安全研究 Safety research
黑客正在利用Zyxel防火墙和VPN中的关键漏洞https://www.freebuf.com/articles/333235.html SonicWall:请立即修复SMA 1000漏洞https://www.freebuf.com/articles/333220.html 深度洞察|关于JavaScript开源生态中安全漏洞传播及其演变分析https://www.freebuf.com/vuls/331960.html LibreHealth EHR 跨站脚本漏洞 CVE-2022-29940https://redqueen.tj-un.com/IntelDetails.html?id=a310b5136b8d42bb964565ebd6648c9e F5 BIG-IP APM 输入验证错误漏洞 CVE-2022-27634https://redqueen.tj-un.com/IntelDetails.html?id=a97c7430394a4227b9492c757042f4e3
发布时间: 2022 - 05 - 16
微软修复了所有Windows版本中的新NTLM零日漏洞https://netsecurity.51cto.com/article/708685.html 惠普修复了影响200多种型号的固件漏洞https://www.freebuf.com/news/332911.html F5 BIG-IP产品中关键RCE漏洞利用程序被开发https://www.freebuf.com/news/332702.html Nedi Consulting NeDi 代码注入漏洞 CVE-2021-26753https://redqueen.tj-un.com/IntelDetails.html?id=701e17cf40734beaa042ea15ff9c5599 JetBrains Hub 跨站脚本漏洞 CVE-2022-29811https://redqueen.tj-un.com/IntelDetails.html?id=c5c68042b49e4b8bb45dbc66d5010d57
发布时间: 2022 - 05 - 12
QNAP修复了关键的QVR远程命令执行漏洞https://www.freebuf.com/articles/332343.html微软NetLogon特权提升漏洞(CVE-2020-1472)深度挖掘https://www.freebuf.com/vuls/332147.html 谷歌修复了积极利用的Android内核漏洞https://www.freebuf.com/articles/332228.html 数百万用户受影响,杀毒软件Avast中潜藏近10年的漏洞被披露https://www.freebuf.com/news/332215.html 渗透基础—Exchange版本探测和漏洞检测https://netsecurity.51cto.com/article/708344.html
发布时间: 2022 - 05 - 09
设备接管风险警告!F5发现一个关键BIG-IP远程执行漏洞https://www.freebuf.com/news/332097.html DNS曝高危漏洞,影响数百万物联网设备https://www.freebuf.com/news/332069.html 移动发送奇怪短信?我想起了通讯行业的核弹级漏洞https://www.freebuf.com/news/331797.html Google Go 安全漏洞 CVE-2022-27536https://redqueen.tj-un.com/IntelDetails.html?id=041d1a1ee9804538aea2bc9d1ee9ca76 MISP 代码问题漏洞 CVE-2022-29528https://redqueen.tj-un.com/IntelDetails.html?id=fafdd58917a24ea6a1d7d16ee6e612dc
发布时间: 2022 - 05 - 05
微软曝光Nimbuspwn漏洞组合 可在Linux本地提权部署恶意软件https://netsecurity.51cto.com/article/707672.html 微软修复了暴露用户数据库的ExtraReplica Azure漏洞https://www.freebuf.com/news/331712.html 2021年利用最多的前15个漏洞出炉,附列表https://www.freebuf.com/news/331527.html 黑客利用关键的VMware RCE漏洞安装后门https://www.freebuf.com/articles/331435.html Log4Shell过气了?攻击面仍大量存在https://www.freebuf.com/news/331404.html
发布时间: 2022 - 04 - 29
ALAC音频格式存漏洞,全球超半数Android用户隐私受威胁https://www.freebuf.com/news/330582.html 一款家用新冠检测电子试剂盒存在漏洞 可让用户伪造结果https://www.cnbeta.com/articles/tech/1261089.htm 甲骨文修复Java“年度加密漏洞”,影响Java 15及以上版本https://netsecurity.51cto.com/article/707073.html 针对DVR设备的新BotenaGo恶意软件变种https://netsecurity.51cto.com/article/707024.html ESET发出警告,联想三个漏洞影响数百万台电脑https://netsecurity.51cto.com/article/707010.html
发布时间: 2022 - 04 - 22
思科修复高危身份验证绕过漏洞https://www.freebuf.com/news/329230.html Spring Framework CVE-2022-22965漏洞分析https://www.freebuf.com/articles/web/328521.html 7-Zip被爆零日安全漏洞:可提权执行代码 但用户可简单操作使其失效https://www.cnbeta.com/articles/tech/1259869.htm Solarwinds Orion Platform 安全漏洞 CVE-2021-3109https://redqueen.tj-un.com/IntelDetails.html?id=c796f1e7a27547dc9c6403a2eed186f2 SEO Panel 跨站脚本漏洞 CVE-2021-29010https://redqueen.tj-un.com/IntelDetails.html?id=c42f4b87537646a6a8e2a52cd84041c7
发布时间: 2022 - 04 - 19
