메뉴 건너뛰기

메리메리쩜넷넷

Since 2002

Python || Malware || Security News Grabber

Do NOT Hack this machine!!

컨텐츠 보기기

   보안뉴스 | 최신기사
   보안뉴스 | 긴급경보
   AhnLab 최신 보안뉴스
   AhnLab 악성코드 정보
   NIST NDV
   Krebs On Security
  • CVE-2020-13666 (drupal)

    2021년 5월 5일

    Cross-site scripting vulnerability in Drupal Core. Drupal AJAX API does not disable

  • CVE-2020-15153 (ampache)

    2021년 5월 1일

    Ampache before version 4.2.2 allows unauthenticated users to perform SQL injection.

  • CVE-2019-25028 (vaadin)

    2021년 4월 24일

    Missing variable sanitization in Grid component in com.vaadin:vaadin-server versions 7

  • CVE-2019-25027 (flow, vaadin)

    2021년 4월 24일

    Missing output sanitization in default RouteNotFoundError view in com.vaadin:flow-serve

  • CVE-2018-25007 (flow, vaadin)

    2021년 4월 24일

    Missing check in UIDL request handler in com.vaadin:flow-server versions 1.0.0 through

  • CVE-2019-19004 (autotrace)

    2021년 2월 12일

    A biWidth*biBitCnt integer overflow in input-bmp.c in autotrace 0.31.1 allows attacke

  • CVE-2020-14383 (samba, enterprise_linux)

    2020년 12월 2일

    A flaw was found in samba's DNS server. An authenticated user could use this flaw t

  • CVE-2020-13942 (unomi)

    2020년 11월 25일

    It is possible to inject malicious OGNL or MVEL scripts into the /context.json pu

  • CVE-2020-14375 (data_plane_development_kit, leap, ubuntu_linux)

    2020년 10월 1일

    A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. Virtio r

  • CVE-2020-13953 (tapestry)

    2020년 10월 1일

    In Apache Tapestry from 5.4.0 to 5.5.0, crafting specific URLs, an attacker can dow

  • CVE-2020-15160 (prestashop)

    2020년 9월 25일

    PrestaShop from version 1.7.5.0 and before version 1.7.6.8 is vulnerable to a blind

  • CVE-2020-15152 (ftp-srv)

    2020년 8월 18일

    ftp-srv is an npm package which is a modern and extensible FTP server designed to

  • CVE-2020-10749 (cni_network_plugins, openshift_container_platform, fedora, enterprise_linux)

    2020년 6월 3일

    A vulnerability was found in all versions of containernetworking/-plugins before versi

  • CVE-2020-10724 (data_plane_development_kit, ubuntu_linux, fedora)

    2020년 5월 20일

    A vulnerability was found in DPDK versions 18.11 and above. The vhost-crypto libra

  • CVE-2020-11022 (agile_product_supplier_collaboration_for_process, banking_digital_experience, fedora, financial_services_analytical_applications_reconciliation_framework, financial_services_basel_regulatory_capital_internal_ratings_based_approach, financial_services_hedge_management_and_ifrs_valuations, financial_services_regulatory_reporting_for_us_federal_reserve, h300s_firmware, max_data, peoplesoft_enterprise_peopletools, siebel_ui_framework, communications_billing_and_revenue_management, enterprise_session_border_controller, financial_services_asset_liability_management, financial_services_basel_regulatory_capital_basic, financial_services_data_foundation, financial_services_data_governance_for_us_regulatory_reporting, financial_services_institutional_performance_analytics, financial_services_liquidity_risk_management, financial_services_loan_loss_forecasting_and_provisioning, financial_services_market_risk_measurement_and_management, h410c_firmware, h700e_firmware, h700s_firmware, hospitality_simphony, insurance_allocation_manager_for_enterprise_profitability, jdeveloper, oncommand_insight, snapcenter, application_testing_suite, communications_application_session_controller, communications_diameter_signaling_router_idih:, communications_webrtc_session_controller, debian_linux, drupal, financial_services_analytical_applications_infrastructure, financial_services_funds_transfer_pricing, financial_services_liquidity_risk_measurement_and_management, financial_services_price_creation_and_discovery, financial_services_regulatory_reporting_for_european_banking_authority, h300e_firmware, h410s_firmware, h500e_firmware, h500s_firmware, healthcare_foundation, insurance_data_foundation, jquery, policy_automation, policy_automation_connector_for_siebel, retail_customer_management_and_segmentation_foundation, enterprise_manager_ops_center, financial_services_balance_sheet_planning, financial_services_data_integration_hub, financial_services_profitability_management, hospitality_materials_control, insurance_accounting_analyzer, insurance_insbridge_rating_and_underwriting, leap, oncommand_system_manager, policy_automation_for_mobile_devices, retail_back_office, retail_returns_management, snap_creator_framework, weblogic_server)

