安全研究 Safety research
影响Windows和macOS平台,黑客利用AdobeCF漏洞部署恶意软件https://www.freebuf.com/news/376962.html Notepad++漏洞允许执行任意代码https://www.solidot.org/story?sid=75988 Adobe ColdFusion关键漏洞尽管有补丁,但仍被利用https://www.infosecurity-magazine.com/news/adobe-coldfusion-vulnerabilities/ 黑客如何挫败梭子鱼的漏洞修补https://www.solidot.org/story?sid=75970 SPLUNK Multiple product Vulnerability CVE-2023-40594https://redqueen.tj-un.com/IntelDetails.html?id=fce7313f7ff34bc48d884b467acbc8ef
发布时间: 2023 - 09 - 05
WordPress迁移插件存在漏洞,或引发大规模数据泄露https://www.freebuf.com/news/376712.html 苹果启动2024年SRDP计划:邀请安全专家使用定制iPhone寻找漏洞https://www.freebuf.com/news/376697.html DreamBus恶意软件利用RocketMQ漏洞感染服务器https://www.freebuf.com/news/376570.html VMware Aria Operations for Networks身份认证绕过漏洞安全风险通告https://www.secrss.com/articles/58373 WP数据迁移插件中漏洞CVE-2023-40004可导致数据泄露https://redqueen.tj-un.com/InfoDetails.html?id=b3deb8beb0844e9493bcf2c08c5445f8
发布时间: 2023 - 09 - 01
Windows错误报告服务权限提升漏洞(CVE-2023-36874)安全通告https://www.secrss.com/articles/58160 研究人员发布针对Juniper SRX防火墙漏洞的PoChttps://redqueen.tj-un.com/InfoDetails.html?id=0ae5499cf1de40eab58c82edba30d286 Lazarus利用ManageEngine中漏洞攻击医疗保健等行业https://redqueen.tj-un.com/InfoDetails.html?id=12f115636594482cbe9a9da471dfc9fd Barracuda ESG设备CVE-2023-2868漏洞的补丁无效https://redqueen.tj-un.com/InfoDetails.html?id=d2ea9da5dff54e53bf7283ea6c24b2bb 3千多台Openfire服务器未修复漏洞CVE-2023-32315https://redqueen.tj-un.com/InfoDetails.html?id=4d3bf23a72a84be5ac06629706aa3a72
发布时间: 2023 - 08 - 29
零日攻击利用WinRAR安全漏洞锁定交易者https://www.freebuf.com/news/376183.html Ivanti曝新的MobileIron零日漏洞,正在被恶意利用https://www.freebuf.com/news/375839.html Smartbi身份认证绕过漏洞安全风险通告https://www.secrss.com/articles/58121 3千多台Openfire服务器未修复漏洞CVE-2023-32315https://redqueen.tj-un.com/InfoDetails.html?id=4d3bf23a72a84be5ac06629706aa3a72 WinRAR代码执行漏洞(CVE-2023-38831)安全风险通告https://www.secrss.com/articles/58122
发布时间: 2023 - 08 - 25
WinRAR高危漏洞允许黑客在用户打开压缩文件时运行程序https://www.solidot.org/story?sid=75841 研究人员披露WinRAR中的RCE漏洞CVE-2023-40477https://redqueen.tj-un.com/InfoDetails.html?id=c02231d9f6454023b36fe651b261f404 瞻博网络Junos OS漏洞使设备面临远程攻击https://thehackernews.com/2023/08/new-juniper-junos-os-flaws-expose.html CVE-2022-37969 clfs漏洞分析与利用https://www.freebuf.com/vuls/374801.html TP-Link智能灯泡缺陷能让黑客窃取用户WiFi密码https://www.freebuf.com/news/375669.html
发布时间: 2023 - 08 - 22
苹果iOS16曝出新漏洞:飞行模式下依旧可连接网络https://www.freebuf.com/news/375357.html 普华永道踩坑MOVEit漏洞,泄露银行8万名储户的信息https://www.freebuf.com/news/375127.html 微软2023财年发放了超1亿元漏洞赏金:平均每个漏洞8.5万元https://www.secrss.com/articles/57877 潜伏二十多年漏洞曝光,几乎所有VPN都中招https://www.secrss.com/articles/57826 Citrix ShareFile漏洞CVE-2023-24489已被利用https://redqueen.tj-un.com/InfoDetails.html?id=0fffa1d1aeda4f509c9e9ef7e758f6b0
发布时间: 2023 - 08 - 18
ScrutisWeb曝出严重漏洞,可远程控制全球ATM!https://www.freebuf.com/news/374875.html 福特曝WiFi安全漏洞,官方称仍可安全驾驶https://www.freebuf.com/news/374817.html 新的PythonURL解析漏洞可能导致命令执行攻击https://www.freebuf.com/news/374733.html AudioCodes桌面电话和ZoomZTP曝出严重漏洞,用户面临窃听风险!https://www.freebuf.com/news/374724.html 微软:欧德神思软件曝出15个漏洞,可致电厂关停、数据窃取https://www.secrss.com/articles/57788
