安全研究 Safety research
iOS零日漏洞:卡巴斯基深入披露“三角测量”攻击https://www.freebuf.com/news/381748.html Apache ActiveMQ远程代码执行漏洞(CNVD-2023-69477)安全通告https://www.secrss.com/articles/60057 工信部:关于cURL高危安全漏洞的风险提示https://www.secrss.com/articles/60051 Salt Security公开关于OAuth协议实现API的漏洞https://redqueen.tj-un.com/InfoDetails.html?id=45260e5b819f47e2a058899e7bffc5e7 研究人员发布VMwarev漏洞CVE-2023-34051的PoChttps://redqueen.tj-un.com/InfoDetails.html?id=e20c320d9b4942068689dd3832f9ac24
发布时间: 2023 - 10 - 27
Cisco IOS XE Web UI命令执行漏洞 (CVE-2023-20273) 安全通告https://www.secrss.com/articles/59890 工信部:关于开源图像编解码库libwebp存在高危漏洞的风险提示https://www.secrss.com/articles/59864 超过4万台思科设备被植入后门账号:零日漏洞攻击,暴露即被黑https://www.secrss.com/articles/59861 研究人员披露SolarWinds ARM产品中多个漏洞的详情https://redqueen.tj-un.com/InfoDetails.html?id=7010ebb6a2394db4921171f0a0f82afa 微软披露多个黑客团伙利用TeamCity漏洞的攻击活动https://redqueen.tj-un.com/InfoDetails.html?id=312f23e0c624404dbfd1efa22d5fa67a
发布时间: 2023 - 10 - 24
国家支持的APT正在利用WinRAR漏洞https://www.freebuf.com/news/381150.html 立即更新安全补丁!WIKI系统Confluence存在高危漏洞https://www.freebuf.com/news/381032.html 开源CasaOS云软件发现关键漏洞https://www.freebuf.com/news/381025.html 逾三万思科IOSXE设备被黑客利用最新披露的0day入侵https://www.solidot.org/story?sid=76379 开源软件有漏洞,作者需要负责吗?是的!https://www.freebuf.com/news/381043.html
发布时间: 2023 - 10 - 19
满分漏洞!思科未修补的零日漏洞正被积极利用https://www.freebuf.com/news/380882.html Cisco透露其IOSXE软件中身份验证绕过漏洞已被利用https://redqueen.tj-un.com/InfoDetails.html?id=67ecddd5d0324a80993a548f37bf4ea6 研究人员发现利用WS_FTP服务器中漏洞的勒索攻击https://redqueen.tj-un.com/InfoDetails.html?id=058dbb1190264444afa08c57cf0ed3ac 10月份Win10周二补丁无法安装并出现0x8007000d错误https://redqueen.tj-un.com/InfoDetails.html?id=7100daff6db24b46bb937fb94d10b51d Signal揭穿零日漏洞报告,未发现任何证据https://thehackernews.com/2023/10/signal-debunks-zero-day-vulnerability.html
发布时间: 2023 - 10 - 17
利用主流路由器漏洞传播,MiraiDDoS恶意软件持续活跃https://www.freebuf.com/news/380228.html 准备熬夜加班?curl&libcurl高危漏洞明日公布https://www.freebuf.com/news/380169.html 黑客正在利用CitrixNetScaler网关漏洞,收集用户凭证https://www.freebuf.com/news/380066.html 五个被积极利用的漏洞,允许黑客窃取密码,发起DoS攻击https://www.freebuf.com/news/380407.html 大更新!微软发布103个漏洞补丁,其中13个为严重漏洞https://www.freebuf.com/news/380398.html
发布时间: 2023 - 10 - 12
超微公司的BMC固件被发现存在多个高危漏洞https://www.freebuf.com/news/379751.html Atlassian Confluence Data Center and Server权限提升漏洞安全风险通告https://www.secrss.com/articles/59371 雪上加霜!Progress Software继Moveit严重漏洞后再爆高危WS_FTP漏洞https://www.secrss.com/articles/59336 Microsoft流式处理服务特权提升漏洞 (CVE-2023-29360) 安全通告https://www.secrss.com/articles/59293 Arm警告其GPU驱动漏洞正被活跃利用https://www.solidot.org/story?sid=76243
发布时间: 2023 - 10 - 07
用友GRP-U8SQL注入漏洞安全风险通告https://www.secrss.com/articles/59147 苹果修复了正被利用的0dayhttps://www.solidot.org/story?sid=76172 Google称Apple和Chrome漏洞被用于安装Predatorhttps://redqueen.tj-un.com/InfoDetails.html?id=446cb8bb48344c48a060ce6ebcdd99f3 Apple发布紧急更新修复3个已被在野利用的漏洞https://redqueen.tj-un.com/InfoDetails.html?id=1ccdf20916b44b518d4fefc1c62d0a75 Atlassian产品和ISCBIND服务器中发现高危漏洞https://thehackernews.com/2023/09/high-severity-flaws-uncovered-in.html
