13 July 2021
?
09:25
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-31893 β€Ό

A vulnerability has been identified in SIMATIC PCS 7 V8.2 and earlier (All versions), SIMATIC PCS 7 V9.0 (All versions < V9.0 SP3), SIMATIC PDM (All versions < V9.2), SIMATIC STEP 7 V5.X (All versions < V5.6 SP2 HF3), SINAMICS STARTER (containing STEP 7 OEM version) (All versions < V5.4 HF2). The affected software contains a buffer overflow vulnerability while handling certain files that could allow a local attacker to trigger a denial-of-service condition or potentially lead to remote code execution.

πŸ“– Read

via "National Vulnerability Database".
09:25
β€Ό CVE-2021-34321 β€Ό

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The VisDraw.dll library in affected applications lacks proper validation of user-supplied data when parsing J2K files. This could result in an out of bounds read past the end of an allocated buffer. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-13414)

πŸ“– Read

via "National Vulnerability Database".
09:25
β€Ό CVE-2021-34306 β€Ό

A vulnerability has been identified in JT2Go (All versions < V13.2), Teamcenter Visualization (All versions < V13.2). The BMP_Loader.dll library in affected applications lacks proper validation of user-supplied data when parsing BMP files. This could result in a memory corruption condition. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13342)

πŸ“– Read

via "National Vulnerability Database".
?
09:52
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
πŸ•΄ Tool Sprawl & False Positives Hold Security Teams Back πŸ•΄

Security teams spend as much time addressing false positive alerts as they do addressing actual cyberattacks, survey data shows.

πŸ“– Read

via "Dark Reading".
?
10:07
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ SolarWinds Issues Hotfix for Zero-Day Flaw Under Active Attack ❌

Microsoft alerted the company to a security vulnerability in its Serv-U Managed File Transfer and Secure FTP products that a cyberattacker is using to target a β€œlimited” amount of customers.

πŸ“– Read

via "Threat Post".
?
11:01
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
🦿 When it comes to incident response, is your cyberinsurance carrier on your side? 🦿

Just as security leaders and pros are firming up their policies and strategies to secure hybrid work for the foreseeable futureβ€”they get hit with an all-out assault of ransomware attacks.

πŸ“– Read

via "Tech Republic".
?
11:19
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-36376 β€Ό

dandavison delta before 0.8.3 on Windows resolves an executable's pathname as a relative path from the current directory.

πŸ“– Read

via "National Vulnerability Database".
11:19
β€Ό CVE-2021-22440 β€Ό

There is a path traversal vulnerability in some Huawei products. The vulnerability is due to that the software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly validate the pathname. Successful exploit could allow the attacker to access a location that is outside of the restricted directory by a crafted filename. Affected product versions include:HUAWEI Mate 20 9.0.0.195(C01E195R2P1), 9.1.0.139(C00E133R3P1);HUAWEI Mate 20 Pro 9.0.0.187(C432E10R1P16), 9.0.0.188(C185E10R2P1), 9.0.0.245(C10E10R2P1), 9.0.0.266(C432E10R1P16), 9.0.0.267(C636E10R2P1), 9.0.0.268(C635E12R1P16), 9.0.0.278(C185E10R2P1); Hima-L29C 9.0.0.105(C10E9R1P16), 9.0.0.105(C185E9R1P16), 9.0.0.105(C636E9R1P16); Laya-AL00EP 9.1.0.139(C786E133R3P1); OxfordS-AN00A 10.1.0.223(C00E210R5P1); Tony-AL00B 9.1.0.257(C00E222R2P1).

πŸ“– Read

via "National Vulnerability Database".
11:22
πŸ•΄ The Trouble With Automated Cybersecurity Defenses πŸ•΄

While there's enormous promise in AI-powered tools and machine learning, they are very much a double-edged sword.

πŸ“– Read

via "Dark Reading".
?
11:38
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ New CISA Director Confirmed, White House Gains Cyber-Director ❌

Jen Easterly, former NSA official and Morgan Stanley vet, will take up the lead at CISA as the ransomware scourge rages on.

πŸ“– Read

via "Threat Post".
?
12:08
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ Is Remote Desktop Protocol Secure? It Can Be ❌

Matt Dunn, associate managing director in Kroll's Cyber Risk practice, discusses options for securing RDP, which differ significantly in terms of effectiveness.

πŸ“– Read

via "Threat Post".
12:22
πŸ•΄ Can Government Effectively Help Businesses Fight Cybercrime? πŸ•΄

From the Biden administration's pledge to take action to INTERPOL's focus on ransomware as a global threat, governments are looking to help businesses cope with cyberattacks. But can it really work?

πŸ“– Read

via "Dark Reading".
?
12:50
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
πŸ›  Global Socket 1.4.33 πŸ› 

Global Socket is a tool for moving data from here to there, securely, fast, and through NAT and firewalls. It uses the Global Socket Relay Network to connect TCP pipes, has end-to-end encryption (using OpenSSL's SRP / RFC-5054), AES-256 and key exchange using 4096-bit Prime, requires no PKI, has Perfect Forward Secrecy, and TOR support.

πŸ“– Read

via "Packet Storm Security".
12:53
⚠ Don’t get tricked by this crashtastic iPhone Wi-Fi hack! ⚠

Learn how the trick works so that you can avoid it in case someone thinks it's a joke to catch you out.