发布时间: 2023 - 08 - 15
搜狗输入法曝加密系统漏洞(已修复),黑客可窃取用户输入的内容https://www.freebuf.com/news/374555.html EoL-Zyxel路由器五年前的漏洞仍在被利用https://www.freebuf.com/news/374532.html 为打击漏洞利用,谷歌将每周更新Chrome安全补丁https://www.freebuf.com/news/374385.html 英特尔处理器被曝出“Downfall”漏洞:可窃取加密密钥https://www.freebuf.com/news/374376.html 微软8月份安全更新修复两个被利用漏洞在内的87个漏洞https://redqueen.tj-un.com/InfoDetails.html?id=06caaf0e58604db78408d52075027a68
发布时间: 2023 - 08 - 11
抓紧修复!2022年最常被利用漏洞清单发布https://www.secrss.com/articles/57421 研究人员发现PaperCut软件中新的高严重性漏洞https://thehackernews.com/2023/08/researchers-uncover-new-high-severity.html PaperCut修复NG/MF打印管理软件漏洞CVE-2023-39143https://redqueen.tj-un.com/InfoDetails.html?id=44241af3de2c4526b7d6bec06b0f28f6 LIFERAYMultipleproductVulnerabilityCVE-2023-3426https://redqueen.tj-un.com/IntelDetails.html?id=bbefe10e9c094b20ac1b4de1cb30d4b3
发布时间: 2023 - 08 - 08
NSA、FBI、CISA联合发布:2022最容易被利用的漏洞TOP12https://www.freebuf.com/news/373882.html 黑客利用Facebook漏洞,发起网络钓鱼攻击https://www.freebuf.com/news/373761.html 黑客利用CVE-2023-3519在数百台Citrix服务器安装后门https://redqueen.tj-un.com/InfoDetails.html?id=1ed94496624d43be9ea8baf29a310750 研究人员发现绕过最近修补的关键Ivanti EPMM漏洞https://thehackernews.com/2023/08/researchers-discover-bypass-for.html 亚马逊云(AWS)曝新漏洞,SSM 代理已成木马!https://thehackernews.com/2023/08/researchers-uncover-aws-ssm-agent.html
发布时间: 2023 - 08 - 04
谷歌:安卓补丁漏洞让N-days与0-days同样危险https://www.freebuf.com/news/373462.html 因为补丁更新不及时Android的N-days问题严重https://www.solidot.org/story?sid=75661 Zimbra修复ZCS中已被利用的XSS漏洞CVE-2023-38750https://redqueen.tj-un.com/InfoDetails.html?id=8aa5be037ca54e5e9624be7ffd3e92f3 Google发布关于2022年度0day漏洞的回顾报告https://redqueen.tj-un.com/InfoDetails.html?id=34dce429ad5e4eb49fb653a6fb742d3e 研究人员发现利用Barracuda漏洞安装后门SUBMARINE的活动https://redqueen.tj-un.com/InfoDetails.html?id=2b2e9da2534b4a7fb16e6605eefaf2b1
发布时间: 2023 - 08 - 01
WordPressNinjaForms曝出严重安全漏洞https://www.freebuf.com/news/373286.html Ubuntu曝Linux漏洞,近40%用户受影响https://www.freebuf.com/news/373188.html AMDZen2架构处理器曝出Zenbleed预测漏洞https://www.solidot.org/story?sid=75620 VulnCheck披露影响90多万台MikroTik设备的提权漏洞https://redqueen.tj-un.com/InfoDetails.html?id=1f70f49b87234f85b95bf4cd29e9cda1 Fortinet在Microsoft消息队列服务中发现多个漏洞https://redqueen.tj-un.com/InfoDetails.html?id=68040d1708154f7f802006b3c28227f2
发布时间: 2023 - 07 - 28
2023史诗级漏洞后门曝光!存在长达几十年,美国或用于监听全球https://www.freebuf.com/news/372975.html 2023上半年最“费钱”的漏洞来了,勒索赎金超7亿元https://www.freebuf.com/news/372887.html 苹果发布安全更新,修复了今年第11个零日漏洞!https://www.freebuf.com/news/372954.html 固件漏洞给予黑客超级用户身份https://www.solidot.org/story?sid=75599 Clop利用MOVEit漏洞的攻击预估获利7500万至1亿美元https://redqueen.tj-un.com/InfoDetails.html?id=13469cba3c8544668aa2184f82bf8362
发布时间: 2023 - 07 - 26
ApacheOpenMeetings网络会议工具曝出严重漏洞https://www.freebuf.com/news/372703.html 速查!思科SD-WAN管理曝高危漏洞https://www.freebuf.com/news/372376.html Adobe警告客户ColdFusionRCE漏洞已被攻击者利用https://www.freebuf.com/news/372341.html 思杰警告:ADC和网关存在被主动利用的零日漏洞https://securityaffairs.com/148594/security/citrix-netscaler-application-delivery-controller-flaw.html 谷歌云构建漏洞容易引发潜在的供应链攻击https://www.freebuf.com/news/372456.html