    2020년 4월 30일

    In jQuery versions greater than or equal to 1.2 and before 3.5.0, passing HTML fro

  • CVE-2020-11023 (banking_enterprise_collections, banking_platform, communications_interactive_session_recorder, communications_session_report_manager, communications_session_route_manager, fedora, h300s_firmware, max_data, webcenter_sites, communications_element_manager, h410c_firmware, h700e_firmware, h700s_firmware, oncommand_insight, peoplesoft_enterprise_human_capital_management_resources, primavera_gateway, siebel_mobile, storagetek_tape_analytics_sw_tool, application_express, application_testing_suite, communications_analytics, debian_linux, drupal, h300e_firmware, h410s_firmware, h500e_firmware, h500s_firmware, jquery, communications_operations_monitor, financial_services_regulatory_reporting_for_de_nederlandsche_bank, healthcare_translational_research, hyperion_financial_reporting, jd_edwards_enterpriseone_orchestrator, jd_edwards_enterpriseone_tools, oncommand_system_manager, rest_data_services, snap_creator_framework, snapcenter_server, weblogic_server)

    2020년 4월 30일

    In jQuery versions greater than or equal to 1.0.3 and before 3.5.0, passing HTML co

  • CVE-2020-10947 (anti-virus_for_sophos_central, anti-virus_for_sophos_home)

    2020년 4월 17일

    Mac Endpoint for Sophos Central before 9.9.6 and Mac Endpoint for Sophos Home

  • CVE-2019-13926 (scalance_s627-2m_firmware, scalance_s602_firmware, scalance_s612_firmware, scalance_s623_firmware)

    2020년 2월 12일

    A vulnerability has been identified in SCALANCE S602 (All versions >= V3.0 and

  • CVE-2019-2904 (business_process_management_suite, communications_network_integrity, communications_services_gatekeeper, flexcube_private_banking, health_sciences_data_management_workbench, hyperion_planning, mysql, banking_enterprise_product_manufacturing, enterprise_repository, financial_services_revenue_management_and_billing_analytics, rapid_planning, retail_assortment_planning, retail_clearance_optimization_engine, retail_markdown_optimization, retail_sales_audit, banking_enterprise_collections, banking_platform, clinical, financial_services_lending_and_leasing, application_testing_suite, banking_enterprise_originations, communications_diameter_signaling_router, communications_service_broker)

    2019년 10월 17일

    Vulnerability in the Oracle JDeveloper and ADF product of Oracle Fusion Middleware

  • CVE-2018-10531 (proving_grounds)

    2019년 7월 11일

    An issue was discovered in the America's Army Proving Grounds platform for the Unr

  • CVE-2019-3810 (moodle)

    2019년 3월 26일

    A flaw was found in moodle versions 3.6 to 3.6.1, 3.5 to 3.5.3, 3.4 to 3.4.6, 3.1

  • CVE-2016-6328 (libexif, debian_linux, ubuntu_linux)