πŸ“– Read

via "Naked Security".
12:53
πŸ•΄ Enterprises Altering Their Supply Chain Defenses on Heels of Latest Breaches πŸ•΄

More than half of enterprises surveyed for Dark Reading's State of Malware Threats report indicate they are making at least a few changes to their supply chain security defenses following recent attacks on software vendors such as SolarWinds.

πŸ“– Read

via "Dark Reading".
?
13:19
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-36123 β€Ό

An issue was discovered in Echo ShareCare 8.15.5. The TextReader feature in General/TextReader/TextReader.cfm is susceptible to a local file inclusion vulnerability when processing remote input in the textFile parameter from an authenticated user, leading to the ability to read arbitrary files on the server filesystems as well any files accessible via Universal Naming Convention (UNC) paths.

πŸ“– Read

via "National Vulnerability Database".
13:19
β€Ό CVE-2020-22875 β€Ό

Integer overflow vulnerability in function Jsi_ObjSetLength in jsish before 3.0.6, allows remote attackers to execute arbitrary code.

πŸ“– Read

via "National Vulnerability Database".
?
14:08
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ β€˜Charming Kitten’ APT Siphons Intel From Mid-East Scholars ❌

Professors, journalists and think-tank personnel, beware strangers bearing webinars: It’s the focus of a particularly sophisticated, and chatty, phishing campaign.

πŸ“– Read

via "Threat Post".
14:22
πŸ•΄ Why We Need to Raise the Red Flag Against FragAttacks πŸ•΄

Proliferation of wireless devices increases the risk that corporate networks will be attacked with this newly discovered breed of Wi-Fi-based cyber assault.

πŸ“– Read

via "Dark Reading".
?
15:01
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
🦿 Bad actor offers up for sale data from 600 million LinkedIn members scraped from the site 🦿

Cyber News reports that this is the third time in four months that member information has shown up on a hacker forum.

πŸ“– Read

via "Tech Republic".
?
15:19
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-20362 β€Ό

IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 195033.

πŸ“– Read

via "National Vulnerability Database".
15:19
β€Ό CVE-2021-20366 β€Ό

IBM Cloud Pak for Applications 4.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 195037.

πŸ“– Read

via "National Vulnerability Database".
?
15:52
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
πŸ•΄ DoD-Validated Data Security Startup Emerges From Stealth πŸ•΄

The Code-X platform has been tested by the US Department of Defense and members of the intelligence community.

πŸ“– Read

via "Dark Reading".
?
16:08
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ Adobe Patches 11 Critical Bugs in Popular Acrobat PDF Reader ❌

Adobe July patch roundup includes fixes for its ubiquitous and free PDF reader Acrobat 2020 and other software such as Illustrator and Bridge.

πŸ“– Read

via "Threat Post".
?
17:08
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ Unpatched Critical RCE Bug Allows Industrial, Utility Takeovers ❌

The 'ModiPwn' bug lays open production lines, sensors, conveyor belts, elevators, HVACs and more that use Schneider Electric PLCs.

πŸ“– Read

via "Threat Post".
17:19
β€Ό CVE-2021-31217 β€Ό

In SolarWinds DameWare Mini Remote Control Server 12.0.1.200, insecure file permissions allow file deletion as SYSTEM.

πŸ“– Read

via "National Vulnerability Database".
17:19
β€Ό CVE-2021-36214 β€Ό

LINE client for iOS before 10.16.3 allows cross site script with specific header in WebView.

πŸ“– Read

via "National Vulnerability Database".
?
17:38
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ Guess Fashion Brand Deals With Data Loss After Ransomware Attack ❌

An attack on Guess compromised the personal and banking data of 1,300 victims.

πŸ“– Read

via "Threat Post".
?
18:08
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ Ransomware Giant REvil’s Sites Disappear ❌

Just days after President Biden demanded that Russian President Putin shut down ransomware groups, the servers of one of the biggest groups mysteriously went dark.

πŸ“– Read

via "Threat Post".
?
18:38
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ Microsoft Crushes 116 Bugs, Three Actively Exploited ❌

Microsoft tackles 12 critical bugs, part of its July 2021 Patch Tuesday roundup, capping a β€˜PrintNightmare’ month of headaches for system admins.

πŸ“– Read

via "Threat Post".
18:52
πŸ•΄ Microsoft Patches 3 Windows Zero-Days Amid 117 CVEs πŸ•΄

The July Patch Tuesday release also includes the out-of-band fix for the Windows Print Spooler remote code execution flaw under attack.

πŸ“– Read

via "Dark Reading".
?
19:19
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-32755 β€Ό

Wire is a collaboration platform. wire-ios-transport handles authentication of requests, network failures, and retries for the iOS implementation of Wire. In the 3.82 version of the iOS application, a new web socket implementation was introduced for users running iOS 13 or higher. This new websocket implementation is not configured to enforce certificate pinning when available. Certificate pinning for the new websocket is enforced in version 3.84 or above.

πŸ“– Read

via "National Vulnerability Database".
19:22
πŸ•΄ New Phishing Campaign Targets Individuals of Interest to Iran πŸ•΄

TA453 group spoofed two scholars at University of London to try and gain access to email inboxes belonging to journalists, think tank personnel, academics, and others, security vendor says.

πŸ“– Read

via "Dark Reading".
?
21:19
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2020-19721 β€Ό

A heap buffer overflow vulnerability in Ap4TrunAtom.cpp of Bento 1.5.1-628 may lead to an out-of-bounds write while running mp42aac, leading to system crashes and a denial of service (DOS).