发布时间: 2023 - 07 - 21
Adobe警告客户ColdFusion RCE漏洞已被攻击者利用https://www.freebuf.com/news/372341.html 网络攻击者正利用Word文档漏洞部署LokiBot恶意软件https://www.freebuf.com/news/372336.html VED测试镜像发布:Linux数字军火漏洞利用方法和抵挡https://www.solidot.org/story?sid=75528 Rapid7透露多个Adobe ColdFusion漏洞已被主动利用https://redqueen.tj-un.com/InfoDetails.html?id=d4e472dde00b46dea99c2f5f811649a7 Zimbra提醒用户手动修复其ZCS中已被利用的XSS漏洞https://redqueen.tj-un.com/InfoDetails.html?id=a9f852b5d79e45a0864fdfe5f16175e6
发布时间: 2023 - 07 - 18
Ghostscript开源PDF库中发现关键漏洞https://www.freebuf.com/news/371927.html 哈佛大学网站现高危漏洞,可导致数据泄露https://www.freebuf.com/news/371819.html Check Point发布QuickBlox框架中漏洞的分析报告https://redqueen.tj-un.com/InfoDetails.html?id=990b5c072a614562820b949539c2d105 SonicWall紧急更新修复GMS和Analytics中的15个漏洞https://redqueen.tj-un.com/InfoDetails.html?id=907f4e43848a4cb085200e2cc947d1af 微软7月份更新包括6个被利用0day在内的132个漏洞https://redqueen.tj-un.com/InfoDetails.html?id=d8235d44145c48bba09169f2e665c7ec
发布时间: 2023 - 07 - 14
今年第十个零日漏洞,苹果发布紧急更新https://www.freebuf.com/news/371623.html MOVEit再现新漏洞,多个版本受影响https://www.freebuf.com/news/371525.html 研究人员发现新的Linux内核'StackRot'特权升级漏洞https://www.freebuf.com/news/371340.html 泛微E-Cology SQL注入漏洞安全风险通告https://www.secrss.com/articles/56489 Mastodon修复可导致服务器劫持的漏洞TootRoothttps://redqueen.tj-un.com/InfoDetails.html?id=0a9244bf83a94458bded0c131d744c7d
发布时间: 2023 - 07 - 11
Fortinet曝出严重RCE漏洞,30+万台设备受到严重影响https://www.freebuf.com/news/371023.html CISA在三星和D-Link设备中发现8个被积极利用的漏洞https://www.freebuf.com/articles/371012.html 研究人员发现利用WP插件Ultimate Member漏洞的攻击https://redqueen.tj-un.com/InfoDetails.html?id=4d8222f0703441c6ad06086f7713fc3a 超30万Fortinet防火墙仍未修复严重漏洞https://www.secrss.com/articles/56275 Smartbi登录代码逻辑漏洞安全风险通告https://www.secrss.com/articles/56233
发布时间: 2023 - 07 - 06
Apple多个产品高危漏洞安全风险通告https://www.secrss.com/articles/55885 Fortinet修复FortiNAC RCE漏洞CVE-2023-33299https://redqueen.tj-un.com/InfoDetails.html?id=3104afa093454dd291af7a6e9f0e62b4 Unit 42公开利用多个IoT漏洞的新一轮Mirai活动https://redqueen.tj-un.com/InfoDetails.html?id=3baa3bda7c78414c8ea79151da59a415 VMware修复其vCenter Server中的多个安全漏洞https://redqueen.tj-un.com/InfoDetails.html?id=7435caebc81c4dcc988f101fea5bd3e2 Apple修复在Triangulation活动中被利用的多个漏洞https://redqueen.tj-un.com/InfoDetails.html?id=78eaea834a0e4026af070e34846b66c4
发布时间: 2023 - 06 - 26
Mandiant称中国黑客正在利用梭子鱼漏洞https://www.solidot.org/story?sid=75267 今年最大规模网络攻击:零日漏洞击穿防线,美国近百家大型政企遭勒索https://www.secrss.com/articles/55768 金蝶云星空远程代码执行漏洞安全风险通告https://www.secrss.com/articles/55737 Progress修复MOVEit中又一个SQLi漏洞CVE-2023-35708https://redqueen.tj-un.com/InfoDetails.html?id=d791adbcf8684dea917136744449f8f9 安全警报:D-Link漏洞被利用,引起路由器用户的担忧https://thecyberexpress.com/d-link-vulnerabilities-exploited-user-at-risk/
发布时间: 2023 - 06 - 20
友情连接:
免费服务热线 ree service hotline 400-613-1868 手机端
法律声明 Copyright  西安交大捷普网络科技有限公司  陕ICP备18022218号-1

陕公网安备 61019002000857号

犀牛云提供云计算服务