VMware CVE-2022-22954漏洞强势来袭 请立刻打补丁!https://netsecurity.51cto.com/article/706589.html Elementor WordPress插件存在漏洞,可能影响50万个站点https://netsecurity.51cto.com/article/706579.html 谷歌浏览器紧急更新,又修复一零日漏洞https://www.freebuf.com/news/329068.html Apache Struts中的CVE-2021-31805 RCE漏洞终于得到修复https://www.freebuf.com/news/328850.html 惠普Teradici PCoIP受漏洞影响, 波及1500万个端点https://www.freebuf.com/news/328555.html
发布时间: 2022 - 04 - 15
黑客利用Spring4Shell漏洞部署Mirai恶意软件https://netsecurity.51cto.com/article/706209.html 开发人员保护工具包管理器中的三种常见漏洞https://netsecurity.51cto.com/article/706129.html Grafana安全漏洞CVE-2021-28146https://redqueen.tj-un.com/IntelDetails.html?id=4a5d7cdc7d414ed0902f71acb37213f0 SAP 3D Visual Enterprise Viewer 输入验证错误漏洞 CVE-2021-27595https://redqueen.tj-un.com/IntelDetails.html?id=d605229d8c65496686feaf886285b367 Grafana Labs Grafana Enterprise 安全漏洞 CVE-2021-27962https://redqueen.tj-un.com/IntelDetails.html?id=cbe307c40b5241c6be9e0d2f0145688e
发布时间: 2022 - 04 - 12
VMware 多个产品中爆出严重漏洞https://www.freebuf.com/news/327800.html Rust tiny_http crate环境问题漏洞CVE-2020-35884https://redqueen.tj-un.com/IntelDetails.html?id=d5e981a699544c1ca21f8c1e631c0985 Agentejo Cockpit SQL注入漏洞CVE-2020-35848https://redqueen.tj-un.com/IntelDetails.html?id=600a848130404b219db091ff0b8699e6 OpenBSD和Bouncy Castle BC 安全漏洞CVE-2020-28052https://redqueen.tj-un.com/IntelDetails.html?id=8bf65ce2be3b417fa0324115423a302d 我是如何通过变量覆盖挖到PHPMyWind前台RCE(CNVD-2022-24937)https://www.freebuf.com/vuls/326936.html
发布时间: 2022 - 04 - 08
微软在其云服务中检测到Spring4Shell攻击https://www.freebuf.com/news/327462.html GitLab存在漏洞,允许攻击者接管用户账户https://www.freebuf.com/news/327280.html Wyze摄像头曝出大漏洞,近三年时间才修复https://www.freebuf.com/news/327267.html FasterXML jackson-databind代码问题漏洞CVE-2020-36183https://redqueen.tj-un.com/IntelDetails.html?id=af9044d5ef8347b0b71fe571c0246449 Rust tiny_http crate环境问题漏洞CVE-2020-35884https://redqueen.tj-un.com/IntelDetails.html?id=d5e981a699544c1ca21f8c1e631c0985
发布时间: 2022 - 04 - 06
苹果发布紧急补丁以修复被积极利用的零日漏洞https://www.freebuf.com/news/326999.html OpenSSL 无限循环漏洞影响威联通 NAS 设备https://www.freebuf.com/news/326983.html 漏洞情报 | Spring框架远程命令执行漏洞预警https://www.freebuf.com/vuls/326627.html 部分本田车型存在漏洞,黑客可远程启动车辆https://www.freebuf.com/news/326833.html CISA敦促机构组织对Chrome、Redis漏洞进行修补https://netsecurity.51cto.com/article/705217.html
发布时间: 2022 - 04 - 01
Chrome最新零日漏洞已得到修复https://www.freebuf.com/news/326442.html 漏洞情报 | Spring Cloud Function SPEL表达式注入漏洞通报https://www.freebuf.com/vuls/326378.html SentinelLabs敦促Azure Defender for IoT用户尽快安装补丁https://www.cnbeta.com/articles/tech/1252243.htm Sophos Firewall产品中存在RCE漏洞CVE-2022-1040https://redqueen.tj-un.com/InfoDetails.html?id=efbe365718e5429b851a9464fd33d012 Grav 路径遍历漏洞 CVE-2020-29556https://redqueen.tj-un.com/IntelDetails.html?id=fd9b88cf0b7142e58d64d21726c3f82c
发布时间: 2022 - 03 - 29
Linux内核权限提升漏洞“DirtyPipe”(CVE-2022-0847)分析https://www.freebuf.com/vuls/324538.html 戴尔曝出五大漏洞,影响数百万 Inspiron、Vostro、XPS、Alienware 系统https://www.freebuf.com/news/325963.html Google Chrome 安全漏洞 CVE-2021-21178https://redqueen.tj-un.com/IntelDetails.html?id=2c95d41cf1e747279ae136adcdc9c221 VMware发布更新,修复其Carbon Black中的2个漏洞https://redqueen.tj-un.com/InfoDetails.html?id=553a86118e5c42ff967f8cd5fd3649fc Privoxy 缓冲区错误漏洞 CVE-2021-20276https://redqueen.tj-un.com/IntelDetails.html?id=bd1c0028b4ab46d1b15e3ec54ba849ab