πŸ“– Read

via "National Vulnerability Database".
21:19
β€Ό CVE-2020-19715 β€Ό

An integer overflow vulnerability in the getUShort function of Exiv2 0.27.1 results in segmentation faults within the application, leading to a denial of service (DOS).

πŸ“– Read

via "National Vulnerability Database".
14 July 2021
?
02:19
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-20781 β€Ό

Cross-site request forgery (CSRF) vulnerability in WordPress Meta Data Filter & Taxonomies Filter versions prior to v.1.2.8 and versions prior to v.2.2.8 allows remote attackers to hijack the authentication of administrators via unspecified vectors.

πŸ“– Read

via "National Vulnerability Database".
02:19
β€Ό CVE-2021-20782 β€Ό

Cross-site request forgery (CSRF) vulnerability in Software License Manager versions prior to 4.4.6 allows remote attackers to hijack the authentication of administrators via unspecified vectors.

πŸ“– Read

via "National Vulnerability Database".
?
07:20
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-36373 β€Ό

When reading a specially crafted TAR archive an Apache Ant build can be made to allocate large amounts of memory that finally leads to an out of memory error, even for small inputs. This can be used to disrupt builds using Apache Ant. Apache Ant prior to 1.9.16 and 1.10.11 were affected.

πŸ“– Read

via "National Vulnerability Database".
?
08:08
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ Windows Hello Bypass Fools Biometrics Safeguards in PCs ❌

A Windows security bug would allow an attacker to fool a USB camera used in the biometric facial-recognition aspect of the system.

πŸ“– Read

via "Threat Post".
?
09:20
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-25953 β€Ό

Prototype pollution vulnerability in 'putil-merge' versions1.0.0 through 3.6.6 allows attacker to cause a denial of service and may lead to remote code execution.

πŸ“– Read

via "National Vulnerability Database".
?
09:38
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ Updated Joker Malware Floods into Android Apps ❌

The Joker premium billing-fraud malware is back on Google Play in a fresh onslaught, with an updated bag of tricks to evade scanners.

πŸ“– Read

via "Threat Post".
?
11:10
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
πŸ” NYDFS Issues Ransomware Prevention Guidance for Financial Services Firms πŸ”

The NYDFS has issued guidance for financial services companies on how to reduce the risk of ransomware attacks - like having a capable endpoint threat detection and response (EDR) solution in place.

πŸ“– Read

via "".
11:20
β€Ό CVE-2021-33676 β€Ό

A missing authority check in SAP CRM, versions - 700, 701, 702, 712, 713, 714, could be leveraged by an attacker with high privileges to compromise confidentiality, integrity, or availability of the system.

πŸ“– Read

via "National Vulnerability Database".
11:20
β€Ό CVE-2021-33683 β€Ό

SAP Web Dispatcher and Internet Communication Manager (ICM), versions - KRNL32NUC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL32UC 7.21, 7.21EXT, 7.22, 7.22EXT, KRNL64NUC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, KRNL64UC 7.21, 7.21EXT, 7.22, 7.22EXT, 7.49, 7.53, 7.73, WEBDISP 7.53, 7.73, 7.77, 7.81, 7.82, 7.83, KERNEL 7.21, 7.22, 7.49, 7.53, 7.73, 7.77, 7.81, 7.82, 7.83, process invalid HTTP header. The incorrect handling of the invalid Transfer-Encoding header in a particular manner leads to a possibility of HTTP Request Smuggling attack. An attacker could exploit this vulnerability to bypass web application firewall protection, divert sensitive data such as customer requests, session credentials, etc.

πŸ“– Read

via "National Vulnerability Database".
11:28
πŸ•΄ 4 Integrated Circuit Security Threats and How to Protect Against Them πŸ•΄

Little-understood threats involving the IC supply chain are putting organizations around the world at risk.

πŸ“– Read

via "Dark Reading".
11:32
🦿 These states saw the most hacks in 2020 🦿

A report uses FBI data to parse out state-by-state hacking data by the number of victims and total financial losses for every 100,000 residents.

πŸ“– Read

via "Tech Republic".
?
12:51
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
πŸ›  UFONet 1.7 πŸ› 

UFONet abuses OSI Layer 7-HTTP to create/manage 'zombies' and to conduct different attacks using GET/POST, multi-threading, proxies, origin spoofing methods, cache evasion techniques, etc.

πŸ“– Read

via "Packet Storm Security".
13:02
🦿 Personal data compromises up 38%, according to new cybersecurity report 🦿

The report parses out data by industry. Overall, healthcare topped the list, followed by financial services and manufacturing and utilities.

πŸ“– Read

via "Tech Republic".
?
13:22
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
⚠ Home delivery scams get smarter – don’t get caught out ⚠

We've said it before, and we'll say it again: don't be in too much of a hurry for those home deliveries you're expecting!

πŸ“– Read

via "Naked Security".
13:25
β€Ό CVE-2021-33211 β€Ό

A Directory Traversal vulnerability in the Unzip feature in Elements-IT HTTP Commander 5.3.3 allows remote authenticated users to write files to arbitrary directories via relative paths in ZIP archives.

πŸ“– Read

via "National Vulnerability Database".
13:25
β€Ό CVE-2021-22781 β€Ό

Insufficiently Protected Credentials vulnerability exists in EcoStruxure Control Expert (all versions prior to V15.0 SP1, including all versions of Unity Pro), EcoStruxure Process Expert (all versions, including all versions of EcoStruxure Hybrid DCS), and SCADAPack RemoteConnect for x70, all versions, that could cause a leak of SMTP credential used for mailbox authentication when an attacker can access a project file.

