Emergency Response

Overview Recently, NSFOCUS CERT detected that GitLab issued a security announcement and fixed the identity bypass vulnerability (CVE-2024-6385) in GitLab Community Edition (CE) and Enterprise Edition (EE). Due to the incomplete fixing of CVE-2024-5655, if the target branch has been deleted, when the target Gitlab repository merges the Merge Request controllable by attackers, The Pipeline […]

Overview On July 10, NSFOCUS CERT detected that Microsoft released a security update patch for July, which fixed 139 security issues involving Windows, Microsoft SQL Server, Microsoft Office, Azure and other widely used products, including high-risk vulnerabilities such as privilege escalation and remote code execution. Among the vulnerabilities fixed in Microsoft’s monthly update this month, […]

Overview Recently, NSFOCUS CERT detected that GeoServer and GeoTools issued security announcements and fixed the XPath expression injection vulnerability in GeoServer and GeoTools (CVE-2024-36404). As the GeoTools library API called by GeoServer will pass the attribute name of element type to commons-jxpath library in an insecure manner, this library can execute arbitrary code when parsing […]

Overview Recently, NSFOCUS CERT detected that OpenSSH issued a security announcement and fixed the remote code execution vulnerability of OpenSSH (CVE-2024-6387). Due to a signal handler race condition issue in OpenSSH Server (sshd) under the default configuration, if the client does not authenticate within seconds of LoginGraceTime (120 seconds by default and 600 seconds in […]

Overview Recently, NSFOCUS CERT detected that VMware released a security announcement to fix the heap overflow vulnerability (CVE-2024-37079/CVE-2024-37080) and privilege escalation vulnerability (CVE-2024-37081) in VMware vCenter Server. At present, the official version has been fixed. Please take measures for protection. CVE-2024-37079/CVE-2024-37080: Because the vCenter Server has a heap overflow vulnerability when executing the DCERPC protocol, […]

Overview Recently, NSFOCUS CERT detected that Microsoft released a security update patch for June, which fixed 49 security issues involving widely used products such as Windows, Azure, Microsoft Office and Microsoft Visual Studio, including high-risk vulnerabilities such as privilege escalation and remote code execution. Among the vulnerabilities fixed in Microsoft’s monthly update this month, there […]

Overview NSFOCUS CERT has monitored the disclosure of a PHP CGI Windows platform remote code execution vulnerability (CVE-2024-4577) on the internet recently. Due to PHP’s oversight of the Best-Fit character mapping feature of the Windows system during its design, running PHP in CGI mode on the Windows platform and using the following language settings (Simplified […]

Overview Recently, NSFOCUS CERT detected that the details and verification tools of a Linux kernel privilege escalation vulnerability (CVE-2024-1086) are disclosed on the internet. Because the netfilter: nf _ tables component of the Linux kernel has a post-release reuse vulnerability, the nft _ verdict _ init () function allows positive values to be used as […]

Overview Recently, NSFOCUS CERT detected that Atlassian issued a security announcement and fixed the remote code execution vulnerability in Confluence Data Center and Server (CVE-2024-21683), with a CVSS score of 8.3. Authenticated attackers can realize remote code execution by constructing malicious requests, which will have a great impact on the confidentiality, integrity and availability of […]

Overview Recently, NSFOCUS CERT detected that Oracle has released a security announcement and fixed two information disclosure vulnerabilities (CVE-2024-21006/CVE-2024-21007) in Oracle WebLogic Server. Due to the defects of T3/IIOP protocol, unauthenticated attackers can send malicious requests through servers affected by T3/IIOP protocol. Access to sensitive information on the target system. Affected users should take measures […]