NVIDIA GPU was traced to vulnerabilities, you can view the porn browsing history-bug warning-the black bar safety net

! Chrome's incognito mode in some specific cases not necessarily be able to protect individual privacy, recently a gamer the exposure of the Nvidia GPU of the previous vulnerability, the use of the vulnerability can view Chrome incognito mode to browse porn sites picture. Evan Andersen once loade...

Lenovo, Dell and Toshiba computers exposure to serious OEM vulnerability-vulnerability warning-the black bar safety net

! Recently, the Association of the device and can be easily hijacked, while Dell and Toshiba PC and also because of the serious vulnerabilities and suffer. Security researcher slipstream/RoL online publishing of the vulnerability and demonstrates how the intrusion of the market on the machine...

Cyrus IMAP index_urlfetch integer overflow vulnerability(CVE-2 0 1 5-8 0 7 8)-vulnerability warning-the black bar safety net

CVECAN ID: CVE-2 0 1 5-8 0 7 8 Cyrus IMAP server Carnegie Mellon University developed the e-mail server. Cyrus IMAP 2.3.19, 2.4.18, and 2.5.6 version, imap/index. c in function indexurlfetch there is an integer overflow vulnerability, a remote attacker via urlfetch range check and sectionoffset...

Microsoft to fix the Bitlocker Drive Encryption tool bypass vulnerability-vulnerability warning-the black bar safety net

! Microsoft recently fix for Windows Bitlocker Drive Encryption in a vulnerability, this vulnerability can be used to quickly bypass the encryption function to obtain to the victims of the encryption of important information. Encryption vulnerabilities in software Disk encryption tool is an...

muymacho---dyld_root_path exploit analysis-exploit warning-the black bar safety net

muymacho is an exploit tool. Exists in Mac OS X 10.10.5 in dyld bug can be used to extract right to the root. In the latest chief stone of EI Capitan 10.11 in has been patched. This is an interesting bug, the use of the process is also a lot of fun. The present article aims to introduce the use o...

SAP Afaria product exposed a series of serious vulnerabilities that affect a large number of mobile device-bug warning-the black bar safety net

Afaria is the German SAP software company developed a mobile device management MDM solutions that are currently on the market the most popular MDM solutions, there are about 6 3 0 0 a enterprise which manages 1 billion 3 0 0 million of the mobile device. ERPScan is specifically responsible for th...

iOS vulnerability can lead to the Apple ID theft-vulnerability warning-the black bar safety net

In yesterday's release of the iOS 9 upgrade, Apple repair Alibaba Mobile Security Team discovered three security vulnerabilities: CVE-2 0 1 5-5 8 3 8, CVE-2 0 1 5-5 8 3 4, CVE-2 0 1 5-5 8 6 8 The. ! Wherein the CVE-2 0 1 5-5 8 3 8 this vulnerability can let hackers in a non-jailbroken iPhone 6 on...

Heart drop of blood away? 2 0 million equipment is still under threat-vulnerability warning-the black bar safety net

Heart drop of blood is already a thing of the past? NO! A lapse of more than a year after the infamous the heart of the blood security vulnerabilities and not completely disappeared, still the 2 0 million of network devices present a security threat. According to Shodan, the search results displa...

Pangu disclosure iOS8. 4. 1 kernel exploit Apple to iOS9 in the repair section-Vulnerability warning-the black bar safety net

Yesterday, China's first successful jailbreak the iOS team Pangu team discloses 3 present in the iOS 8.4.1 kernel extension at the vulnerabilities: a stack overflow Bug, an out of bounds memory access Bug, a stack overflow Bug. One of the“perfect”could be compromised all the kernel protection and...

PfSense command injection vulnerability analysis-vulnerability warning-the black bar safety net

In this article, we will introduce in PfSense 2. 1. 3 and the lower version in the CVE-2 0 1 4-4 6 8 8 vulnerability; the higher the version, pfSense has fixed this vulnerability. 0x01 Diagdns. php script command injection vulnerability Shown below is the script diagdns. in php there is a command...

mitmproxy kit using the Raiders and customization-bug warning-the black bar safety net

mitmproxy is a support for HTTPSMiTM proxy tool. Different from Fiddler2, and burpsuite, etc. similar function tools, mitmproxy can be in the terminal under the run. mitmproxy in Python development, is to assist the web development&testing, debugging, penetration testing tool. The working princip...

Firefox bookmarks extensions apps Pocket: vulnerability mining not so difficult-vulnerability warning-the black bar safety net

The Pocket application's developers recently fixed a few leaked data a vulnerability, hackers may be from the server to obtain WEB Services, internal IP address, as well as more sensitive information. Pocket profile Pocket formerly known as Read it Later, as the name suggests, is an online...