πŸ“– Read

via "National Vulnerability Database".
13:28
πŸ•΄ 10 Mistakes Companies Make In Their Ransomware Responses πŸ•΄

Hit by ransomware? These missteps can take a bad scenario and make it even worse.

πŸ“– Read

via "Dark Reading".
13:38
❌ Trickbot Malware Rebounds with Virtual-Desktop Espionage Module ❌

The attackers have spruced up the 'vncDll' module used for spying on targets and stealing data.

πŸ“– Read

via "Threat Post".
?
14:02
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
🦿 IoT projects demand new skills from IT project managers 🦿

If you think regular IT project managers can run IoT projects, you might be miscalculating. Here's why.

πŸ“– Read

via "Tech Republic".
14:08
❌ Linux-Focused Cryptojacking Gang Tracked to Romania ❌

The gang is using a new brute-forcer – β€œDiicot brute” – to crack passwords on Linux-based machines with weak passwords.

πŸ“– Read

via "Threat Post".
?
14:28
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
πŸ•΄ Did the Cybersecurity Workforce Gap Distract Us From the Leak? πŸ•΄

Cyber games can play a critical role in re-engaging our workforce and addressing the employee retention crisis.

πŸ“– Read

via "Dark Reading".
?
15:25
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2020-29147 β€Ό

A SQL injection vulnerability in wy_controlls/wy_side_visitor.php of Wayang-CMS v1.0 allows attackers to obtain sensitive database information.

πŸ“– Read

via "National Vulnerability Database".
15:25
β€Ό CVE-2021-36740 β€Ό

Varnish Cache, with HTTP/2 enabled, allows request smuggling and VCL authorization bypass via a large Content-Length header for a POST request. This affects Varnish Enterprise 6.0.x before 6.0.8r3, and Varnish Cache 5.x and 6.x before 6.5.2, 6.6.x before 6.6.1, and 6.0 LTS before 6.0.8.

πŸ“– Read

via "National Vulnerability Database".
?
16:38
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ Cryptominer Farm Rigged with 3,800 PS4s Busted in Ukraine ❌

Ukrainian cops seize PlayStation 4 consoles, graphics cards, processors and more in cryptomining sting involving alleged electricity theft.

πŸ“– Read

via "Threat Post".
?
17:02
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
🦿 Kaspersky: LuminousMoth spearphishing campaign hit 1,500 targets in Asia 🦿

Security researchers think HoneyMyte is behind the advanced persistent threat that has mostly targeted government entities.

πŸ“– Read

via "Tech Republic".
?
17:25
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-34514 β€Ό

Windows Kernel Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-31979, CVE-2021-33771.

πŸ“– Read

via "National Vulnerability Database".
17:25
β€Ό CVE-2021-33746 β€Ό

Windows DNS Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-33754, CVE-2021-33780, CVE-2021-34494, CVE-2021-34525.

πŸ“– Read

via "National Vulnerability Database".
17:25
β€Ό CVE-2021-34490 β€Ό

Windows TCP/IP Driver Denial of Service Vulnerability This CVE ID is unique from CVE-2021-31183, CVE-2021-33772.

πŸ“– Read

via "National Vulnerability Database".
17:31
β€Ό CVE-2021-34473 β€Ό

Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31196, CVE-2021-31206.

πŸ“– Read

via "National Vulnerability Database".
17:31
β€Ό CVE-2021-33774 β€Ό

Windows Event Tracing Elevation of Privilege Vulnerability

πŸ“– Read

via "National Vulnerability Database".
17:31
β€Ό CVE-2021-33768 β€Ό

Microsoft Exchange Server Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-34470, CVE-2021-34523.

πŸ“– Read

via "National Vulnerability Database".
17:37
β€Ό CVE-2021-33778 β€Ό

HEVC Video Extensions Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31947, CVE-2021-33775, CVE-2021-33776, CVE-2021-33777.

πŸ“– Read

via "National Vulnerability Database".
?
17:58
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
πŸ•΄ Targeted Attack Activity Heightens Need for Orgs. to Patch New SolarWinds Flaw πŸ•΄

A China-based threat actor -- previously observed targeting US defense industrial base organizations and software companies -- is exploiting the bug in SolarWinds' Serv-U software, Microsoft says.

πŸ“– Read

via "Dark Reading".
?
18:28
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
πŸ•΄ Google to Bring HTTPS-First Mode to Chrome Browser πŸ•΄

Beginning in M94, Chrome will offer HTTPS-First Mode, which will attempt to upgrade all page loads to HTTPS.

πŸ“– Read

via "Dark Reading".
18:32
🦿 Tokyo 2020 Olympics must be extra secure to avoid cyberattacks and ransomware 🦿

Any big event is likely to attract bad actors. Keeping the games safe from attack is a huge undertaking for event planners.

πŸ“– Read

via "Tech Republic".
18:32
🦿 Tokyo 2020 Olympics must be extra secure to avoid cyberattacks and ransomware 🦿

Any big event is likely to attract bad actors. Keeping the games safe from attack is a huge undertaking for event planners.

πŸ“– Read

via "Tech Republic".
?
18:58
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
πŸ•΄ SonicWall: 'Imminent' Ransomware Attack Targets Older Products πŸ•΄

The attack exploits a known vulnerability that was fixed in new versions of firmware released this year.

πŸ“– Read

via "Dark Reading".
?
19:25
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2020-29157 β€Ό

An issue in RAONWIZ K Editor v2018.0.0.10 allows attackers to perform a DLL hijacking attack when the service or system is restarted.

