Cloud Security

NTP Denial of Service Vulnerability (CVE-2015-5219)NTP Denial of Service Vulnerability (CVE-2015-5219) Release date:Updated on:Affected Systems: NTP 4.x Description: Bugtraq id: 76473CVE (CAN) ID: CVE-2015-5219Network Time Protocol (NTP) is a

QEMU 'ne2000. c' Denial of Service Vulnerability (CVE-2015-5278)QEMU 'ne2000. c' Denial of Service Vulnerability (CVE-2015-5278) Release date:Updated on:Affected Systems: QEMU Description: Bugtraq id: 76747CVE (CAN) ID: CVE-2015-5278QEMU is an

Multiple security vulnerabilities in Google Chrome versions earlier than 5.0.2454.85Multiple security vulnerabilities in Google Chrome versions earlier than 5.0.2454.85 Release date:Updated on:Affected Systems: Google Chrome Description:

QEMU 'hw/ide/core. c' Denial of Service Vulnerability (CVE-2015-6855)QEMU 'hw/ide/core. c' Denial of Service Vulnerability (CVE-2015-6855) Release date:Updated on:Affected Systems: QEMU Description: Bugtraq id: 76691CVE (CAN) ID:

WinRAR high-risk vulnerabilities affect 0.5 billion users The latest version of WinRAR SFX v5.21, a popular decompression software, is found to have a high-risk vulnerability that allows remote code execution, affecting up to 0.5 billion users. The

FireEye Local Privilege Escalation Vulnerability for Multiple ProductsFireEye Local Privilege Escalation Vulnerability for Multiple Products Release date:Updated on:Affected Systems: FireEye Malware Analysis System Description: Bugtraq id: 7674

WordPress WP Symposium plugin 'get _ album_item.php 'SQL Injection VulnerabilityWordPress WP Symposium plugin 'get _ album_item.php 'SQL Injection Vulnerability Release date:Updated on:Affected Systems: WordPress WP Symposium WordPress WP

Linux botnet attack target 90% located in Asia Akamai, a security company, has discovered a Linux botnet XOR DDoS attack. It targets at least 20 websites every day, and nearly 90% of target websites are located in Asia. Botnet refers to the use of

Apple iOS APPLE-SA-2015-09-16-1 Security VulnerabilitiesApple iOS APPLE-SA-2015-09-16-1 Security Vulnerabilities Release date:Updated on:Affected Systems: Apple iOS 5.xApple iOS 4.xApple iOS 3.x Description: Bugtraq id: 76764CVE (CAN) ID: CVE-2015-5

Magic Weapon: Qihoo 360 an SSRF bypasses the restriction on proxy access to the Intranet In front of an artifact .. Http://luyou.360.cn/activity/downLoadImg.php? Url =

Technical Q & A: How to view container security Docker container technology is in full swing, and related security technologies are constantly advancing. We are also continuing to explore the application and security of container technology. This

New DDOS attacks: from smart phone browsers   Security experts recently discovered that smartphone browsers can also generate flood attacks with massive traffic. Detected DDOS attacks from mobile browsers According to a security expert analysis, a

Shunfeng has a series of vulnerabilities that allow you to roam through the Internet. The process is complicated .. Not professional description. Sensitive information will be mosaic.                                            

Code auditing solution for the Sixth National Cybersecurity Competition XDCTF is an information security competition for college students nationwide. It is jointly organized by the Information Security Association of xidian and the network defense

SQL injection vulnerability in a substation of GreenTree Inn A substation of GreenTree Inn SQL injection vulnerability http://system.greentree.com.cn: 8080/frontinvest/roomdetail. aspx? Country code = 531001 Enter 'and '1' = '1Enter 'and '1' =

Python_web _ Security1. Preface Python began to build a web server, and gradually increased. Last week, I set up a small ctf to play with it. There was a good python_web question. So I will take a look at python_web security, and summarize it so

CTF writeup: csaw ctf 2015 Web200 Problem Solving Process Problem Lawn Care Simulator is a simple web application used to display the growth process of grass. It contains a lot of valuable content, but we need to log on to get it. However, you

System design defects of a group of joint-stock companies can be cracked by Credential stuffing (already in the background) Three main grain group corporation OA, mailbox system design defects, login port no verification code restrictions, can be

Code audit Case 1-penetration into a CMS official demo site An earlier vulnerability that has been overwhelmed by me does not need to be covered. When the injection is handed over to the dark clouds and the review is too busy for testing, the

Use a whitelist to bypass 360 instances 0x00 Preface Recently, subTee introduced in his blog how to use the white list to bypass protection, but there are bugs in the details. Therefore, this article only describes how to fix the bug and use this