Tag:Loophole
-
Time:2021-12-29
[regulations on the management of network product security vulnerabilities · Article 7] Network product providers shall perform the following network product security vulnerability management obligations, ensure that their product security vulnerabilities are timely repaired and reasonably released, and guide and support product users to take preventive measures: (1) After discovering or learning that there are […]
-
Time:2021-12-28
Apache log4j 2 is an open source logging tool, which is widely used in various frameworks. Recently, Apache log4j 2 was revealed to have a vulnerability. The vulnerability has been disclosed. This article provides kubesphere users with recommended fixes. This vulnerability is caused by the lookup function provided by log4j 2, which allows developers to […]
-
Time:2021-12-19
This article only provides ideas for reference learning Injection vulnerability Inject vulnerabilities asOWASP Top 10First, it is a very common vulnerability. After an attacker injects malicious code, it can cause very serious consequences, and SQL injection is the big head. As a little white who knows security for the first time, this is a good […]
-
Time:2021-12-18
Safety information report Economic Daily: build a strong data security protection network The regulations on the administration of network data security (Draft for comments) drafted by the state Internet Information Office in conjunction with relevant departments was published. This is another important measure for the country to strengthen the rule of law of network data. […]
-
Time:2021-12-12
preface: Hello, I’m Jay Chou! The tool itself is not good or bad, but if you can make full use of good tools, you can often achieve unexpected results, especially in the security industry. This issue recommends some free and excellent security software tools. Whether it is penetration testing, open source intelligence, or vulnerability assessment, […]
-
Time:2021-12-10
Network security researchers found seven vulnerabilities in dnsmasq, a popular open source software server used to cache domain name system (DNS) responses. These seven vulnerabilities are collectively referred to as “dnspooq” by the Israeli research company jsof, which echoes the weaknesses of the DNS architecture previously disclosed, making the dnsmasq server unable to resist a […]
-
Time:2021-11-30
brief introduction Fscan is a comprehensive intranet scanning tool, which is convenient for one click automation and all-round vulnerability scanning. It supports host survival detection, port scanning, blasting of common services, ms17010, redis batch writing public key, planning task rebound shell, reading win network card information, web fingerprint identification, web vulnerability scanning, NetBIOS detection, domain […]
-
Time:2021-11-28
This problem has a huge impact, involving all the shopping malls developed through niushop. I hope this article can attract everyone’s attention. (Note: the mall used in the demonstration has fixed this vulnerability) Severity: super grade Solution: 1. Judge the user’s identity when accessing the vulnerability page; 2. Verify the uploaded file suffix. After attending […]
-
Time:2021-11-24
Author: Tim Kadleccompile:Beard big ha Translated text:http://huziketang.com/blog/posts/detail?postId=58df725ba58c240ae35bb8dc English connection:77% of sites use at least one vulnerable JavaScript library Please indicate the source and keep the original link and author information A few weeks ago, an article said that 37% of websites used JavaScript libraries with at least one vulnerability. When we writeThis reportAs mentioned, we […]
-
Time:2021-11-24
Patrol is a kind of mobile phone suitable for enterprise intranetVulnerability quick emergency and cruise scanningThe system can clearly understand the distribution of internal network assets through the search function, and can specify the vulnerability plug-in to quickly detect vulnerabilities in the search results and output the result report.Its main body is divided into two […]
-
Time:2021-11-20
Source: qubit Linux system was “broken” by two children who didn’t know any technology. They just press indiscriminately on the keyboard and screen to easily bypass the password and enter the locked Linux desktop. Recently, a programmer’s father watched his computer “broken” by his children. As a programmer, his first thought is not beating and […]
-
Time:2021-11-20
I am a kite, the official account is “ancient kite”, a programmer who has both depth and breadth, a programmer who wants to write poems but codes.The article will be included inJavaNewBeeThere is also a Java back-end knowledge map, in which the road from Xiaobai to Daniel is all in. The title is a little […]