πŸ“– Read

via "National Vulnerability Database".
19:25
β€Ό CVE-2021-22867 β€Ό

A path traversal vulnerability was identified in GitHub Enterprise Server that could be exploited when building a GitHub Pages site. User-controlled configuration options used by GitHub Pages were not sufficiently restricted and made it possible to read files on the GitHub Enterprise Server instance. To exploit this vulnerability, an attacker would need permission to create and build a GitHub Pages site on the GitHub Enterprise Server instance. This vulnerability affected all versions of GitHub Enterprise Server prior to 3.1.3 and was fixed in 3.1.3, 3.0.11, and 2.22.17. This vulnerability was reported via the GitHub Bug Bounty program.

πŸ“– Read

via "National Vulnerability Database".
?
21:25
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2020-24133 β€Ό

A heap buffer overflow vulnerability in the r_asm_swf_disass function of Radare2-extras before commit e74a93c allows attackers to execute arbitrary code or carry out denial of service (DOS) attacks.

πŸ“– Read

via "National Vulnerability Database".
15 July 2021
?
02:25
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2020-36420 β€Ό

** UNSUPPORTED WHEN ASSIGNED ** Polipo through 1.1.1 allows denial of service via a reachable assertion during parsing of a malformed Range header. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

πŸ“– Read

via "National Vulnerability Database".
?
07:25
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-25318 β€Ό

A Incorrect Permission Assignment for Critical Resource vulnerability in Rancher allows users in the cluster to modify resources they should not have access to. This issue affects: Rancher versions prior to 2.5.9 ; Rancher versions prior to 2.4.16.

πŸ“– Read

via "National Vulnerability Database".
07:25
β€Ό CVE-2021-25320 β€Ό

A Improper Access Control vulnerability in Rancher, allows users in the cluster to make request to cloud providers by creating requests with the cloud-credential ID. Rancher in this case would attach the requested credentials without further checks This issue affects: Rancher versions prior to 2.5.9; Rancher versions prior to 2.4.16.

πŸ“– Read

via "National Vulnerability Database".
?
08:09
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ Safari Zero-Day Used in Malicious LinkedIn Campaign ❌

Researchers shed light on how attackers exploited Apple web browser vulnerabilities to target government officials in Western Europe.

πŸ“– Read

via "Threat Post".
?
09:26
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-33505 β€Ό

Falco through 0.28.1 has a Time-of-check Time-of-use (TOCTOU) Race Condition. Issue is fixed in Falco versions >= 0.29.1.

πŸ“– Read

via "National Vulnerability Database".
?
11:03
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
🦿 Ransomware attackers are growing bolder and using new extortion methods 🦿

IT and OT environments are increasing targets and threat actors are using Dark Web forums to launch cybercrimes, according to Accenture's 2021 Cyber Threat Intelligence report.

πŸ“– Read

via "Tech Republic".
?
11:23
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
πŸ›  Wireshark Analyzer 3.4.7 πŸ› 

Wireshark is a GTK+-based network protocol analyzer that lets you capture and interactively browse the contents of network frames. The goal of the project is to create a commercial-quality analyzer for Unix and Win32 and to give Wireshark features that are missing from closed-source sniffers. This is the source code release.

πŸ“– Read

via "Packet Storm Security".
11:29
πŸ•΄ What to Look for in an Effective Threat Hunter πŸ•΄

The most important personality traits, skills, and certifications to look for when hiring a threat hunting team.

πŸ“– Read

via "Dark Reading".
?
13:09
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ SonicWall Warns Firewall Hardware Bugs Under Attack ❌

SonicWall issued an urgent security alert warning customers that some of its current and legacy firewall appliances were under active attack.

πŸ“– Read

via "Threat Post".
13:22
πŸ” An Interview with Adam Burns, Manager of Cybersecurity Analysts at Digital Guardian Part I πŸ”

In part one of our Q&A with Adam Burns, we discuss his background in security, ransomware in the news, and what traits make for a successful analyst.

πŸ“– Read

via "".
13:26
β€Ό CVE-2020-12731 β€Ό

The MagicMotion Flamingo 2 application for Android stores data on an sdcard under com.vt.magicmotion/files/Pictures, whence it can be read by other applications.

πŸ“– Read

via "National Vulnerability Database".
13:26
β€Ό CVE-2020-25593 β€Ό

Acronis True Image through 2021 on macOS allows local privilege escalation from admin to root due to insecure folder permissions.

πŸ“– Read

via "National Vulnerability Database".
13:26
β€Ό CVE-2021-34691 β€Ό

iDrive RemotePC before 4.0.1 on Linux allows denial of service. A remote and unauthenticated attacker can disconnect a valid user session by connecting to an ephemeral port.

πŸ“– Read

via "National Vulnerability Database".
?
14:03
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
🦿 How to add the mic and camera killswitches in Android 12 🦿

Android 12 adds killswitches for both the mic and camera. Jack Wallen shows you how to add them and use them.

πŸ“– Read

via "Tech Republic".
?
14:23
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
⚠ The Code Red worm 20 years on – what have we learned? ⚠

"It was 20 years ago today..." that we learned a few lessons that are well worth revisiting!

πŸ“– Read

via "Naked Security".
14:29
πŸ•΄ How to Bridge On-Premises and Cloud Identity πŸ•΄

Identity fabric, a cloud-native framework, removes the need for multiple, siloed, proprietary identity systems.

