【雲智維資安預警通知】
漏洞分享 - Google Chrome 存在多個漏洞
Google Chrome 存在多個漏洞,允許遠端攻擊者利用這些漏洞,於目標系統觸發阻斷服務狀況、篡改及遠端執行任意程式碼。受影響之系統/漏洞描述:Google Chrome 128.0.6613.119 (Linux) 之前的版本Google Chrome 128.0.6613.119/.120 (Mac) 之前的版本Google Chrome 128.0.6613.119/.120 (Windows) 之前的版本
漏洞分享 - 三星產品存在多個漏洞
三星產品存在多個漏洞,允許遠端攻擊者利用這些漏洞,於目標系統觸發阻斷服務狀況及洩露敏感資料。受影響之系統/漏洞描述:Exynos 980, Exynos 850, Exynos 1080, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 1480, Exynos W920, Exynos W930
漏洞分享 - Ubuntu Linux 內核存在多個漏洞
Ubuntu Linux核心存在多個漏洞,允許遠端攻擊者利用這些漏洞,於目標系統觸發阻斷服務狀況。受影響之系統/漏洞描述:Ubuntu 18.04 ESM
漏洞分享 - RedHat Linux核心存在多個漏洞
RedHat Linux核心存在多個漏洞,允許遠端攻擊者利用這些漏洞,於目標系統觸發阻斷服務狀況、遠端執行任意程式碼、洩露敏感資料、繞過身份驗證及仿冒。受影響之系統/漏洞描述:Red Hat CodeReady Linux Builder for ARM 64 - Extended Update Support 9.2 aarch64Red Hat CodeReady Linux Builder for IBM z Systems - Extended Update Support 9.2 s390xRed Hat CodeReady Linux Builder for Power, little endian - Extended Update Support 9.2 ppc64leRed Hat CodeReady Linux Builder for x86_64 - Extended Update Support 9.2 x86_64Red Hat Enterprise Linux for ARM 64 - 4 years of updates 9.2 aarch64Red Hat Enterprise Linux for ARM 64 - Extended Update Support 9.2 aarch64Red Hat Enterprise Linux for IBM z Systems - 4 years of updates 9.2 s390xRed Hat Enterprise Linux for IBM z Systems - Extended Update Support 9.2 s390xRed Hat Enterprise Linux for Power, little endian - Extended Update Support 9.2 ppc64leRed Hat Enterprise Linux for Real Time for NFV for x86_64 - 4 years of updates 9.2 x86_64Red Hat Enterprise Linux for Real Time for x86_64 - 4 years of updates 9.2 x86_64Red Hat Enterprise Linux for x86_64 - Extended Update Support 9.2 x86_64Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.4 x86_64Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 9.2 x86_64Red Hat Enterprise Linux Server - AUS 8.4 x86_64Red Hat Enterprise Linux Server - AUS 9.2 x86_64Red Hat Enterprise Linux Server - TUS 8.4 x86_64Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.4 ppc64leRed Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 9.2 ppc64le
漏洞分享 - SUSE Linux 內核存在多個漏洞
SUSE Linux 內核存在多個漏洞,允許遠端攻擊者利用這些漏洞,於目標系統觸發繞過身份驗證。受影響之系統/漏洞描述:Basesystem Module 15-SP5openSUSE Leap 15.5openSUSE Leap Micro 5.5SUSE Linux Enterprise Desktop 15 SP5SUSE Linux Enterprise High Performance Computing 15 SP5SUSE Linux Enterprise Micro 5.5SUSE Linux Enterprise Real Time 15 SP5SUSE Linux Enterprise Server 15 SP5SUSE Linux Enterprise Server for SAP Applications 15 SP5
漏洞分享 - 兆勤揭露無線基地台和資安路由器設備存在命令注入漏洞
於9月3日兆勤科技(Zyxel Networks)發布資安公告,其說明旗下部分部分Wi-Fi路由器設備存在重大層級漏洞(CVE-2024-7261),導致原因是在於路由器CGI程式,host參數的特殊元素出現處理不當(improper neutralization),故讓攻擊者有機會藉由發送特定cookie並在未經授權下執行作業系統命令。https://www.kjintelligent.com/hot_498345.html[資安漏洞通知] Google Chrome、三星、Ubuntu Linux、RedHat Linux、SUSE Linux、兆勤2024-09-162025-09-16