跳到主要內容

發表文章

目前顯示的是 六月, 2019的文章

資安事件新聞週報 2019/6/10 ~ 2019/6/14

資安事件新聞週報  2019/6/10  ~  2019/6/14

1.重大弱點漏洞/後門/Exploit/Zero Day

VMware 發布新的安全更新
https://www.vmware.com/security/advisories/VMSA-2019-0009.html

Xen 阻斷服務漏洞
https://xenbits.xen.org/xsa/advisory-295.html

D-Link 連網監視攝影機被爆資安漏洞,駭客可取得影像內容
https://blog.twnic.net.tw/2019/06/13/3991/

TP-Link 路由器多個漏洞
https://nvd.nist.gov/vuln/detail/CVE-2019-6989

Facebook CDN系统中的文件下载漏洞
http://521.li/post/872.html

Zimbra < 8.8.11 - XML External Entity Injection / Server-Side Request Forgery
https://www.exploit-db.com/exploits/46967

phpMyAdmin 多個漏洞
https://www.auscert.org.au/bulletins/ESB-2019.2016/

資安事件新聞週報 2019/6/3 ~ 2019/6/7

資安事件新聞週報  2019/6/3  ~  2019/6/7

1.重大弱點漏洞/後門/Exploit/Zero Day
Zimbra Collaboration Suite 信息洩露漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-15131

ZyXEL P-660HN-T1 V2 Missing Authentication / Password Disclosure
https://packetstormsecurity.com/files/153144/zyxelp660hn-bypass.txt

Fortinet產品存在多個漏洞
https://www.nccst.nat.gov.tw/VulnerabilityNewsDetail?lang=zh&seq=1440

phpMyAdmin 多個漏洞
https://www.auscert.org.au/bulletins/ESB-2019.2016/

New RCE vulnerability impacts nearly half of the internet's email servers
https://www.zdnet.com/article/new-rce-vulnerability-impacts-nearly-half-of-the-internets-email-servers/#ftag=RSSbaffb68

Huawei P30和Huawei P30 Pro 安全漏洞
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5307

京晨科技(NUUO Inc.)網路監控錄影系統(Network Video Recorder, NVR)存在安全漏洞(CVE-2019-9653)
http://net.nthu.edu.tw/2009/mailing:announcement:20190606_01

Apache Jenkins Exploited to Mine Monero Cryptocurrency
https://medium.com/pwnpizza/apache-jenkins-exploited-to-mine-monero-cryptocurrency-dc9a7…