    2018년 11월 1일

    A vulnerability was found in libexif. An integer overflow when parsing the MNOT

  • CVE-2018-16384 (owasp_modsecurity_core_rule_set)

    2018년 9월 3일

    A SQL injection bypass (aka PL1 bypass) exists in OWASP ModSecurity Core Rule Set

  • CVE-2018-3627 (converged_security_management_engine_firmware, element_software_management_node)

    2018년 7월 11일

    Logic bug in Intel Converged Security Management Engine 11.x may allow an attacker t

  • CVE-2017-10796 (nc250_firmware)

    2017년 7월 3일

    On TP-Link NC250 devices with firmware through 1.2.1 build 170515, anyone can view

  • CVE-2016-10307 (apex_lynx_firmware, apex_orion_firmware, giga_lynx_firmware, stratalink_firmware, giga_orion_firmware)

    2017년 3월 30일

    Trango ApexLynx 2.0, ApexOrion 2.0, GigaLynx 2.0, GigaOrion 2.0, and StrataLink 3

  • CVE-2016-10305 (apex_lynx_firmware, apex_firmware, apex_plus_firmware, giga_firmware, giga_plus_firmware, giga_orion_firmware, giga_pro_firmware, stratalink_pro_firmware, apex_orion_firmware, giga_lynx_firmware, stratalink_firmware)

    2017년 3월 30일

    Trango Apex <= 2.1.1, ApexLynx < 2.0, ApexOrion < 2.0, ApexPlus <= 3.2.0, Giga

  • CVE-2016-4971 (wget, pan-os, solaris, ubuntu_linux)

    2016년 7월 1일

    GNU wget before 1.18 allows remote servers to write to arbitrary files by redirect

  • CVE-2016-2388 (netweaver_application_server_java)

    2016년 2월 17일

    The Universal Worklist Configuration in SAP NetWeaver AS JAVA 7.4 allows remote

  • CVE-2000-0803 (groff)

    2000년 12월 19일

    GNU Groff uses the current working directory to find a device description file,

  • Fintech Startup Offers $500 for Payroll Passwords

    Br
    2021년 5월 10일

    How much is your payroll data worth? Probably a lot more than you think. One finan

  • Investment Scammer John Davies Reinvents Himself?

    Br
    2021년 5월 7일

    John Bernard, a pseudonym used by a convicted thief and con artist named John Clif

  • Malicious Office 365 Apps Are the Ultimate Insiders

    Br
    2021년 5월 5일

    Phishers targeting Microsoft Office 365 users increasingly are turning to specialized

  • The Wages of Password Re-use: Your Money or Your Life

    Br
    2021년 5월 5일

    When normal computer users fall into the nasty habit of recycling passwords, the resu

  • Task Force Seeks to Disrupt Ransomware Payments

    Br
    2021년 4월 29일

    Some of the world's top tech firms are backing a new industry task force focused on

  • Experian API Exposed Credit Scores of Most Americans

    Br
    2021년 4월 29일

    Big-three consumer credit bureau Experian just fixed a weakness with a partner website

  • Experian’s Credit Freeze Security is Still a Joke

    Br
    2021년 4월 27일

    In 2017, KrebsOnSecurity showed how easy it is for identity thieves to undo a co

  • Note to Self: Create Non-Exhaustive List of Competitors

    Br
    2021년 4월 21일

    What was the best news you heard so far this month? Mine was learning that KrebsOn

  • Did Someone at the Commerce Dept. Find a SolarWinds Backdoor in Aug. 2020?

    Br
    2021년 4월 16일

    On Aug. 13, 2020, someone uploaded a suspected malicious file to VirusTotal, a service

  • Microsoft Patch Tuesday, April 2021 Edition

    Br
    2021년 4월 14일

    Microsoft today released updates to plug at least 110 security holes in its Windows o

   AlienVault
   TheHackerNews
위로