πŸ“– Read

via "Dark Reading".
?
15:26
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-34429 β€Ό

For Eclipse Jetty versions 9.4.37-9.4.42, 10.0.1-10.0.5 & 11.0.1-11.0.5, URIs can be crafted using some encoded characters to access the content of the WEB-INF directory and/or bypass some security constraints. This is a variation of the vulnerability reported in CVE-2021-28164/GHSA-v7ff-8wcx-gmc5.

πŸ“– Read

via "National Vulnerability Database".
15:26
β€Ό CVE-2021-21586 β€Ό

Wyse Management Suite versions 3.2 and earlier contain an absolute path traversal vulnerability. A remote authenticated malicious user could exploit this vulnerability in order to read arbitrary files on the system.

πŸ“– Read

via "National Vulnerability Database".
15:27
β€Ό CVE-2021-3042 β€Ό

A local privilege escalation (PE) vulnerability exists in the Palo Alto Networks Cortex XDR agent on Windows platforms that enables an authenticated local Windows user to execute programs with SYSTEM privileges. Exploiting this vulnerability requires the user to have file creation privilege in the Windows root directory (such as C:\). This issue impacts: All versions of Cortex XDR agent 6.1 without content update 181 or a later version; All versions of Cortex XDR agent 7.2 without content update 181 or a later version; All versions of Cortex XDR agent 7.3 without content update 181 or a later version. Cortex XDR agent 5.0 versions are not impacted by this issue. Content updates are required to resolve this issue and are automatically applied for the agent.

πŸ“– Read

via "National Vulnerability Database".
?
16:59
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
πŸ•΄ IoT-Specific Malware Infections Jumped 700% Amid Pandemic πŸ•΄

Gafgyt and Mirai malware represented majority of IoT malware, new data from Zscaler shows.

πŸ“– Read

via "Dark Reading".
17:03
🦿 Cisco Talos researchers find crypto mining detections have doubled in the last year 🦿

Security experts recommend looking for increased activity from illicit mining on corporate networks when cryptocurrency prices go up.

πŸ“– Read

via "Tech Republic".
?
17:27
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-34830 β€Ό

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of D-Link DAP-1330 1.13B01 BETA routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the handling of the Cookie HTTP header. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of the device. Was ZDI-CAN-12028.

πŸ“– Read

via "National Vulnerability Database".
17:27
β€Ό CVE-2021-20496 β€Ό

IBM Security Verify Access Docker 10.0.0 could allow an authenticated user to bypass input due to improper input validation. IBM X-Force ID: 197966.

πŸ“– Read

via "National Vulnerability Database".
17:30
πŸ•΄ CISA Launches New Website to Aid Ransomware Defenders πŸ•΄

StopRansomware.gov provides information to help organizations protect against, and respond to, ransomware attacks.

πŸ“– Read

via "Dark Reading".
17:30
πŸ•΄ Microsoft: Israeli Firm's Tools Used to Target Activists, Dissidents πŸ•΄

Candiru sold spyware that exploited Windows vulnerabilities and had been used in attacks against dissidents, activists, and journalists.

πŸ“– Read

via "Dark Reading".
?
18:09
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ Zero-Day Attacks on Critical WooCommerce Bug Threaten Databases ❌

The popular e-commerce platform for WordPress has started deploying emergency patches.

πŸ“– Read

via "Threat Post".
?
18:29
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
πŸ•΄ State Dept. to Pay Up to $10M for Information on Foreign Cyberattacks πŸ•΄

The Rewards for Justice program, a counterterrorism tool, is now aimed at collecting information on nation-states that use hackers to disrupt critical infrastructure.

πŸ“– Read

via "Dark Reading".
?
19:27
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-32764 β€Ό

Discourse is an open-source discussion platform. In Discourse versions 2.7.5 and prior, parsing and rendering of YouTube Oneboxes can be susceptible to XSS attacks. This vulnerability only affects sites which have modified or disabled Discourse's default Content Security Policy. The issue is patched in `stable` version 2.7.6, `beta` version 2.8.0.beta3, and `tests-passed` version 2.8.0.beta3. As a workaround, ensure that the Content Security Policy is enabled, and has not been modified in a way which would make it more vulnerable to XSS attacks.

πŸ“– Read

via "National Vulnerability Database".
19:27
β€Ό CVE-2021-0293 β€Ό

A vulnerability in Juniper Networks Junos OS caused by Missing Release of Memory after Effective Lifetime leads to a memory leak each time the CLI command 'show system connections extensive' is executed. The amount of memory leaked on each execution depends on the number of TCP connections from and to the system. Repeated execution will cause more memory to leak and eventually daemons that need to allocate additionally memory and ultimately the kernel to crash, which will result in traffic loss. Continued execution of this command will cause a sustained Denial of Service (DoS) condition. An administrator can use the following CLI command to monitor for increase in memory consumption of the netstat process, if it exists: user@junos> show system processes extensive | match "username|netstat" PID USERNAME PRI NICE SIZE RES STATE C TIME WCPU COMMAND 21181 root 100 0 5458M 4913M CPU3 2 0:59 97.27% netstat The following log message might be observed if this issue happens: kernel: %KERN-3: pid 21181 (netstat), uid 0, was killed: out of swap space This issue affects Juniper Networks Junos OS 18.2 versions prior to 18.2R2-S8, 18.2R3-S7. 18.3 versions prior to 18.3R3-S4; 18.4 versions prior to 18.4R1-S8, 18.4R2-S6, 18.4R3-S7; 19.1 versions prior to 19.1R1-S6, 19.1R2-S2, 19.1R3-S4; 19.2 versions prior to 19.2R1-S6, 19.2R3-S2; 19.3 versions prior to 19.3R2-S6, 19.3R3-S1; 19.4 versions prior to 19.4R1-S4, 19.4R2-S3, 19.4R3-S1; 20.1 versions prior to 20.1R2; 20.2 versions prior to 20.2R2-S1, 20.2R3; 20.3 versions prior to 20.3R1-S1, 20.3R2; This issue does not affect Juniper Networks Junos OS versions prior to 18.2R1.

