Recently, TP-Link has fixed a high-risk vulnerability in the C200 IP camera. Using the known Heartbleed vulnerability (located on the public TCP port 443), the user’s hashed password can be found in the memory...
On July 22, Cisco officially released a Path Traversal vulnerability risk notice on the Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software that leads to arbitrary file reading. The...
According to the Skybox Security report on vulnerabilities and threats in 2020, the number of vulnerabilities in 2020 is likely to break a new record, more than 20,000, of which the number of mobile...
Visual Studio Code is a free cross-platform open-source code editor launched by Microsoft in 2015. It is one of the most popular code editors in the developer field. Apple announced at this year’s WWDC...
Recently, Cisco issued a security update notice for a variety of products, which resolved 5 critical vulnerabilities with a score of 9.8 (CVE-2020-3330, CVE-2020-3323, CVE-2020-3144, CVE- 2020-3333, CVE-2020-3140). Vulnerability Details CVE-2020-3330: Cisco Small Business...
On July 15, 2020, Oracle officially released the July security update. This security update fixed 443 vulnerabilities, of which Oracle Fusion Middleware has 52 vulnerability patch updates, mainly covering Oracle Weblogic, Oracle Coherence, Oracle...
The Microsoft security team announced a major security vulnerability in the Windows DNS server yesterday evening. The vulnerability has been disclosed by researchers in advance. The vulnerability number is CVE-2020-1350. Microsoft has announced more...
On July 15, 2020, Microsoft officially released the July security update, and the incident level was serious. This security update patches for 123 vulnerabilities, mainly covering the Windows operating system, commercial version of Skype,...
Recently, SAP officially released a risk notification for high-risk vulnerability caused by the lack of identity authentication in SAP NetWeaver. The vulnerability number is CVE-2020-6287, and the vulnerability level is high-risk. SAP NetWeaver is...
Recently, Citrix officially released multiple security vulnerability risk announcements in the Citrix ADC, Citrix Gateway, and Citrix SD-WAN WANOP components. Vulnerability impact is high risk. There are multiple security issues in Citrix products. Attackers...
Kubernetes officially released a risk notification that the Kubernetes node settings allow neighboring hosts to bypass the local host boundary. The vulnerability number is CVE-2020-8558, and the vulnerability level is medium. A security researcher...
Some time ago, the Surface Laptop 3 has a screen cracking problem, some Surface Book 3 users reported some problems with their device’s headphone jack. In many forums on the Internet, you can see...
Recently, Apache Guacamole officially released the risk notification for the remote code execution vulnerability in the Guacamole gateway. The vulnerability number is CVE-2020-9497/CVE-2020-9498, and the vulnerability level is medium. Apache Guacamole is a clientless remote...
On June 30, 2020, Microsoft officially released a risk notification for the Microsoft Windows Codecs library remote code execution Vulnerability The vulnerability numbers are CVE-2020-1457 [1] and CVE-2020-1425 [2], and the vulnerability level is...
Palo Alto officially issued a risk notification that bypassed the SAML authentication mechanism. The vulnerability number is CVE-2020-2021, and the vulnerability level is high risk. Security Assertion Markup Language (SAML) is a standard for logging...
Recently, Apache Tomcat issued a notice saying that an HTTP/2 Denial of Service vulnerability (CVE-2020-11996) exists on Apache Tomcat was fixed. “A specially crafted sequence of HTTP/2 requests could trigger high CPU usage for...