发布时间: 2023 - 09 - 26
Nagios XI 网络监控软件曝出多个安全漏洞https://www.freebuf.com/news/378735.html Apple发布紧急更新修复3个已被在野利用的漏洞https://redqueen.tj-un.com/InfoDetails.html?id=1ccdf20916b44b518d4fefc1c62d0a75 TrendMicro修复已被利用的RCE漏洞CVE-2023-41179https://redqueen.tj-un.com/InfoDetails.html?id=82eb2b61f5fe4582bd7ff3b89ab8cdce TrendMicro修复已被利用的RCE漏洞CVE-2023-41179https://redqueen.tj-un.com/InfoDetails.html?id=82eb2b61f5fe4582bd7ff3b89ab8cdce 微软披露ncurses库中的内存损坏漏洞CVE-2023-29491https://redqueen.tj-un.com/InfoDetails.html?id=bd583ecf67a641c2bba77453e3eeafbd
发布时间: 2023 - 09 - 22
小米悬赏百万为13系列设备找漏洞https://www.freebuf.com/news/378462.html N-Able曝高危漏洞,能任意删除Windows系统文件https://www.freebuf.com/news/378432.html WindowsThemes远程代码执行漏洞(CVE-2023-38146)安全通告https://www.secrss.com/articles/58911 即将被零信任取代?企业VPN屡屡曝安全漏洞https://www.freebuf.com/news/topnews/377423.html
发布时间: 2023 - 09 - 19
微软发现影响Linux和macOS系统的ncurses库漏洞https://www.freebuf.com/news/378176.html 警报:新的Kubernetes漏洞可对Windows端点实施远程攻击https://www.freebuf.com/news/378035.html GitHub曝出漏洞,或导致4000多个存储库遭受劫持攻击https://www.freebuf.com/news/377948.html Mozilla紧急修补Firefox和Thunderbird中的WebP严重零日漏洞https://www.freebuf.com/articles/377938.html Adobe修复Acrobat和Reader被利用漏洞CVE-2023-26369https://redqueen.tj-un.com/InfoDetails.html?id=8541820c86ba48fa89fca707854c69fc
发布时间: 2023 - 09 - 15
警告!思科VPN漏洞或被勒索软件利用https://www.freebuf.com/news/377627.html 基于Win32k内核提权漏洞的攻防对抗https://www.freebuf.com/news/376388.html Google紧急更新修复Chrome中被利用漏洞CVE-2023-4863https://redqueen.tj-un.com/InfoDetails.html?id=5f51193fc42640c9af6c83e2df1b5c6d 美国一家航空机构遭到利用Zoho和Fortinet漏洞的攻击https://redqueen.tj-un.com/InfoDetails.html?id=6bd2416aabcf4b518d87f73586e72716
发布时间: 2023 - 09 - 12
思科BroadWorks平台现“满分级”漏洞https://www.freebuf.com/articles/377490.html AtlasVPN曝零日漏洞,允许查看用户真实IP地址https://www.freebuf.com/news/377482.html 谷歌修复已遭利用的安卓0day漏洞 (CVE-2023-35674)https://www.secrss.com/articles/58587 苹果修复了一个正被利用的零点击 0day 漏洞https://www.solidot.org/story?sid=76023 研究人员公开Atlas VPN中泄露用户真实IP地址的漏洞https://redqueen.tj-un.com/InfoDetails.html?id=f0821065e15643deb336441e0a4e3349
发布时间: 2023 - 09 - 08
影响Windows和macOS平台,黑客利用AdobeCF漏洞部署恶意软件https://www.freebuf.com/news/376962.html Notepad++漏洞允许执行任意代码https://www.solidot.org/story?sid=75988 Adobe ColdFusion关键漏洞尽管有补丁,但仍被利用https://www.infosecurity-magazine.com/news/adobe-coldfusion-vulnerabilities/ 黑客如何挫败梭子鱼的漏洞修补https://www.solidot.org/story?sid=75970 SPLUNK Multiple product Vulnerability CVE-2023-40594https://redqueen.tj-un.com/IntelDetails.html?id=fce7313f7ff34bc48d884b467acbc8ef
发布时间: 2023 - 09 - 05
WordPress迁移插件存在漏洞,或引发大规模数据泄露https://www.freebuf.com/news/376712.html 苹果启动2024年SRDP计划:邀请安全专家使用定制iPhone寻找漏洞https://www.freebuf.com/news/376697.html DreamBus恶意软件利用RocketMQ漏洞感染服务器https://www.freebuf.com/news/376570.html VMware Aria Operations for Networks身份认证绕过漏洞安全风险通告https://www.secrss.com/articles/58373 WP数据迁移插件中漏洞CVE-2023-40004可导致数据泄露https://redqueen.tj-un.com/InfoDetails.html?id=b3deb8beb0844e9493bcf2c08c5445f8