BlackHat topic analysis: analysis of BGP hijacking exploit-vulnerability warning-the black bar safety net

BGP hijacking in 2 0 0 8 years defcon conference once involved, however, in 2 0 1 5 year's blackhat has been selected as the subject, visible the seriousness of the problem, frozen three feet, a cold, BGP hijacking issues to organizations around the world work together to solve it. 0×0 0 what is ...

The popular DNS server software BIND exposed serious DoS vulnerability-vulnerability warning-the black bar safety net

BIND is the world's most popular DNS server software. The Internet Association, the ISC published Vulnerability CVE-2 0 1 5-5 4 7 7 patch, this is an affected BIND server to a serious denial of service vulnerability. BIND denial of service vulnerability A week ago, the Internet Association, the I...

Android Stagefright high-risk vulnerability: a preliminary study-vulnerability warning-the black bar safety net

Order Shocked Stagefright exposed significant vulnerabilities can result in remote code execution, even clockwork MMS, it is possible the invasion of the user mobile device. This sounds but a rare case of a large vulnerability., as security personnel, nature good steak with a steak insider...

Smart home vulnerabilities is how to be hackers-use-vulnerability warning-the black bar safety net

! Smart Home is today's favourites, however in people only focus on the home of intelligent and humane, hackers are will look to put in a smart home, everything can be exploitable. From the application vulnerability Data show that in a variety of home automation equipment and the help of sensors,...

IdeaCMS built Station system universal vulnerability affects thousands of sites-vulnerability warning-the black bar safety net

IdeaCMS based on the ASP+MSSQL/ACCESS technology development from 2 0 0 8 released in the first version since, every year, we are on a program to do a larger version of the update, so far has released six major versions. IdeaCMS in a simple, efficient, flexible, easy to use, open source, template...

iPhone vulnerability an SMS makes the phone crash-vulnerability warning-the black bar safety net

iPhone latest vulnerability need only a string of character text message can let the recipient of the phone crash. It is reported that received the SMS on the phone Messages application will crash, eventually cause the phone to reboot. It is reported that the vulnerability exists in most of the i...

Iphone SMS magic: one SMS to make the iPhone crash to restart-vulnerability warning-the black bar safety net

Apple mobileoperating systemappears in a new bug, which can lead to any iPhone to crash and restart. This problem is caused by a simple text message caused. When the Messages received, one particular by character of the string, the iPhone Message app will continue to crash. And if you accept the...

Android WiFi Management Component wpa_supplicant presence of high-risk vulnerabilities that can lead to leaked memory information, DoS, denial of service or arbitrary code execution-vulnerability warning-the black bar safety net

Popular WLAN Wireless Network Management Component cwpasupplicant exposed high-risk vulnerabilities CVE-2 0 1 5-1 8 6 3, and can lead to leaked memory information, DoS, denial of service or arbitrary code execution. cwpasupplicant in Android, Linux, BSD, Mac OS X, Windows and some otheroperating...

Security notice: Django framework arbitrary file include vulnerability-vulnerability warning-the black bar safety net

In the 4 on 2 1 May, based on the python open source web framework Django released a security Bulletin, saying that in≤1.5 version of Django contrib. markup the package there is any file that contains the vulnerability, the attacker may be by docutils to attack. On docutils The Docutils project i...

Kingsoft enterprise terminal protection optimization system Web Console without having to log any file deleted-bug warning-the black bar safety net

Kingsoft enterprise terminal protection optimization system Web Console without having to log arbitrary file deletion Arbitrary file deletion: File:/tools/manage/deletetools.php code area children; $i++ if $xml-tool$i-id == $id @unlink"../".$ xml-tool$i-name; if$xml-tool$i-image != "test. png"...

SSL/TLS MiTM hijacking vulnerability warning-vulnerability warning-the black bar safety net

Dear users: Security researchers discover new SSL/TLS on a serious vulnerability. Find the vulnerability the researchers noted that the use of this encryption technology vulnerabilities, hackers can steal Apple Safari and Google Android browsers of the user communication. Vulnerability descriptio...

By wave cms x2. 1 x2. 0 version there is a file upload vulnerability in official website of the demo test is successful(reference poc)-vulnerability warning-the black bar safety net

Brief description: By the waves of the latest version there is a file upload vulnerability See x2. 0 the presence of the same vulnerability x2. 0 the following did not see do not know whether the presence of the same upload vulnerability Detailed description: Vulnerability page code area...

