메뉴 건너뛰기

메리메리쩜넷넷

Since 2002

Python || Malware || Security News Grabber

Do NOT Hack this machine!!

컨텐츠 보기기

   보안뉴스 | 최신기사
   보안뉴스 | 긴급경보
   AhnLab 최신 보안뉴스
   AhnLab 악성코드 정보
   NIST NDV
   Krebs On Security
  • CVE-2020-14102 (ax1800_firmware, rm1800_firmware)

    2021년 1월 14일

    There is command injection when ddns processes the hostname, which causes the adminis

  • CVE-2020-14101 (ax1800_firmware, rm1800_firmware)

    2021년 1월 14일

    The data collection SDK of the router web management interface caused the leakage of

  • CVE-2020-14098 (ax1800_firmware, rm1800_firmware)

    2021년 1월 14일

    The login verification can be bypassed by using the problem that the time is not

  • CVE-2020-14097 (redmi_ax6_firmware)

    2021년 1월 14일

    Wrong nginx configuration, causing specific paths to be downloaded without authorizati

  • CVE-2019-4702 (security_guardium_data_encrpytion)

    2021년 1월 14일

    IBM Security Guardium Data Encryption (GDE) 3.0.0.2 specifies permissions for a securi

  • CVE-2019-4687 (security_guardium_data_encrpytion)

    2021년 1월 14일

    IBM Security Guardium Data Encryption (GDE) 3.0.0.2 stores sensitive information in

  • CVE-2019-4160 (security_guardium_data_encrpytion)

    2021년 1월 14일

    IBM Security Guardium Data Encryption (GDE) 3.0.0.2 uses weaker than expected cryptog

  • CVE-2020-15220 (itop)

    2021년 1월 14일

    Combodo iTop is a web based IT Service Management tool. In iTop before versions

  • CVE-2020-15219 (itop)

    2021년 1월 14일

    Combodo iTop is a web based IT Service Management tool. In iTop before versions

  • CVE-2020-15218 (itop)

    2021년 1월 14일

    Combodo iTop is a web based IT Service Management tool. In iTop before versions

  • CVE-2020-14341 (single_sign-on)

    2021년 1월 13일

    The "Test Connection" available in v7.x of the Red Hat Single Sign On applicati

  • CVE-2020-13922 (dolphinscheduler)

    2021년 1월 11일

    Versions of Apache DolphinScheduler prior to 1.3.2 allowed an ordinary user under

  • CVE-2020-11995 (dubbo)

    2021년 1월 11일

    A deserialization vulnerability existed in dubbo 2.7.5 and its earlier versions, wh

  • CVE-2020-13573 (rslinx)

    2021년 1월 8일

    A denial-of-service vulnerability exists in the Ethernet/IP server functionality of

  • CVE-2018-18689 (expert_pdf_reader, expert_pdf_ultimate, foxit_reader, nitro_pro, nitro_reader, pdf-xchange_editor, pdf-xchange_viewer, pdf_architect, pdf_editor_6, pdf_experte_ultimate, pdf_studio, pdf_studio_viewer_2018, pdfelement6, perfect_pdf_10, perfect_pdf_reader, soda_pdf, soda_pdf_desktop)

    2021년 1월 8일

    The Portable Document Format (PDF) specification does not provide any information

  • CVE-2018-18688 (foxit_reader, libreoffice, master_pdf_editor, nitro_pro, nitro_reader, pdf_editor_6, pdf_studio, pdf_studio_viewer_2018, pdfelement6, perfect_pdf_10, perfect_pdf_reader, phantompdf, power_pdf_standard)

    2021년 1월 8일

    The Portable Document Format (PDF) specification does not provide any information

  • CVE-2019-25013 (glibc)

    2021년 1월 5일

    The iconv feature in the GNU C Library (aka glibc or libc6) through 2.32, when pr

  • CVE-2019-25002 (sodiumoxide)

    2020년 12월 31일

    An issue was discovered in the sodiumoxide crate before 0.2.5 for Rust. generichash:

  • CVE-2020-10209 (ak45x_firmware, ak5xx_firmware, ak65x_firmware, aria6xx_firmware, aria7xx_firmware, kami7b_firmware)

    2020년 12월 30일

    Command Injection in the CPE WAN Management Protocol (CWMP) registration in Amin

  • CVE-2020-10208 (ak45x_firmware, ak5xx_firmware, ak65x_firmware, aria6xx_firmware, aria7xx_firmware, kami7b_firmware)

    2020년 12월 30일

    Command Injection in EntoneWebEngine in Amino Communications AK45x series, AK5xx

  • CVE-2020-10206 (ak45x_firmware, ak5xx_firmware, ak65x_firmware, aria6xx_firmware, aria7xx_firmware, kami7b_firmware)

    2020년 12월 30일

    Use of a Hard-coded Password in VNCserver in Amino Communications AK45x series, A

  • CVE-2020-10210 (ak45x_firmware, ak5xx_firmware, ak65x_firmware, aria6xx_firmware, aria7xx_firmware, kami7b_firmware)

    2020년 12월 30일

    Because of hard-coded SSH keys for the root user in Amino Communications AK45x ser