πŸ“– Read

via "National Vulnerability Database".
19:27
β€Ό CVE-2021-0287 β€Ό

In a Segment Routing ISIS (SR-ISIS)/MPLS environment, on Juniper Networks Junos OS and Junos OS Evolved devices, configured with ISIS Flexible Algorithm for Segment Routing and sensor-based statistics, a flap of a ISIS link in the network, can lead to a routing process daemon (RPD) crash and restart, causing a Denial of Service (DoS). Continued link flaps will create a sustained Denial of Service (DoS) condition. This issue affects: Juniper Networks Junos OS: 19.4 versions prior to 19.4R1-S4, 19.4R3-S2; 20.1 versions prior to 20.1R2-S1, 20.1R3; 20.2 versions prior to 20.2R2-S2, 20.2R3; 20.3 versions prior to 20.3R2; Juniper Networks Junos OS Evolved: 20.3-EVO versions prior to 20.3R2-EVO; 20.4-EVO versions prior to 20.4R2-EVO. This issue does not affect: Juniper Networks Junos OS releases prior to 19.4R1. Juniper Networks Junos OS Evolved releases prior to 19.4R1-EVO.

πŸ“– Read

via "National Vulnerability Database".
19:27
β€Ό CVE-2021-36753 β€Ό

sharkdp BAT before 0.18.2 executes less.exe from the current working directory.

πŸ“– Read

via "National Vulnerability Database".
?
19:59
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
πŸ•΄ Attackers Exploited 4 Zero-Day Flaws in Chrome, Safari & IE πŸ•΄

At least two government-backed actors -- including one Russian group -- used the now-patched flaws in separate campaigns, Google says.

πŸ“– Read

via "Dark Reading".
?
21:27
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2020-23707 β€Ό

A heap-based buffer overflow vulnerability in the function ok_jpg_decode_block_progressive() at ok_jpg.c:1054 of ok-file-formats through 2020-06-26 allows attackers to cause a Denial of Service (DOS) via a crafted jpeg file.

πŸ“– Read

via "National Vulnerability Database".
21:27
β€Ό CVE-2020-23705 β€Ό

A global buffer overflow vulnerability in jfif_encode at jfif.c:701 of ffjpeg through 2020-06-22 allows attackers to cause a Denial of Service (DOS) via a crafted jpeg file.

πŸ“– Read

via "National Vulnerability Database".
16 July 2021
?
02:27
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-36758 β€Ό

1Password Connect server before 1.2 is missing validation checks, permitting users to create Secrets Automation access tokens that can be used to perform privilege escalation. Malicious users authorized to create Secrets Automation access tokens can create tokens that have access beyond what the user is authorized to access, but limited to the existing authorizations of the Secret Automation the token is created in.

πŸ“– Read

via "National Vulnerability Database".
?
09:10
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ Microsoft: New Unpatched Bug in Windows Print Spooler            ❌

Another vulnerability separate from PrintNightmare allows for local elevation of privilege and system takeover.

πŸ“– Read

via "Threat Post".
?
09:27
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-21802 β€Ό

This vulnerability is present in device_graph_page.php script, which is a part of the Advantech R-SeeNet web applications. A specially crafted URL by an attacker and visited by a victim can lead to arbitrary JavaScript code execution.

πŸ“– Read

via "National Vulnerability Database".
09:27
β€Ό CVE-2021-21818 β€Ό

A hard-coded password vulnerability exists in the Zebra IP Routing Manager functionality of D-LINK DIR-3040 1.13B03. A specially crafted network request can lead to a denial of service. An attacker can send a sequence of requests to trigger this vulnerability.

πŸ“– Read

via "National Vulnerability Database".
09:27
β€Ό CVE-2021-21820 β€Ό

A hard-coded password vulnerability exists in the Libcli Test Environment functionality of D-LINK DIR-3040 1.13B03. A specially crafted network request can lead to code execution. An attacker can send a sequence of requests to trigger this vulnerability.

πŸ“– Read

via "National Vulnerability Database".
09:28
β€Ό CVE-2021-21801 β€Ό

This vulnerability is present in device_graph_page.php script, which is a part of the Advantech R-SeeNet web applications. A specially crafted URL by an attacker and visited by a victim can lead to arbitrary JavaScript code execution.

πŸ“– Read

via "National Vulnerability Database".
?
11:00
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
πŸ•΄ How to Attract More Computer Science Grads to the Cybersecurity Field πŸ•΄

With 465,000 cybersecurity job openings in the United States, why is recruiting so difficult? A recent college graduate offers his take.