DedeCMS Xss+Csrf Getshell \dede\file_manage_control. php-vulnerability warning-the black bar safety net

Directory 1. Vulnerability Description 2. Vulnerability trigger conditions 3. Vulnerability the range of 4. Vulnerability code analysis 5. Defense method 6. Offensive and defensive thinking 1. Vulnerability description This exploits the way a simple generalization 1. This exploits the premise is...

IP. Board CMS malicious redirect analysis-vulnerability warning-the black bar safety net

IP. Board CMS is a famous CMS system, which allows users to easily create and manage online communities. And recently Sucuri researcher recently found a for the IP. Board of redirection. After analysis, researchers found that this attack has lasted 2 years. ! Visitors is a malicious redirect The...

Rsync path spoofing attack vulnerability-vulnerability warning-the black bar safety net

Affected system: Samba rsync 3.1.1 Description: CVECAN ID: CVE-2 0 1 4-9 5 1 2 rsync is a fast incremental file transfer tool that is used in the same host the backup inside the backup. rsync 3.1.1 version there is a path spoofing attack vulnerability, through the synchronization path of the file...

Many well-known hotel chains, high-end brand hotels there are serious security vulnerabilities, massive open room information stored in the disclosure risk-vulnerability warning-the black bar safety net

Well-known Inn orange, Jinjiang Inn, the super eight, pudding; high-end hotel the MARRIOTT Hotel Group, MARRIOTT, Ritz Carlton, Starwood group, Sheraton, Le Meridien, W Hotels, Intercontinental Hotel Group, Holiday Inn, etc there is a serious security breach, the tenant Open House information at ...

Millet smart cameras small ants there is a remote command execution vulnerability-vulnerability warning-the black bar safety net

! t0167153064b2673d18. png Vulnerability description: Small ants Camera application management program the presence of a remote command execution vulnerability through the web interface with root privileges to execute arbitrary system commands without any web permissions, now the official latest...

Vulnerability alert: well-known WordPress theme Pagelines and Platform the presence of high-risk vulnerabilities-vulnerability warning-the black bar safety net

Use the Pagelines and Platform themes for WordPress users, please update the theme version. We at once on WAF routine audit, accidentally discovered two serious vulnerabilities: a privilege elevation vulnerability affecting the Pagelines and Platform, as well as a remote code execution...

WSS is the latest version of any user of the password reset（official demo demo-the vulnerability warning-the black bar safety net

WSS latest version of the design flaws lead to arbitrary user password reset, including the administrator 文件 usereditpassword.php code area ? php $editFormAction = $SERVER'PHPSELF'; if isset$SERVER'QUERYSTRING' $editFormAction .= "?" . htmlentities$SERVER'QUERYSTRING'; $password = "-1"; if...

Vulnerability early warning:. NET remote code execution vulnerability with EXP-a vulnerability warning-the black bar safety net

Just last week Microsoft announced. NET open source the good news, 其内容涉及.NET Framework Libraries,. NET Core Framework Libraries and RyuJit VM, allowing developers to write run on Mac OS X and Linux . NET program. Application developers are laughing, it's nothing...... The key is the security...

The Windows kernel mention the right Vulnerability, CVE-2 0 1 4-4 1 1 3 analysis report-vulnerability warning-the black bar safety net

0x00 vulnerability background Recently, CrowdStrike team found Win64bit2008 R2 Server on the system there is a suspicious attack behavior and capture to the associated samples. Baidu security attack and Defense laboratories to the outside world release of the poc for the research, the vulnerabili...

A simple little program vulnerability analysis and exploit-vulnerability warning-the black bar safety net

Body Description: readfile. exe is the vulnerability of the program, it reads the c:\overflow. txt file, and the contents of the file in the dialog form pop up. Analysis process: First step: In overflow. txt text input 1 2 3 4 Using readfile. exe opened, program executed properly. In the text inp...

The relevant departments repair. Instagram can be accessed vulnerability-vulnerability warning-the black bar safety net

Today the Facebook-owned photo-sharing service Instagram be blocked in social networking sites such as Sina Weibo, Instagram search is also shielded. As early as this year 7 month, Instagram application from the main domestic third-party Android stores disappear. It is not possible to determine...

BASH vulnerability of the early mining-vulnerability warning-the black bar safety net

Most recently, the BASH broke to a remote code execution vulnerabilityCVE-2 0 1 4-6 2 7 1 to. BASH in addition to can be shell variables exported as environment variables, you can also shell functions are exported as environment variables! The current version of the bash through to the function...

Sogou browser 5. 0. 9. 13085HTTP204 fake website vulnerability-vulnerability warning-the black bar safety net

Brief description: Sogou browser 5. 0. 9. 13085HTTP204 fake website vulnerability Detailed description: ! Vulnerability proof: a the function d var k = window. open"java script:document. write4", "xx"; 1 2 next...