  • CVE-2020-10207 (ak45x_firmware, ak5xx_firmware, ak65x_firmware, aria6xx_firmware, aria7xx_firmware, kami7b_firmware)

    2020년 12월 30일

    Use of Hard-coded Credentials in EntoneWebEngine in Amino Communications AK45x se

  • CVE-2018-16042 (acrobat_dc, acrobat_reader_dc, pdf_editor_6, pdfelement6, reader)

    2019년 1월 19일

    Adobe Acrobat and Reader versions 2019.008.20081 and earlier, 2019.008.20080 and earl

  • CVE-2018-1000873 (active_iq_unified_manager, clusterware, database_server, global_lifecycle_management_opatch, jackson-modules-java8, nosql_database)

    2018년 12월 21일

    Fasterxml Jackson version Before 2.9.8 contains a CWE-20: Improper Input Validation

  • CVE-2017-7525 (banking_platform, communications_billing_and_revenue_management, communications_communications_policy_management, communications_diameter_signaling_route, communications_instant_messaging_server, debian_linux, enterprise_manager_for_virtualization, financial_services_analytical_applications_infrastructure, global_lifecycle_management_opatchauto, jackson-databind, jboss_enterprise_application_platform, oncommand_balance, oncommand_performance_manager, oncommand_shift, openshift_container_platform, primavera_unifier, snapcenter, struts, utilities_advanced_spatial_and_operational_analytics, virtualization, virtualization_host, webcenter_portal)

    2018년 2월 6일

    A deserialization flaw was discovered in the jackson-databind, versions before 2.6.7.1

  • CVE-2017-17485 (debian_linux, e-series_santricity_os_controller, e-series_santricity_web_services_proxy, jackson-databind, jboss_enterprise_application_platform, oncommand_shift, openshift_container_platform, snapcenter)

    2018년 1월 11일

    FasterXML jackson-databind through 2.8.10 and 2.9.x through 2.9.3 allows unauthenticated

  • CVE-2015-3195 (api_gateway, communications_webrtc_session_controller, debian_linux, enterprise_linux_desktop, enterprise_linux_server, enterprise_linux_server_aus, enterprise_linux_server_tus, enterprise_linux_workstation, exalogic_infrastructure, fedora, http_server, integrated_lights_out_manager_firmware, leap, life_sciences_data_hub, linux, linux_enterprise_server, mac_os_x, openssl, opensuse, solaris, sun_ray_software, transportation_management, ubuntu_linux, vm_server, vm_virtualbox)

    2015년 12월 7일

    The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec-.c in OpenSSL before

  • CVE-2013-0800 (debian_linux, enterprise_linux_desktop, enterprise_linux_eus, enterprise_linux_server, enterprise_linux_server_aus, enterprise_linux_workstation, firefox, firefox_esr, linux_enterprise_desktop, linux_enterprise_server, linux_enterprise_software_development_kit, opensuse, pixman, seamonkey, thunderbird, thunderbird_esr, ubuntu_linux)

    2013년 4월 3일

    Integer signedness error in the pixman_fill_sse2 function in pixman-sse2.c in Pixman

  • CVE-2012-0392 (struts)

    2012년 1월 9일

    The CookieInterceptor component in Apache Struts before 2.3.1.1 does not use the

  • New Charges Derail COVID Release for Hacker Who Aided ISIS

    Br
    2021년 1월 20일

    A hacker serving a 20-year sentence for stealing personal data on 1,300 U.S. militar

  • Joker’s Stash Carding Market to Call it Quits

    Br
    2021년 1월 19일

    Joker's Stash, by some accounts the largest underground shop for selling stolen credit

  • Microsoft Patch Tuesday, January 2021 Edition

    Br
    2021년 1월 13일

    Microsoft today released updates to plug more than 80 security holes in its Windows

  • SolarWinds: What Hit Us Could Hit Others

    Br
    2021년 1월 13일

    New research into the malware that set the stage for the megabreach at IT vendor S

  • Ubiquiti: Change Your Password, Enable 2FA

    Br
    2021년 1월 12일

    Ubiquiti, a major vendor of cloud-enabled Internet of Things (IoT) devices such as

  • Sealed U.S. Court Records Exposed in SolarWinds Breach

    Br
    2021년 1월 8일

    The ongoing breach affecting thousands of organizations that relied on backdoored pr

  • All Aboard the Pequod!

    Br
    2021년 1월 8일

    Like countless others, I frittered away the better part of Jan. 6 doomscrolling and

  • Hamas May Be Threat to 8chan, QAnon Online

    Br
    2021년 1월 6일

    In October 2020, KrebsOnSecurity looked at how a web of sites connected to consp

  • Happy 11th Birthday, KrebsOnSecurity!

    Br
    2020년 12월 30일

    Today marks the 11th anniversary of KrebsOnSecurity! Thank you, Dear Readers, for you

  • VMware Flaw a Vector in SolarWinds Breach?

    Br
    2020년 12월 19일

    U.S. government cybersecurity agencies warned this week that the attackers behind the

   AlienVault
   TheHackerNews
위로