Cloud Security

Getshell, a smart camera server in ZTE's home network, can leak private data such as videos and photos of millions of users on the cloud) Xiaoxing looks at getshell caused by improper configuration of a backend server of the smart camera. There is a

Autodesk Design Review buffer overflow vulnerability in CVE-2015-8572)Autodesk Design Review buffer overflow vulnerability in CVE-2015-8572) Release date:Updated on:Affected Systems: Autodesk Design Review Description: CVE (CAN) ID: CVE-2015-8

Libxml2 xmlParseXMLDecl function Information Leakage Vulnerability (CVE-2015-8317)Libxml2 xmlParseXMLDecl function Information Leakage Vulnerability (CVE-2015-8317) Release date:Updated on:Affected Systems: Libxml libxml2 Description: CVE

GRUB2's zero-day vulnerability affects Linux users. Ubuntu and RHEL patches are now available. According to the latest Ubuntu Security Notice of Canonical, a zero-day Security vulnerability exists in GRUB2 (GNU GRand Unified Bootloader), which will

Windows Name resolution mechanism and defect Utilization As a popular science article, this article describes the name resolution mechanism in Windows systems, and also mentions several ways of using the name resolution mechanism defects for

A P2P online lending system foreground getshell and Arbitrary File Deletion Vulnerability (may involve a large amount of financial security) Boom ~Detailed description: /Www/Public/uploadify. php /* Uploadify background processing * // sets the

The latest Android vulnerability can be hacked into any mobile phone in simple steps At a PacSec hacking conference in Tokyo, researchers from Qihoo 360 demonstrated the use of a vulnerability in the Android Chrome browser targeting JavaScript v8.

HP ArcSight SmartConnectors man-in-the-middle Vulnerability (CVE-2015-2902)HP ArcSight SmartConnectors man-in-the-middle Vulnerability (CVE-2015-2902) Release date:Updated on:Affected Systems: HP ArcSight SmartConnectors Description: CVE (CAN)

Redhat's Ceph and Inktank code libraries were hacked RedHat claims that Ceph community projects and Inktank download websites were hacked last week and some code may be damaged. Last week, RedHat suffered a very unpleasant accident. Both the Ceph

Mozilla Firefox Multiple Integer Overflow Vulnerability (CVE-2015-4496)Mozilla Firefox Multiple Integer Overflow Vulnerability (CVE-2015-4496) Release date:Updated on:Affected Systems: Mozilla Firefox Description: Bugtraq id: 76333CVE (CAN) ID:

Cisco uniied MeetingPlace unauthorized password change Vulnerability (CVE-2015-4262)Cisco uniied MeetingPlace unauthorized password change Vulnerability (CVE-2015-4262) Release date:Updated on:Affected Systems: Cisco uniied MeetingPlace Web

Microsoft Office Memory Corruption Vulnerability (CVE-2015-1683) (MS15-046)Microsoft Office Memory Corruption Vulnerability (CVE-2015-1683) (MS15-046) Release date:Updated on:Affected Systems: Microsoft Office 2013 RTMicrosoft Office 2013Microsoft

Google Chrome buffer overflow vulnerability in CVE-2015-1360) Release date:Updated on: Affected Systems:Google Chrome Description:Bugtraq id: 73077CVE (CAN) ID: CVE-2015-1360 Google Chrome is a Web browser tool developed by Google. In Chrome

NTP 'ntp _ io. c' authentication Security Restriction Bypass Vulnerability Release date:Updated on: Affected Systems:NTP NTPd Description:Bugtraq id: 72584CVE (CAN) ID: CVE-2014-9298 Network Time Protocol (NTP) is a Protocol used to synchronize

Sensitive Information Leakage vulnerability still exists after upgrade of TP-LINK router 2015 in TL-WR842N Pulian Technology Co., Ltd. is a network equipment R & D and manufacturing company with nearly 20 years of history. Its products are mainly

How to compare and select next-generation Firewall The security situation is changing every day. For example, changes within an enterprise include how applications are securely used and communicated. Although from the availability perspective, this

Reverse basic Finding important/interesting stuff in the code (2) zing Chapter 2 Call assert Sometimes, the emergence of assert () macro is also useful: Usually this macro will leak the source file name, row number and condition. The most useful

Website security dog Protection Rule bypass in the latest version Tested the website security dog APACHE and IIS versions 1. download the latest version of Web Dongle (APACHE) V3.1.09924 from the official website of safedog, And the webhorse

SQL injection vulnerability in the latest ThinkPHP version The controller of the latest SQL injection vulnerability in ThinkPHP triggers SQL injection: public function test() { $uname = I('get.uname'); $u = M('user')->where(array( 'uname'

Yifu downloads a website from bypassing upload to any file to getshell Yifu downloads a website from bypassing upload to any file to getshell Site: http://kf.bestpay.com.cn Tianyi e-commerce company customer service systemChat with customer service