant Security FG Lab. Attackers can read and write remote files through the REST API and...
Zend Framework is an open-source object-oriented web application development framework. Currently, the framework has been downloaded and installed 570 million times on PHP. This week, security researchers discovered a deserialization security vulnerability (CVE-2021-3007) in...
Recently, Niels Teusink, a security researcher from EyeControl, a Dutch network security company, discovered that more than 100,000 Zyxel’s firewalls, access point controllers, and VPN gateway products have administrator-level backdoor accounts. These administrator-level accounts...
Airflow is a platform created by the community to programmatically author, schedule, and monitor workflows. Recently, an email notice issued by Apache disclosed the Apache Airflow Incorrect Session Validation in Airflow Webserver with default...
On December 27, 2020, SolarWinds issued a risk notice for SolarWinds code execution vulnerability, the vulnerability number is CVE-2020-10148. The vulnerability level is critical. SolarWinds disclosed a vulnerability outside the supply chain attack. This...
The US Cybersecurity Infrastructure and Security Agency (CISA) warned that a low-level TCP/IP software library developed by Treck has serious vulnerabilities, allowing remote attackers to run arbitrary commands and launch denial of service (DoS)...
As Microsoft exceeds 90 days, with an extension of 14 days, Google Project Zero will continue to publish details of the security vulnerabilities that have been exploited in Windows 10. According to Google’s regulations,...
On December 15, 2020, Nexus Repository Manager 3 issued a risk notice for the Nexus Repository Manager 3 XML External Entities Injection Vulnerability. The vulnerability number is CVE-2020-29436. The vulnerability level is high risk....
