CVE-2020-14882: Oracle WebLogic Remote Code Execution Vulnerability Exploited in the Wild
October 29, 2020A remote code execution vulnerability in Oracle WebLogic Server has been actively exploited in the wild just one week after a patch was released and one day after a proof of concept was published.Upda...
Multiple Vulnerabilities in CodeMeter Leave Managed Industrial Control Systems Open to Attack
September 29, 2020Six vulnerabilities in a popular license management product put industrial control systems at risk for remote attacks. Background On September 8, researchers at Claroty published their detailed anal...
CVE-2020-1938: Ghostcat - Apache Tomcat AJP File Read/Inclusion Vulnerability (CNVD-2020-10487)
February 21, 2020Several proof-of-concept exploit scripts for recently patched flaw in Apache Tomcat are now available.BackgroundOn February 20, China National Vulnerability Database (CNVD) published a security adviso...