Aggregator

Researchers uncovered an Android malware, dubbed Vo1d, that has already infected nearly 1.3 million Android devices in 197 countries. Doctor Web researchers uncovered a malware, tracked as Vo1d, that infected nearly 1.3 million Android-based TV boxes belonging to users in 197 countries. The malicious code acts as a backdoor and allows attackers to download and install […]

掌握x64dbg，从基础到高级调试与自动化

该漏洞的严重性来自于其远程利用的可能性、无需用户交互以及低权限要求，可让攻击者以停止操作作业的所有者身份执行环境停止操作。

看雪论坛作者ID：Ratin

培训时间：10月22日09:00-18:00（峰会前一天）

A vulnerability was found in Microsoft Windows up to Server 2019. It has been rated as critical. Affected by this issue is some unknown functionality of the component Win32k. The manipulation leads to out-of-bounds write. This vulnerability is handled as CVE-2021-28310. It is possible to launch the attack on the local host. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability classified as problematic has been found in ARM Trusted Firmware-M up to 1.2. Affected is an unknown function of the component NSPE Handler Mode. The manipulation leads to denial of service. This vulnerability is traded as CVE-2021-27562. The attack can only be initiated within the local network. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as problematic, has been found in Kaseya Virtual System Administrator up to 9.5.6. Affected by this issue is some unknown functionality. The manipulation leads to information disclosure. This vulnerability is handled as CVE-2021-30116. The attack can only be done within the local network. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Adobe Acrobat Reader up to 2017.011.30194/2020.001.30020/2021.001.20150. This vulnerability affects unknown code. The manipulation leads to use after free. This vulnerability was named CVE-2021-28550. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Yealink Device Management 3.6.0.20 and classified as critical. Affected by this issue is some unknown functionality of the file /sm/api/v1/firewall/zone/services. The manipulation leads to command injection. This vulnerability is handled as CVE-2021-27561. The attack needs to be initiated within the local network. Furthermore, there is an exploit available.

网络安全为人民，网络安全靠人民

尚无定论

速修复

error code: 1106

Meta признала использование данных пользователей для обучения ИИ.

致力于第一时间为企业级用户提供权威漏洞情报和有效解决方案。