A vulnerability can lead to getting letv network-vulnerability warning-the black bar safety net

Improperly configured directly execute the command, you can endanger the entire network system, due to the vulnerability of IP is not a binding domain, that is not. letv.com and all the test say is with the domain name, without a domain name is not received, so sobug does not recognize this...

Response work is not in place the Heartbleed vulnerability still exist-vulnerability warning-the black bar safety net

In the high-profile Heartbleed vulnerability is exposure of more than a month after the investigation found that this serious OpenSSL vulnerability still exists in the hundreds of thousands of servers and some SSL port, this is mainly because the entire industry response to the work is not in...

Days thaw letter is not timely help users install the latest security patches-bug warning-the black bar safety net

Currently found in Hua shield firewall basically didn't patch a lot of days thaw letter of vpn and firewall-no patch. Through the abroad for an engine to view-day financial device 1. 2w Station, no desire to write tools to batch validate. The following content is excerpted from days financial...

PHPYUN cloud talent system background CSRF Getshell-a vulnerability warning-the black bar safety net

phpyun background no authentication token, by the CSRF directly getshell First, from the background getshell start. The web site's configuration file,/plus/config.php using double quotes to do the key value, which leads to security issues. We can put php code to write into the double quotes insid...

Open source BUG tracking platform JIRA directory traversal vulnerability analysis-vulnerability warning-the black bar safety net

Recently, a new announcement report a Jira 5.0. 1 1 and 6. 0. 3 versions of the directory traversal vulnerability in the last 7 months to be verified, and in the next few months to repair. Attack method is very simple, but the potential impact is very large, the vulnerability could allow an...

Adobe warning Flash high-risk vulnerabilities: Mac and PC fast upgrade-vulnerability warning-the black bar safety net

Adobe on Tuesday for the Flash plug-in released a security update that solves allow an attacker to remotely control a user's computer vulnerabilities. According to Adobe, as long as the running version for 1 2. 0. 0. 4 3 or earlier versions of Flash Mac and a Windows machine can be vulnerable to...

dede getshell exp + temporary patch-vulnerability warning-the black bar safety net

dede good fire old cassock also to scrape together a lively. In fact getshell many methods do not always tangled how to insert mytag table such as near myad table is a good place to update a word did not say more not much to say directly to the getshell exp. getshell exp To change the password wh...

IIS4\IIS5 CGI environment block forged 0day vulnerabilities-vulnerability warning-the black bar safety net

About 1 4 years ago find until now the 0day Is IIS4\IIS5 vulnerabilities, corresponding to theoperating systemis a winnt and win2000 system that Microsoft no longer supports the software, their strategies want to knock out these systems, 1 to 1 of the report, after Microsoft decided to no longer...

2 0 1 4 years 1 months 2 9, Kloxo vulnerability: the Default directory to upload and external DDOS attack-vulnerability warning-the black bar safety net

This is an urgent situation, KLOXO proof important security issues, malicious visitors by KLOXO panel Default directory for incoming malicious PHP code部分 如 default.php, the actual control of the machine toDDoSattackreferred to as the contract, resulting in the VPS or server, network congestion, t...

By wave CMS General-purpose SQL injection 8+9（select models）-bug warning-the black bar safety net

Brief description: It seems by the waves begin to completely closed-source. Already ready to block everyone decompile, temporarily also don't know is with what method, after the if research out of words to say it. So official don't pull what XXX the source package, not open source is not a shame...

struts2 latest s2-0 1 6 code execution vulnerability-vulnerability warning-the black bar safety net

Affected version: Struts 2.0.0 – Struts 2.3.15 Vulnerability description: The Struts 2 DefaultActionMapper supports a method for short-circuit navigation state changes by prefixing parameters with “action:” or “redirect:”, followed by a desired navigational target Expression. This mechanism was...

phpscup enterprise built Station system v1. 8. 2-stored xss vulnerability-vulnerability warning-the black bar safety net

Long time useless computer, recently busy Ah, just from the factory-do come back..... Just before this point of time on the Internet, ^^ looking for a source see directly the analogy recommended and download!!! phpscup enterprise built Station system v1. 8. 2 Analysis ing...... The online search...

tipask quiz system 2. 0 ajaxsearch secondary code injection vulnerability and fix-vulnerability warning-the black bar safety net

Tipask quiz system is an open source PHP imitation Baidu know the program. To the Chinese use habit of the design concept, the use of the MVC framework, the system has a fast speed, SEO-friendly, the interface operation is clean and clear and other characteristics. But Tipask in the presence of t...