发布时间: 2022 - 03 - 25
Linux内核提权DirtyPipe(CVE-2022-0847) 漏洞分析https://www.freebuf.com/vuls/324700.html 黑客在推特上披露新版Conti勒索软件源代码https://www.freebuf.com/articles/325743.html Saltstack SaltStack Salt 代码问题漏洞 CVE-2021-3144https://redqueen.tj-un.com/IntelDetails.html?id=e166cd56444d4f17a522ed20e8138f63 wpa_supplicant安全漏洞 CVE-2021-27803https://redqueen.tj-un.com/IntelDetails.html?id=94aa1b35baf24e57b1f68e9584e57acd Atlassian Jira Server 和 Data Center 跨站脚本漏洞 CVE-2020-36236https://redqueen.tj-un.com/IntelDetails.html?id=4c0c72df90bf4fc4ac6f817aca0823dd
发布时间: 2022 - 03 - 22
新的“B1txor20”Linux 僵尸网络正利用 Log4J 漏洞进行传播https://www.freebuf.com/news/325221.html 零基础syzkaller挖掘Linux内核漏洞https://www.freebuf.com/vuls/322630.html OpenSSL/LibreSSL 发现一个可远程利用的漏洞https://www.solidot.org/story?sid=70959 联邦调查局警告称国家黑客正利用MFA漏洞进行横向移动https://www.freebuf.com/articles/325134.html Microsoft Skype 和 Microsoft Lync Server 安全漏洞 CVE-2021-24073https://redqueen.tj-un.com/IntelDetails.html?id=4214d937ac514935a66a70e1d3eec521
发布时间: 2022 - 03 - 18
Linux内核最新高危提权漏洞:脏管道(Dirty Pipe)https://netsecurity.51cto.com/article/703539.html Firefox再爆两个0Day漏洞,建议尽早升级https://www.freebuf.com/news/324101.html 英特尔和Arm的CPU再被发现存在重大安全漏洞Spectre-HBBhttps://www.cnbeta.com/articles/tech/1245071.htm Google发布3月份安全更新,修复Android中多个漏洞https://redqueen.tj-un.com/InfoDetails.html?id=f09082eb441f4c899a8fd2c50679a2c7 Armis发现APC UPS设备中统称为TLSstorm的3个漏洞https://redqueen.tj-un.com/InfoDetails.html?id=6536831fa0bb46818f3def75b6d169af
发布时间: 2022 - 03 - 10
Firefox释出紧急更新修复两个正被利用的0dayhttps://www.solidot.org/story?sid=70861 75%的医用输液泵受到已知漏洞影响https://www.freebuf.com/news/324000.html 多款Cisco产品缓冲区错误漏洞CVE-2021-1193https://redqueen.tj-un.com/IntelDetails.html?id=5d346713a1ed4aa2898e340d05fd773f Barracuda发布Log4Shell漏洞利用活动的研究报告https://redqueen.tj-un.com/InfoDetails.html?id=3bc3e42b169847c4bef40670800e2ff5 安卓银行木马Xenomorph瞄准欧洲,装机量已超5万https://www.freebuf.com/articles/network/323980.html
发布时间: 2022 - 03 - 07
高危木马Xenomorph曝光:专门窃取用户银行凭证https://www.cnbeta.com/articles/tech/1242247.htm 堡垒靶场:sshd辅助CVE-2021-26708(Linux内核)漏洞利用提权https://www.solidot.org/story?sid=70815 研究人员发现,数以千计的企业服务器正运行着易受攻击的基板管理控制器https://netsecurity.51cto.com/article/703063.html Unit 42称10万多个输液泵易受多年前的数个漏洞影响https://redqueen.tj-un.com/InfoDetails.html?id=f1ae8addd14a42c3916f420efa0f0b72 研究人员公开Linux内核提权漏洞CVE-2022-0492的细节https://redqueen.tj-un.com/InfoDetails.html?id=95276ca7982d4046a89a5c292db2b102
发布时间: 2022 - 03 - 04
CISA已知被利用漏洞列表中,新增两个Zabbix漏洞https://www.freebuf.com/news/323334.html PHP Everywhere漏洞使三万多个WordPress网站处于RCE攻击风险中https://netsecurity.51cto.com/article/702622.html 微软应用商店现“克隆”游戏,内含恶意程序Electron Bothttps://www.freebuf.com/news/323267.html UNC2596利用Exchange漏洞部署Cuba勒索软件https://redqueen.tj-un.com/IntelDetails.html?id=996f33e0578348f2b5300a9987b11916 Proofpoint Insider Threat Management Windows Agent 代码问题漏洞CVE-2020-8884https://redqueen.tj-un.com/IntelDetails.html?id=feaa16b797574b50a45acf3d5666cd2e
发布时间: 2022 - 03 - 01
友情连接:
免费服务热线 ree service hotline 400-613-1868 手机端
法律声明 Copyright  西安交大捷普网络科技有限公司  陕ICP备18022218号-1

陕公网安备 61019002000857号

犀牛云提供云计算服务