每日安全动态推送(12-15)

统计信息

已收录文章数量：18742 篇

已收录公众号数量：91 个

本站文章为爬虫采集，如有侵权请告知

本周热门文章

【漏洞预警】VMware 多个高危漏洞(CVE-2021-21972等) 2021.02.24 15:12:41 88

强制性国标GB40050-2021《网络关键设备安全通用要求》发布 2021.02.25 07:12:50 76

限时删除,《去你丫的算法》开放电子书下载! 2021.02.24 08:10:17 71

网安杂谈收藏夹 2021.2.21 2021.02.22 07:00:48 70

最值得期待的Python进阶宝典《Effective Python》第2版中文版来咯!... 2021.02.23 08:10:47 68

每日安全动态推送(02-22) 2021.02.22 11:29:27 64

漏洞情报 | SaltStack多个高危漏洞风险通告 2021.02.26 11:34:13 63

排名前100位的网络安全黑客 2021.02.22 23:02:08 62

百家|手把手教你免费自建百万量级数据日志分析系统 2021.02.23 15:40:14 58

VMware多个高危漏洞通告 2021.02.24 18:00:20 56

已收录微信公众号

区块链 Python 威胁情报行业资讯最新漏洞 SRC 技术文章

工作&招聘漏洞&CVE 会议&竞赛

每日安全动态推送(12-15)

本文来自公众号：腾讯玄武实验室 2020.12.15 11:48:35

Tencent Security Xuanwu Lab Daily News

• GitHub - bsauce/kernel_exploit_factory: Linux kernel CVE exploit analysis report and relative debug environment. You don't need to compile Linux kernel and configure your environment anymore.:
https://github.com/bsauce/kernel_exploit_factory//

・ Linux 内核多个漏洞的 Exploit 与 Writeup – Jett

• GHSL-2020-205: Remote Code Execution in Apache Struts 2 - S2-061 - CVE-2020-17530:
https://github.co/2W9jOod

・ Apache Struts 2 CVE-2020-17530 RCE 漏洞分析 – Jett

• 2092 - Qualcomm Adreno GPU PID reuse leads to shared mapping leak - project-zero:
https://bugs.chromium.org/p/project-zero/issues/detail?id=2092

・ Issue 2092: Qualcomm Adreno GPU PID reuse leads to shared mapping leak – Jett

• Vulnerabilities in McAfee ePolicy Orchestrator:
https://swarm.ptsecurity.com/vulnerabilities-in-mcafee-epolicy-orchestrator/

・ Vulnerabilities in McAfee ePolicy Orchestrator – Jett

• Dark Halo Leverages SolarWinds Compromise to Breach Organizations | Volexity:
https://www.volexity.com/blog/2020/12/14/dark-halo-leverages-solarwinds-compromise-to-breach-organizations/

・ Volexity 对 SolarWinds 供应链攻击事件的分析 – Jett

• About the security content of iOS 14.3 and iPadOS 14.3 - Apple Support:
https://support.apple.com/en-us/HT212003

・ Apple 发布 iOS、iPadOS、macOS 版本更新 – Jett

• [ Virtualization ] Page Fault Injection in Virtual Machines: Accessing Swapped-Out Pages from HVMI:
https://hvmi.github.io/blog/2020/12/14/pfinjection.html

・ Page Fault Injection in Virtual Machines: Accessing Swapped-Out Pages from HVMI – Jett

• [ Tools ] [PDF] https://i.blackhat.com/eu-20/Wednesday/eu-20-LimitedResults-Debug-Resurrection-On-nRF52-Series.pdf:
https://i.blackhat.com/eu-20/Wednesday/eu-20-LimitedResults-Debug-Resurrection-On-nRF52-Series.pdf

・ Debug Resurrection on nRF52 Series – Jett

• GHSL-2020-192, GHSL-2020-196: File existence disclosure in aptdeamon - CVE-2020-16128:
https://github.co/37QVtJc

・ Ubuntu aptdeamon CVE-2020-16128 文件存在性检查信息泄露漏洞 – Jett

• [ Windows, Tools ] Kerberos Bronze Bit Attack (CVE-2020-17049) Scenarios to Potentially Compromise Active Directory:
https://www.hub.trimarcsecurity.com/post/leveraging-the-kerberos-bronze-bit-attack-cve-2020-17049-scenarios-to-compromise-active-directory

・ Kerberos Bronze Bit Attack (CVE-2020-17049) Scenarios to Potentially Compromise Active Directory – Jett

* 查看或搜索历史推送内容请访问：
https://sec.today

* 新浪微博账号：腾讯玄武实验室
https://weibo.com/xuanwulab