发布时间: 2023 - 09 - 01
Windows错误报告服务权限提升漏洞(CVE-2023-36874)安全通告https://www.secrss.com/articles/58160 研究人员发布针对Juniper SRX防火墙漏洞的PoChttps://redqueen.tj-un.com/InfoDetails.html?id=0ae5499cf1de40eab58c82edba30d286 Lazarus利用ManageEngine中漏洞攻击医疗保健等行业https://redqueen.tj-un.com/InfoDetails.html?id=12f115636594482cbe9a9da471dfc9fd Barracuda ESG设备CVE-2023-2868漏洞的补丁无效https://redqueen.tj-un.com/InfoDetails.html?id=d2ea9da5dff54e53bf7283ea6c24b2bb 3千多台Openfire服务器未修复漏洞CVE-2023-32315https://redqueen.tj-un.com/InfoDetails.html?id=4d3bf23a72a84be5ac06629706aa3a72
发布时间: 2023 - 08 - 29
零日攻击利用WinRAR安全漏洞锁定交易者https://www.freebuf.com/news/376183.html Ivanti曝新的MobileIron零日漏洞,正在被恶意利用https://www.freebuf.com/news/375839.html Smartbi身份认证绕过漏洞安全风险通告https://www.secrss.com/articles/58121 3千多台Openfire服务器未修复漏洞CVE-2023-32315https://redqueen.tj-un.com/InfoDetails.html?id=4d3bf23a72a84be5ac06629706aa3a72 WinRAR代码执行漏洞(CVE-2023-38831)安全风险通告https://www.secrss.com/articles/58122
发布时间: 2023 - 08 - 25
WinRAR高危漏洞允许黑客在用户打开压缩文件时运行程序https://www.solidot.org/story?sid=75841 研究人员披露WinRAR中的RCE漏洞CVE-2023-40477https://redqueen.tj-un.com/InfoDetails.html?id=c02231d9f6454023b36fe651b261f404 瞻博网络Junos OS漏洞使设备面临远程攻击https://thehackernews.com/2023/08/new-juniper-junos-os-flaws-expose.html CVE-2022-37969 clfs漏洞分析与利用https://www.freebuf.com/vuls/374801.html TP-Link智能灯泡缺陷能让黑客窃取用户WiFi密码https://www.freebuf.com/news/375669.html
发布时间: 2023 - 08 - 22
苹果iOS16曝出新漏洞:飞行模式下依旧可连接网络https://www.freebuf.com/news/375357.html 普华永道踩坑MOVEit漏洞,泄露银行8万名储户的信息https://www.freebuf.com/news/375127.html 微软2023财年发放了超1亿元漏洞赏金:平均每个漏洞8.5万元https://www.secrss.com/articles/57877 潜伏二十多年漏洞曝光,几乎所有VPN都中招https://www.secrss.com/articles/57826 Citrix ShareFile漏洞CVE-2023-24489已被利用https://redqueen.tj-un.com/InfoDetails.html?id=0fffa1d1aeda4f509c9e9ef7e758f6b0
发布时间: 2023 - 08 - 18
ScrutisWeb曝出严重漏洞,可远程控制全球ATM!https://www.freebuf.com/news/374875.html 福特曝WiFi安全漏洞,官方称仍可安全驾驶https://www.freebuf.com/news/374817.html 新的PythonURL解析漏洞可能导致命令执行攻击https://www.freebuf.com/news/374733.html AudioCodes桌面电话和ZoomZTP曝出严重漏洞,用户面临窃听风险!https://www.freebuf.com/news/374724.html 微软:欧德神思软件曝出15个漏洞,可致电厂关停、数据窃取https://www.secrss.com/articles/57788
发布时间: 2023 - 08 - 15
搜狗输入法曝加密系统漏洞(已修复),黑客可窃取用户输入的内容https://www.freebuf.com/news/374555.html EoL-Zyxel路由器五年前的漏洞仍在被利用https://www.freebuf.com/news/374532.html 为打击漏洞利用,谷歌将每周更新Chrome安全补丁https://www.freebuf.com/news/374385.html 英特尔处理器被曝出“Downfall”漏洞:可窃取加密密钥https://www.freebuf.com/news/374376.html 微软8月份安全更新修复两个被利用漏洞在内的87个漏洞https://redqueen.tj-un.com/InfoDetails.html?id=06caaf0e58604db78408d52075027a68
发布时间: 2023 - 08 - 11
友情连接:
免费服务热线 ree service hotline 400-613-1868 手机端
法律声明 Copyright  西安交大捷普网络科技有限公司  陕ICP备18022218号-1

陕公网安备 61019002000857号

犀牛云提供云计算服务