Qhov zoo tshaj plaws server kab. Muab khoom plig rau kev txheeb xyuas thiab siv cov txheej txheem nyuaj tshaj plaws thiab nthuav kab kab hauv kev pabcuam network. Cov yeej yog cov kws tshawb fawb qhia tawm Qhov tsis zoo hauv VPN tus muab kev pabcuam Pulse Secure, nws qhov kev pabcuam VPN yog siv los ntawm Twitter, Uber, Microsoft, sla, SpaceX, Akamai, Intel, IBM, VMware, US Navy, US Department of Homeland Security (DHS) thiab tej zaum ib nrab ntawm cov Cov tuam txhab los ntawm Fortune 500 Cov Kws Tshawb Fawb tau pom qhov chaw rov qab uas tso cai rau tus neeg tawm tsam tsis raug cai hloov tus password ntawm txhua tus neeg siv. Qhov ua tau ntawm kev siv qhov teeb meem kom tau txais cov hauv paus nkag mus rau VPN server uas tsuas yog qhov chaw nres nkoj HTTPS qhib tau pom;
Ntawm cov neeg sib tw uas tsis tau txais qhov khoom plig, cov hauv qab no tuaj yeem sau tseg:
Ua haujlwm nyob rau theem ua ntej kev lees paub yooj yim nyob rau hauv Jenkins nruam kev koom ua ke system, uas tso cai rau koj mus ua txhaum cai ntawm lub server. Qhov tsis zoo yog nquag siv los ntawm bots los npaj cryptocurrency mining ntawm servers;
Tseem ceeb yooj yim nyob rau hauv Exim mail neeg rau zaub mov, uas tso cai rau koj mus tua code ntawm lub server nrog cov cai hauv paus;
Vulnerabilities hauv Xiongmai XMeye P2P IP koob yees duab, tso cai rau koj los tswj cov cuab yeej. Cov koob yees duab tau muab nrog tus password engineering thiab tsis siv cov ntawv pov thawj kos npe digital thaum hloov kho lub firmware;
Kom txhob raug nyob rau hauv WordPress, txuam nrog loading PHP code nyob rau hauv lub guise ntawm ib tug duab. Qhov teeb meem tso cai rau koj los ua qhov kev txiav txim siab ntawm tus neeg rau zaub mov, muaj cov cai ntawm tus sau cov ntawv tshaj tawm (Sau) ntawm lub xaib;
Qhov zoo tshaj plaws Client Software Bug. Tus yeej yog qhov yooj yim-rau-siv yooj yim hauv Apple FaceTime pab pawg hu xov tooj, tso cai rau tus thawj coj ntawm pab pawg hu kom yuam kev hu kom raug lees txais los ntawm tog neeg hu (piv txwv li, mloog thiab snooping).
Kuj nominated rau nqi zog yog:
Kom txhob raug hauv WhatsApp, uas tso cai rau koj ua tiav koj cov cai los ntawm kev xa ib lub suab hu tshwj xeeb;
Kom txhob raug nyob rau hauv lub tsev qiv ntawv Skia graphics siv nyob rau hauv Chrome browser, uas tuaj yeem ua rau lub cim xeeb kev noj nyiaj txiag vim yog qhov yuam kev hauv qee qhov kev hloov pauv geometric;
Kom txhob raug hauv Windows, tso cai rau koj kom tau txais kev tswj hwm tag nrho ntawm lub kaw lus los ntawm kev tswj hwm nrog CreateWindowEx (win32k.sys) muaj nuj nqi. Qhov teeb meem raug txheeb xyuas thaum lub sij hawm tsom xam ntawm malware uas siv qhov tsis zoo ua ntej nws raug kho;
Kom txhob raug hauv runc thiab LXC, cuam tshuam rau Docker thiab lwm lub thawv cais tawm, tso cai rau lub thawv cais tswj los ntawm tus neeg tawm tsam los hloov cov ntaub ntawv runc executable thiab tau txais cov cai hauv paus ntawm tus tswv tsev sab;
Kom txhob raug hauv iOS no (CFPrefsDaemon), uas tso cai rau koj hla kev cais hom thiab ua tiav cov cai nrog cov cai hauv paus;
Kom txhob raug nyob rau hauv ib tsab ntawm Linux TCP pawg siv hauv Android, tso cai rau cov neeg siv hauv zos los txhawb lawv cov cai ntawm lub cuab yeej;
Vulnerabilities hauv systemd-journald, uas tso cai rau koj kom tau txais cov cai hauv paus;
Zoom ncua kev kho qhov teeb meem tseem ceeb yooj yim nyob rau hauv nws txoj kev sib tham thiab kho qhov teeb meem tsuas yog tom qab tshaj tawm rau pej xeem. Qhov tsis txaus ntseeg tau tso cai rau tus neeg tawm tsam sab nraud kom tau txais cov ntaub ntawv los ntawm lub vev xaib lub koob yees duab ntawm macOS cov neeg siv thaum qhib nplooj ntawv tsim tshwj xeeb hauv qhov browser (Zoom launched http server ntawm tus neeg siv sab uas tau txais cov lus txib los ntawm daim ntawv thov hauv zos).
Kev kho tsis raug rau ntau tshaj 10 xyoo teeb meem nrog OpenPGP cryptographic key servers, hais txog qhov tseeb tias cov cai sau ua lus OCaml tshwj xeeb thiab tseem tsis muaj tus tswj xyuas.