FAQs - Security Notification| Alibaba Cloud

Document Center

Cloud Firewall

Security Notification
Release notes
Product Introduction
Pricing
Quick Start
Overview
Firewall Settings
- Enable or disable Internet Firewall
- VPC Firewall
Traffic Analysis
Access control
Intrusion prevention
- Vulnerability prevention
- Intrusion prevention
Logs
- Log audit
- Log analysis
Toolbox
Business Visualization
- Create application groups and business groups
- Visualize application groups
Best Practices
FAQ
API Reference
General Reference

All Products

Search

Document Center
Cloud Firewall
Security Notification

This Product

This Product
All Products

Cloud Firewall

[Virtual patch] Unauthorized access vulnerabilities in Oracle WebLogic servers (CVE-2020-14882 and CVE- 2020-14883)
[Virtual patch] Authentication bypass vulnerability in Apache Shiro versions earlier than 1.6.0 (CVE-2020-13933)
[Virtual patch] Windows DNS server remote code execution vulnerability (CVE-2020-1350)
[Virtual patch] Apache Dubbo remote code execution vulnerability (CVE-2020-1948)
[Virtual patch] Remote code execution vulnerability (CVE-2020-0796) in Windows SMBv3
[Basic rule] Oracle Coherence remote code execution vulnerability (CVE-2020-2555)
[Virtual patch] Apache Tomcat AJP file read and inclusion vulnerability
[Threat intelligence] Apache Dubbo deserialization vulnerability (CVE-2019-17564)
[Virtual patch] Remote command execution vulnerability (CVE-2020-7799) in FusionAuth
[Basic rule] Remote code execution vulnerability in e-cology
[Virtual patch] Remote command execution vulnerability in Nexus Repository Manager 2.x (CVE-2019-5475)
[Threat intelligence] Remote code execution vulnerability (CVE-2019-0708) in Windows RDP
[Virtual Patches] Remote code execution vulnerability in Redis 4.0 and Redis 5.x
[Virtual Patches] Remote command execution vulnerability in Seeyon OA system
[Virtual Patches] Remote code execution vulnerability (CVE-2019-0708) in Windows RDP
[Virtual patch] WebLogic wls9-async deserialization remote command execution
[Threat notice] Unauthorized access to MongoDB
Confluence remote file reading vulnerability (CVE-2019-3396)
[Threat Intelligence] Attacks on Jenkins
[Virtual Patches] Remote code execution vulnerability in Nexus Repository Manager 3 (CVE-2019-7238)
[Basic Policies] Remote code execution vulnerability in Jenkins (CVE-2019-1003000)
[Virtual patch] User privilege escalation vulnerability in Kubernetes (CVE-2018-1002105)
[Basic rule] Remote code execution vulnerabilities in multiple versions of ThinkPHP 5.1 series and 5.2 series
[Basic rule] Remote code execution vulnerabilities in ThinkPHP versions earlier than 5.0.24
[Basic rule] Malicious file writing vulnerability of PostgreSQL
[Threat intelligence] Multiple botnets exploit the ThinkPHP v5 vulnerability
[Virtual patch] ThinkPHP 5.x remote command execution (getshell)
[Basic rule] Update of Bash reverse shell detection rules
[Basic rule] Update of mining pool communication detection rules
[Basic rule] PHPCMS 2008 code injection vulnerability (CVE-2018-19127)
[Virtual patch] WebLogic T3 deserialization vulnerability
[Threat intelligence] Redis unauthorized access vulnerability
[Basic rule] Remote command execution through Microsoft SQL Server xp_cmdshell
[Virtual patch] Nginx security issues cause servers' vulnerability to DoS attacks
[Threat intelligence] QBotVariant attack
[Threat intelligence] DDG mining botnet attack
[Basic rule] Malicious MySQL UDF execution
[Virtual patch] Arbitrary file upload vulnerability of WebLogic (CVE-2018-2894)
[Threat intelligence] REST API unauthorized access vulnerability of Hadoop YARN

Free Trial Free Trial