1.重大弱點漏洞
Tenda ADSL2/2+ Modem D840R - Unauthenticated DNS Change
https://www.exploit-db.com/exploits/41078/
Juniper Junos漏洞
https://kb.juniper.net/InfoCenter/index?page=content&id=JSA10770&actp=RSS
http://www.ithome.com.tw/news/111426
已修補的Linux Systemd v288漏洞被低估,駭客可取得最高權限
http://www.ithome.com.tw/news/111529
Aggressive SQL Injection Activity
https://exchange.xforce.ibmcloud.com/collection/Aggressive-SQL-Injection-Activity-342551c67e22ea041f8fbbc630358f19
IE ODay漏洞來掛馬
http://www.weixianmanbu.com/article/1332.html
資安新聞及事件週報 2017/1/16 ~ 2017/1/20
1.重大弱點漏洞
icoutils 安全漏洞 CVE-2017-5332
http://www.securityfocus.com/bid/95380
Adobe Flash Player 漏洞 CVE-2017-2930
https://helpx.adobe.com/security/products/flash-player/apsb17-02.html
python-pysaml2 安全漏洞 CVE-2016-10127
https://github.com/rohe/pysaml2/commit/6e09a25d9b4b7aa7a506853210a9a14100b8bc9b
GnuTLS 緩衝區錯誤漏洞 CVE-2017-5336
https://gnutls.org/security.html#GNUTLS-SA-2017-1
Symantec 產品遠端執行程式碼漏洞 CVE-2016-6592
https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20170117_00#_MITIGATION
icoutils 安全漏洞 CVE-2017-5332
http://www.securityfocus.com/bid/95380
Adobe Flash Player 漏洞 CVE-2017-2930
https://helpx.adobe.com/security/products/flash-player/apsb17-02.html
python-pysaml2 安全漏洞 CVE-2016-10127
https://github.com/rohe/pysaml2/commit/6e09a25d9b4b7aa7a506853210a9a14100b8bc9b
GnuTLS 緩衝區錯誤漏洞 CVE-2017-5336
https://gnutls.org/security.html#GNUTLS-SA-2017-1
Symantec 產品遠端執行程式碼漏洞 CVE-2016-6592
https://www.symantec.com/security_response/securityupdates/detail.jsp?fid=security_advisory&pvid=security_advisory&year=&suid=20170117_00#_MITIGATION
資安新聞及事件週報 2017/1/9 ~ 2017/1/13
1.重大弱點漏洞
Joomla! aWeb Cart Watching System for Virtuemart擴展SQL漏洞 CVE-2016-10114
https://vel.joomla.org/resolved/1897-aweb-cart-watching-system-2-6-0
多個F5 BIG-IP產品拒絕服務漏洞 CVE-2016-7476
http://www.securityfocus.com/bid/94353
VMware vRealize Operations Vsphere Data Protection CVE-2016-7457 CVE-2016-7462 CVE-2016-7456
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7457
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7462
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7456
Zend-Mail存在允許攻擊者遠端執行任意程式碼之漏洞(CVE-2016-10034)
http://www.nccst.nat.gov.tw/VulnerabilityDetail?lang=zh&seq=1050
Joomla! aWeb Cart Watching System for Virtuemart擴展SQL漏洞 CVE-2016-10114
https://vel.joomla.org/resolved/1897-aweb-cart-watching-system-2-6-0
多個F5 BIG-IP產品拒絕服務漏洞 CVE-2016-7476
http://www.securityfocus.com/bid/94353
VMware vRealize Operations Vsphere Data Protection CVE-2016-7457 CVE-2016-7462 CVE-2016-7456
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7457
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7462
http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-7456
Zend-Mail存在允許攻擊者遠端執行任意程式碼之漏洞(CVE-2016-10034)
http://www.nccst.nat.gov.tw/VulnerabilityDetail?lang=zh&seq=1050
資安新聞及事件週報 2017/1/2 ~ 2017/1/6
1.重大弱點漏洞
多款IBM Rational產品漏洞
https://www-01.ibm.com/support/docview.wss?uid=swg21996097
PHP7曝出三個高危0-day漏洞,還有一個仍未修復
http://www.freebuf.com/news/124159.html
Kaspersky 防毒產品多個漏洞
https://support.kaspersky.com/vulnerability.aspx?el=12430#281216
Apple IOS 訊息程式 VCF 處理漏洞
http://securitytracker.com/id/1037540
Google修補Pixel前相機可被追蹤的隱私漏洞
http://www.ithome.com.tw/news/110748
Apache Tomcat 漏洞 CVE-2016-8745
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8745
多款IBM Rational產品漏洞
https://www-01.ibm.com/support/docview.wss?uid=swg21996097
PHP7曝出三個高危0-day漏洞,還有一個仍未修復
http://www.freebuf.com/news/124159.html
Kaspersky 防毒產品多個漏洞
https://support.kaspersky.com/vulnerability.aspx?el=12430#281216
Apple IOS 訊息程式 VCF 處理漏洞
http://securitytracker.com/id/1037540
Google修補Pixel前相機可被追蹤的隱私漏洞
http://www.ithome.com.tw/news/110748
Apache Tomcat 漏洞 CVE-2016-8745
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-8745
訂閱:
文章 (Atom)
2024年 12 月份資安、社群活動分享
2024年 12 月份資安、社群活動分享 Self-Taught Coding Tuesdays - Study, Code, Design, Build, Network 2024/12/3 https://www.meetup.com/taiwan-code-camp/e...
-
2024年 3月份資安、社群活動分享 線上資安人力需求對談-網路通信產業 2024/3/2 https://isipevent.kktix.cc/events/ff6f2146 2024H1資安實戰演練大會AI爆發時代的企業資安聯合軍演 2024/3/6 https://b...
-
2024年 2月份資安、社群活動分享 Taipei All About API Meetup Group - Meet and Greet, 01 Feb 2024, 07:00 PM 2024/2/1 https://www.meetup.com/taipei-all-a...
-
2024年 5 月份資安、社群活動分享 資安五四三 2024/5/2 https://csa.kktix.cc/events/202405-543 HackingThursday 黑客星期四 - Week meetup Tamsui 固定聚會 淡水 2024/5/2 http...