On August 17, 2020, Apache Shiro issued a risk notice about the authentication bypass. The vulnerability number is CVE-2020-13933, vulnerability level is a high risk, vulnerability score is 8.0. Apache Shiro has an authentication...
On August 13, 2020, Apache officially issued a risk notice for the Struts2 remote code execution vulnerability, the vulnerability number is CVE-2019-0230, and the vulnerability level is a high risk, vulnerability score is 8.5....
On August 13, 2020, Citrix officially released a risk notice for the Citrix Endpoint Management component, including multiple vulnerabilities of varying levels. Citrix Endpoint Management has arbitrary file reading vulnerability. Remote unauthorized attackers can...
On August 11, 2020, Windows officially released a risk notice for the NetLogon privilege escalation vulnerability, the vulnerability number is CVE-2020-1472, vulnerability level is serious, the vulnerability score is 10 points. The NetLogon component...
Security researchers recently exposed a medium-risk security vulnerability (CVE-2020-6519) in Google Chrome. This security vulnerability has existed for several years but has not been fixed until recently. Attackers can use this security vulnerability to...
According to the latest research report released by a Check Point security company, the Snapdragon series processors owned by the well-known chip manufacturer Qualcomm have high-risk security vulnerabilities. Although Qualcomm is not a direct...
Recently, TeamViewer officially announced that a vulnerability has recently been fixed, which may allow an attacker to quietly establish a connection with your computer and further exploit the system. The vulnerability number is CVE-2020-13699....
The well-known social networking site, Twitter started sending out pop-up notifications to Android users last night, notifying that the company’s security team found a security vulnerability in the Android client. Attackers can use this...
Security researcher, Chinmay Pandya discovered a command injection vulnerability (CVE-2020-15778) in the scp component of openssh. The scp in OpenSSH 8.3p1 allows commands to be injected into the remote function of scp.c, and attackers...
On August 3, 2020, the Sonatype Security Team released a risk notice for Nexus Repository Manager 3.x remote code execution vulnerability. The vulnerability number is CVE-2020-15871. The vulnerability level is serious and the vulnerability...
Recently, Cisco (Cisco) officially released an announcement stating that it has repaired two high-risk vulnerabilities in Cisco SD-WAN vManager Software (CVE-2020-3374) and SD-WAN Solution Software (CVE-2020-3375). Cisco SD-WAN is a secure cloud-scale architecture with...
GRUB2 is currently the most mainstream *nix operating system boot program. It allows users to have multiple operating systems in the computer at the same time and supports a real-time selection of the specified...
Researchers from security companies revealed a high-risk vulnerability in the secure boot function. This vulnerability is currently named BootHole vulnerability and has not been fixed yet. This security hole is located in the GRUB2...
Recently, TP-Link has fixed a high-risk vulnerability in the C200 IP camera. Using the known Heartbleed vulnerability (located on the public TCP port 443), the user’s hashed password can be found in the memory...
On July 22, Cisco officially released a Path Traversal vulnerability risk notice on the Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software that leads to arbitrary file reading. The...
According to the Skybox Security report on vulnerabilities and threats in 2020, the number of vulnerabilities in 2020 is likely to break a new record, more than 20,000, of which the number of mobile...
