Aggregator

进入设备运行态，获取运行态文件系统数据是目前对网络设备安全性、内部机制研究的第一步。

A vulnerability, which was classified as critical, has been found in ActionPoll 1.1.0/1.1.1. This issue affects some unknown processing of the file actionpoll.php. The manipulation of the argument CONFIG_DB leads to file inclusion. The identification of this vulnerability is CVE-2007-2064. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability classified as critical has been found in Microsoft Windows Vista SP2 up to Server 2012 R2. Affected is an unknown function of the component SMB Server. The manipulation leads to improper access controls. This vulnerability is traded as CVE-2016-3225. It is possible to launch the attack remotely. Furthermore, there is an exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability was found in Genexis Platinum 4410 V2-1.28. It has been rated as problematic. This issue affects some unknown processing of the component WiFi Access Point. The manipulation leads to cross-site request forgery. The identification of this vulnerability is CVE-2020-25015. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as problematic, has been found in RAD SecFlow-1v up to 2020-05-21. This issue affects some unknown processing of the component Web-based Management Interface. The manipulation as part of Javascript File leads to basic cross site scripting (Stored). The identification of this vulnerability is CVE-2020-13260. The attack may be initiated remotely. Furthermore, there is an exploit available.

A vulnerability, which was classified as problematic, was found in D-Link DIR-816L and DIR-803. This affects an unknown part of the file webinc/js/info.php of the component URL Encoding. The manipulation as part of Referer Header leads to cross site scripting. This vulnerability is uniquely identified as CVE-2020-25786. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to replace the affected component with an alternative.

A vulnerability was found in Google Chrome. It has been classified as critical. This affects an unknown part of the component Storage. The manipulation as part of HTML Page leads to out-of-bounds write. This vulnerability is uniquely identified as CVE-2020-15960. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Google Chrome. It has been declared as critical. This vulnerability affects unknown code of the component Extension Policy Validator. The manipulation leads to sandbox issue. This vulnerability was named CVE-2020-15961. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Google Chrome. It has been rated as critical. This issue affects some unknown processing of the component Serial Policy Validator. The manipulation as part of HTML Page leads to memory corruption. The identification of this vulnerability is CVE-2020-15962. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Google Chrome. Affected is an unknown function of the component Policy Enforcement. The manipulation leads to sandbox issue. This vulnerability is traded as CVE-2020-15963. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Google Chrome. Affected by this vulnerability is an unknown functionality of the component Media Handler. The manipulation as part of HTML Page leads to out-of-bounds write. This vulnerability is known as CVE-2020-15964. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Google Chrome. Affected by this issue is some unknown functionality of the component v8. The manipulation as part of HTML Page leads to type confusion. This vulnerability is handled as CVE-2020-15965. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, was found in Google Chrome. This affects an unknown part of the component Policy Enforcement. The manipulation leads to information disclosure. This vulnerability is uniquely identified as CVE-2020-15966. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Google Chrome. This issue affects some unknown processing of the component SCTP. The manipulation as part of HTML Page leads to use after free. The identification of this vulnerability is CVE-2020-6532. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Google Chrome. Affected is an unknown function of the component v8. The manipulation as part of HTML Page leads to type confusion. This vulnerability is traded as CVE-2020-6537. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Google Chrome on Android and classified as problematic. Affected by this vulnerability is an unknown functionality of the component WebView. The manipulation as part of HTML Page leads to origin validation error. This vulnerability is known as CVE-2020-6538. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

01.NET内网安全攻防报刊小报童电子报刊【.NET内网安全攻防】也正式上线了，引入小报童也是为了弥补知识星球

A vulnerability was found in Google Chrome and classified as critical. Affected by this issue is some unknown functionality of the component CSS Handler. The manipulation as part of HTML Page leads to use after free. This vulnerability is handled as CVE-2020-6539. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.