Apache Tomcat is an open-source implementation of the Java Servlet, JavaServer Pages, Java Expression Language, and WebSocket technologies. Tomcat provides a “pure Java” HTTP web server environment in which Java code can run. Recently,...
Recently, Microsoft fixed a critical security vulnerability on Microsoft SQL Server Reporting Services (CVE-2020-0618) in the February Patch Tuesday event. “A remote code execution vulnerability exists in Microsoft SQL Server Reporting Services when it...
Radware network security researchers warned that about 12,000 cloud automation servers worldwide could be exploited for launching the denial of service (DoS) Attacks, DDoS attacks can reach a magnification of 100 times, and the...
Intel has warned that there are multiple serious vulnerabilities in Security Engine products, and urge users to use the existing fix as soon as possible. It is understood that the Intel Converged Security and...
Earlier, Microsoft issued a security bulletin that revealed a zero-day vulnerability in Internet Explorer (CVE-2020-0674) reported by Google Project Zero and the 360 Security Group. The zero-day vulnerability was exploited by hackers before the...
Recently, Django officially released a security notice that announced a potential SQL injection vulnerability (CVE-2020-7471) that was exploited via StringAgg (delimiter). An attacker can pass the constructor delimiter to the django.contrib.postgres.aggregates.StringAgg aggregate function to...
Adobe officially released the February product security update. This update includes 5 security bulletins for 42 security vulnerabilities in Framemaker, Experiment Manager, Adobe Digital Editions, Flash, Acrobat, and Reader. Details are as follows: The...
On February 10, 2020, Apache Dubbo officially released the CVE-2019-17564 vulnerability notice, and the vulnerability level is important. Apache Dubbo is a high-performance, lightweight, java based RPC framework. Dubbo offers three key functionalities, which...
On February 11, 2019, Microsoft released the February security update. In February, Microsoft fixed up to 99 vulnerabilities, covering Windows operating system, IE / Edge browser, ChakraCore, SQL Server, Exchange Server, office and office...
Google has now launched this month’s routine security updates for Android. Of course, as you know most devices cannot install these critical security updates in a timely manner. After Google released the update, researchers...
Security researchers recently disclosed details of five vulnerabilities in the widely adopted Cisco Discovery Protocol (CDP). The vulnerabilities discovered by IoT cybersecurity company Armis are collectively referred to as CDPwn. CDP is a proprietary...
Security researcher Eitan Caspi recently checked the gov.il subdomain for security issues, and as a result, he found open Open SSH access on the Israeli government DNS server. Using an online SSL checker developed...
Recently, fusionauth issued a CVE-2020-7799 vulnerability warning, with a high vulnerability level. A problem was found in FusionAuth versions prior to 1.11.0. “An authenticated user, allowed to edit e-mail templates (Home -> Settings ->...
OpenWrt has revealed that a security vulnerability (CVE-2020-7982) has been fixed. Hackers can use this vulnerability to remotely trigger and gain router management rights. Of course, the vulnerability is now disclosed, this has been...
Twitter revealed that it found and suspended accounts that abused features that allowed users to match phone numbers with usernames. The announcement of the privacy issue also confirmed a vulnerability discovered by researcher Ibrahim...
Recently, Microsoft releases Intel microcode updates to Windows 10 to mitigate data sampling vulnerabilities. This microcode update covers all supported versions of Windows 10. However, Microsoft has not pushed these microcode updates directly to...
