Vulnerability • InfoTech & InfoSec News

September 2, 2020

CVE-2020-13946: Apache Cassandra RMI Rebind Vulnerability Alert

On September 1, 2020, Apache officially released a risk notice for the Apache Cassandra RMI rebind vulnerability. The vulnerability number is CVE-2020-13946, the vulnerability level is medium, and the vulnerability score is 6.8. The...

Vulnerability

August 27, 2020

CVE-2020-24616: Jackson Deserialization Security Vulnerabilities Alert

On August 25, 2020, Jackson-databind issued a risk notice for Jackson-databind serialization vulnerability, the vulnerability number is CVE-2020-24616, vulnerability level is a high risk, vulnerability score is 7.5. There is a new deserialization exploit...

Vulnerability

August 25, 2020

CWE Top 25: Cross-Site Scripting Vulnerability Leaps to the Top

Recently, in the CWE (Common Weakness Enumeration) newly released list of the 25 most dangerous software vulnerabilities in 2020, cross-site scripting (XSS) vulnerability ranked first. In the newly announced list, the cross-site scripting (XSS)...

Vulnerability

August 25, 2020

CVE-2020-14364: QEMU USB module out-of-bounds read and write Vulnerability Alert

Recently, 2020, QEMU issued a risk notice for the qemu memory out-of-bounds vulnerability. The vulnerability number is CVE-2020-14364, the vulnerability level is severe, and the vulnerability score is 10. By constructing special memory data,...

Vulnerability

August 24, 2020

Microsoft took two years to fix a Windows critical security vulnerability

In January 2019, a security researcher discovered a vulnerability in the Windows system signature verification. This vulnerability was subsequently submitted to Microsoft and confirmed by Microsoft. This vulnerability was later assigned the vulnerability number...

Vulnerability

August 18, 2020

CVE-2020-13933: Apache Shiro Authentication Bypass Vulnerability Alert

On August 17, 2020, Apache Shiro issued a risk notice about the authentication bypass. The vulnerability number is CVE-2020-13933, vulnerability level is a high risk, vulnerability score is 8.0. Apache Shiro has an authentication...

https://meterpreter.org/wp-content/uploads/2017/08/Apache-Struts.jpg

Vulnerability

August 14, 2020

CVE-2019-0230: Apache Struts2 Remote Code Execution Vulnerability Alert

On August 13, 2020, Apache officially issued a risk notice for the Struts2 remote code execution vulnerability, the vulnerability number is CVE-2019-0230, and the vulnerability level is a high risk, vulnerability score is 8.5....

Vulnerability

August 13, 2020

Citrix Endpoint Management Multi Vulnerabilities Alert

On August 13, 2020, Citrix officially released a risk notice for the Citrix Endpoint Management component, including multiple vulnerabilities of varying levels. Citrix Endpoint Management has arbitrary file reading vulnerability. Remote unauthorized attackers can...

Vulnerability

August 12, 2020

CVE-2020-1472: NetLogon Privilege Escalation Vulnerability Alert

On August 11, 2020, Windows officially released a risk notice for the NetLogon privilege escalation vulnerability, the vulnerability number is CVE-2020-1472, vulnerability level is serious, the vulnerability score is 10 points. The NetLogon component...

Vulnerability

August 11, 2020

Researchers reveals a security vulnerability, CVE-2020-6519 in Google Chrome

Security researchers recently exposed a medium-risk security vulnerability (CVE-2020-6519) in Google Chrome. This security vulnerability has existed for several years but has not been fixed until recently. Attackers can use this security vulnerability to...

Vulnerability

August 10, 2020

Snapdragon Digital Signal Processor unit has a major vulnerability, threatening a large number of Android devices

According to the latest research report released by a Check Point security company, the Snapdragon series processors owned by the well-known chip manufacturer Qualcomm have high-risk security vulnerabilities. Although Qualcomm is not a direct...

Vulnerability

August 9, 2020

CVE-2020-13699: Teamviewer Unquoted URI handler Vulnerability Alert

Recently, TeamViewer officially announced that a vulnerability has recently been fixed, which may allow an attacker to quietly establish a connection with your computer and further exploit the system. The vulnerability number is CVE-2020-13699....

Data Leak / Vulnerability

August 6, 2020

A security breach in Twitter affects Android 8-9 users and leaks private data

The well-known social networking site, Twitter started sending out pop-up notifications to Android users last night, notifying that the company’s security team found a security vulnerability in the Android client. Attackers can use this...

Vulnerability

August 4, 2020

CVE-2020-15778: OpenSSh Remote Comand Injection Vulnerability Alert

Security researcher, Chinmay Pandya discovered a command injection vulnerability (CVE-2020-15778) in the scp component of openssh. The scp in OpenSSH 8.3p1 allows commands to be injected into the remote function of scp.c, and attackers...

Vulnerability

August 4, 2020

CVE-2020-15871: Nexus Repository Manager Code Execution Vulnerability Alert

On August 3, 2020, the Sonatype Security Team released a risk notice for Nexus Repository Manager 3.x remote code execution vulnerability. The vulnerability number is CVE-2020-15871. The vulnerability level is serious and the vulnerability...

Vulnerability

August 1, 2020

CVE-2020-3374, CVE-2020-3375: CISCO SD-WAN High-Risk Vulnerabilities Alert

Recently, Cisco (Cisco) officially released an announcement stating that it has repaired two high-risk vulnerabilities in Cisco SD-WAN vManager Software (CVE-2020-3374) and SD-WAN Solution Software (CVE-2020-3375). Cisco SD-WAN is a secure cloud-scale architecture with...

Category: Vulnerability

CVE-2020-13946: Apache Cassandra RMI Rebind Vulnerability Alert

CVE-2020-24616: Jackson Deserialization Security Vulnerabilities Alert

CWE Top 25: Cross-Site Scripting Vulnerability Leaps to the Top

CVE-2020-14364: QEMU USB module out-of-bounds read and write Vulnerability Alert

Microsoft took two years to fix a Windows critical security vulnerability

CVE-2020-13933: Apache Shiro Authentication Bypass Vulnerability Alert

CVE-2019-0230: Apache Struts2 Remote Code Execution Vulnerability Alert

Citrix Endpoint Management Multi Vulnerabilities Alert

CVE-2020-1472: NetLogon Privilege Escalation Vulnerability Alert

Researchers reveals a security vulnerability, CVE-2020-6519 in Google Chrome

Snapdragon Digital Signal Processor unit has a major vulnerability, threatening a large number of Android devices

CVE-2020-13699: Teamviewer Unquoted URI handler Vulnerability Alert

A security breach in Twitter affects Android 8-9 users and leaks private data

CVE-2020-15778: OpenSSh Remote Comand Injection Vulnerability Alert

CVE-2020-15871: Nexus Repository Manager Code Execution Vulnerability Alert

CVE-2020-3374, CVE-2020-3375: CISCO SD-WAN High-Risk Vulnerabilities Alert

Search

Brilliantly

Content & Links