【安全通报】Weblogic 修复多个远程代码执行漏洞 - Report Cyber Crime

Author:Source April 15, 2020

 Tags Database Management Systems Vulnerabilities, 修复多个远程代码执行漏洞, 安全通报Weblogic

 Category Database Management Systems VulnerabilitiesAll VulnerabilitiesApplications VulnerabilitiesDBMS

通过 HTTP 协议进行利用。概况. Weblogic 是 Oracle 公司出品的基于 JavaEE 架构的中间件，用于开发、集成、部署和管理大型分布式Web应用、网络应用和数据库应用。根据FOFA的数据统计，全球共有 103,270 个开放的 Weblogic 服务。其中美国最多，有 75,240 个开放服务；其次是中国，有 12,738 个开放的 Weblogic 服务；伊朗第三，有 1,896 个开放的 Weblogic 服务；德国第四，有 1,407 个开放的 Weblogic 服务；英国第五，有 981 个开放的 Weblogic 服务。国内的 Weblogic….

Source link

Write a comment: Cancel reply

vamtam-theme-circle-post

 Category CERT-LatestNews Database Management Systems ThreatsCybercrime VulnerabilitiesAll VulnerabilitiesApplications VulnerabilitiesDBMS VulnerabilitiesLinux VulnerabilitiesOS

Vulnerability in Linux kernel: memory corruption via Power8 KVM

The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a...

 Tags corruption, Database Management Systems Vulnerabilities, kernel, kvm, linux, Memory, Power8, Vulnerability

vamtam-theme-circle-post

 Category CERT-LatestNews Cryptography ThreatsCybercrime ThreatsEconomic TrendMicroNews VulnerabilitiesAll VulnerabilitiesApplications VulnerabilitiesCrypto VulnerabilitiesGoogle VulnerabilitiesOS

New Tekya Ad Fraud Found on Google Play

By Ford Qin (Mobile Threats Analyst) In late March, researchers from CheckPoint found the Tekya...

 Tags fraud, Google, Operating Systems Vulnerabilities, Play, Tekya

vamtam-theme-circle-post

 Category CERT-LatestNews Linux ThreatsCybercrime VulnerabilitiesAll VulnerabilitiesApplications VulnerabilitiesCisco VulnerabilitiesFirmware VulnerabilitiesLinux VulnerabilitiesNetwork VulnerabilitiesOS

Cisco IOS Routers Bugs Let Remote Hackers Take Control of the Systems

Recently, Cisco has announced that it has fixed many vulnerabilities in Cisco IOS Routers, including...

 Tags bugs, Cisco, control, Hackers, iOS, Operating Systems Vulnerabilities, Remote, Routers, Systems

vamtam-theme-circle-post

 Category Applications VulnerabilitiesAll VulnerabilitiesApplications

CVE-2020-13883 – Alert Detail – Security Database

Executive Summary This vulnerability is currently undergoing analysis and not all information is available. Please...

 Tags Assessment, Audit, CPE, CVE, CVSS, dsa, Exploits, hacking, Microsoft, network security, Oval, product management, Security, Security Foresee, vDNA, vDNA Monitoring, Vulnerability

 Category Applications CERT-LatestNews ThreatsCybercrime VulnerabilitiesAll VulnerabilitiesApplications

Multiple vulnerabilities in October CMS

Severity Medium Patch available YES Number of vulnerabilities 7 CVE ID CVE-2020-5295CVE-2020-5299CVE-2020-11083CVE-2020-5297CVE-2020-5298CVE-2020-5296CVE-2020-11022 CWE ID CWE-98CWE-94CWE-79CWE-73...

 Tags CSV Injection, CVE-2020-5295, CWE-98, Improper Control of Filename for Include/Require Statement in PHP Program, Improper Control of Generation of Code (, Multiple vulnerabilities in October CMS, PHP file inclusion

vamtam-theme-circle-post

 Category Applications VulnerabilitiesAll VulnerabilitiesApplications

CVE-2020-13871 – Alert Detail – Security Database

Executive Summary This vulnerability is currently undergoing analysis and not all information is available. Please...

 Tags Assessment, Audit, CPE, CVE, CVSS, dsa, Exploits, hacking, Microsoft, network security, Oval, product management, Security, Security Foresee, vDNA, vDNA Monitoring, Vulnerability

vamtam-theme-circle-post

 Category Cryptography VulnerabilitiesAll VulnerabilitiesApplications VulnerabilitiesCrypto VulnerabilitiesLinux

Debian: DSA-4697-1: gnutls28 security update>

A flaw was reported in the TLS session ticket key construction in GnuTLS, a library...

 Tags 4697, debian, dsa, DSA46971, gnutls28, Operating Systems Vulnerabilities, Security, update, updategt

vamtam-theme-circle-post

 Category CERT-LatestNews Cryptography ThreatsCybercrime ThreatsEconomic VulnerabilitiesAll VulnerabilitiesApplications VulnerabilitiesCrypto VulnerabilitiesLinux VulnerabilitiesMicrosoft VulnerabilitiesNetwork VulnerabilitiesOS

Tycoon Ransomware Targets Windows, Linux Systems

Cybercrime as-a-service , Fraud Management & Cybercrime , Ransomware Attacks Targeting Education and Software Companies...

 Tags blackberry, Emsisoft, encryption, Java, KPMG, linux, Operating Systems Vulnerabilities, ransomware, RDP, Systems, targets, Tycoon, Windows

 Category Applications VulnerabilitiesAll VulnerabilitiesApplications VulnerabilitiesLinux

Debian update for nodejs

1) Buffer overflow Severity: High CVSSv3: 8.5 [CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C] [PCI] CVE-ID: CVE-2020-8174 CWE-ID: CWE-119 – Improper...

 Tags Buffer overflow, CVE-2020-8174, CWE-119, Debian update for nodejs, Improper Restriction of Operations within the Bounds of a Memory Buffer, Resource exhaustion, Uncontrolled Resource Consumption (

vamtam-theme-circle-post

 Category CERT-LatestNews Microsoft ThreatsCybercrime ThreatsEconomic VulnerabilitiesAll VulnerabilitiesApplications VulnerabilitiesCrypto VulnerabilitiesLinux VulnerabilitiesMicrosoft VulnerabilitiesNetwork VulnerabilitiesOS

Tycoon Ransomware Targets Windows, Linux Systems

Cybercrime as-a-service , Fraud Management & Cybercrime , Ransomware Attacks Targeting Education and Software Companies...

 Tags blackberry, Emsisoft, encryption, Java, KPMG, linux, Operating Systems Vulnerabilities, ransomware, RDP, Systems, targets, Tycoon, Windows



New York State Confirms Breach of Government Network Microsoft Office security updates may break VBA programs, how to fix