πŸ“– Read

via "Dark Reading".
?
11:28
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-1422 β€Ό

A vulnerability in the software cryptography module of Cisco Adaptive Security Appliance (ASA) Software and Cisco Firepower Threat Defense (FTD) Software could allow an authenticated, remote attacker or an unauthenticated attacker in a man-in-the-middle position to cause an unexpected reload of the device that results in a denial of service (DoS) condition. The vulnerability is due to a logic error in how the software cryptography module handles specific types of decryption errors. An attacker could exploit this vulnerability by sending malicious packets over an established IPsec connection. A successful exploit could cause the device to crash, forcing it to reload. Important: Successful exploitation of this vulnerability would not cause a compromise of any encrypted data. Note: This vulnerability affects only Cisco ASA Software Release 9.16.1 and Cisco FTD Software Release 7.0.0.

πŸ“– Read

via "National Vulnerability Database".
11:28
β€Ό CVE-2021-28114 β€Ό

Froala WYSIWYG Editor 3.2.6-1 is affected by XSS due to a namespace confusion during parsing.

πŸ“– Read

via "National Vulnerability Database".
11:31
πŸ•΄ 4 Future Integrated Circuit Threats to Watch πŸ•΄

Threats to the supply chains for ICs and other computer components are poised to wreak even more havoc on organizations.

πŸ“– Read

via "Dark Reading".
11:44
πŸ” Friday Five 7/16 πŸ”

iOS zero days, the state of U.S. chipmaking, and the disruption of a phishing ring - catch up on all of the week's infosec news with the Friday Five!

πŸ“– Read

via "".
?
12:23
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
⚠ Want to earn $10 million? Snitch on a cybercrook! ⚠

Will going after the big guns help to discourage and disrupt the rest of the cybercrime ecosystem? Have your say...

πŸ“– Read

via "Naked Security".
?
13:10
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ Windows 0-Days Used Against Dissidents in Israeli Broker’s Spyware ❌

Candiru, aka Sourgum, allegedly sells the DevilsTongue surveillance malware to governments around the world.

πŸ“– Read

via "Threat Post".
13:23
⚠ More PrintNightmare: β€œWe TOLD you not to turn the Print Spooler back on!” ⚠

The PrintNightmare continues. So does our advice, even though it stops your printer working.

πŸ“– Read

via "Naked Security".
13:28
β€Ό CVE-2021-3649 β€Ό

chatwoot is vulnerable to Inefficient Regular Expression Complexity

πŸ“– Read

via "National Vulnerability Database".
13:28
β€Ό CVE-2021-28054 β€Ό

An issue was discovered in Centreon-Web in Centreon Platform 20.10.0. A Stored Cross-Site Scripting (XSS) issue in "Configuration > Hosts" allows remote authenticated users to inject arbitrary web script or HTML via the Alias parameter.

πŸ“– Read

via "National Vulnerability Database".
?
14:40
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ Critical Juniper Bug Allows DoS, RCE Against Carrier Networks ❌

Telecom providers, including wireless carriers, are at risk of disruption of network service if the bug in SBR Carrier is exploited.

πŸ“– Read

via "Threat Post".
?
15:28
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2020-4821 β€Ό

IBM InfoSphere Data Replication 11.4 and IBM InfoSphere Change Data Capture for z/OS 10.2.1, under certain configurations, could allow a user to bypass authentication mechanisms using an empty password string. IBM X-Force ID: 189834

πŸ“– Read

via "National Vulnerability Database".
15:28
β€Ό CVE-2020-4980 β€Ό

IBM QRadar SIEM 7.3 and 7.4 uses less secure methods for protecting data in transit between hosts when encrypt host connections is not enabled as well as data at rest. IBM X-Force ID: 192539.

πŸ“– Read

via "National Vulnerability Database".
15:31
πŸ•΄ Recent Attacks Lead to Renewed Calls for Banning Ransom Payments πŸ•΄

While attackers in protected jurisdictions continue to get massive sums for continuing to breach organizations, the ransomware threat will only continue to grow.

πŸ“– Read

via "Dark Reading".
?
17:03
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
🦿 The number of false positive security alerts is staggering. Here's what you can do to reduce yours 🦿

Nearly half of all cybersecurity alerts are false positives, and 75% of companies spend an equal amount of time, or more, on them than on actual attacks, a Fastly/ESG report reveals.

πŸ“– Read

via "Tech Republic".
?
17:28
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-32769 β€Ό

Micronaut is a JVM-based, full stack Java framework designed for building JVM applications. A path traversal vulnerability exists in versions prior to 2.5.9. With a basic configuration, it is possible to access any file from a filesystem, using "/../../" in the URL. This occurs because Micronaut does not restrict file access to configured paths. The vulnerability is patched in version 2.5.9. As a workaround, do not use `**` in mapping, use only `*`, which exposes only flat structure of a directory not allowing traversal. If using Linux, another workaround is to run micronaut in chroot.

πŸ“– Read

via "National Vulnerability Database".
?
18:00
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
πŸ•΄ Researchers Create New Approach to Detect Brand Impersonation πŸ•΄

A team of Microsoft researchers developed and trained a Siamese Neural Network to detect brand impersonation attacks.

πŸ“– Read

via "Dark Reading".
18:10
❌ Top CVEs Trending with Cybercriminals ❌

An analysis of criminal forums reveal what publicly known vulnerabilities attackers are most interested in.

πŸ“– Read

via "Threat Post".
?
18:33
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
🦿 Kaseya attack: "Yes, we can do something about this, and we should do something about this" 🦿

The Kaseya attack is especially unique because it didn't begin with a password breach, and the companies were following cybersecurity best practices. So, how can we protect against this threat?

πŸ“– Read

via "Tech Republic".
18:40
❌ Linux Variant of HelloKitty Ransomware Targets VMware ESXi Servers ❌

HelloKitty joins the growing list of ransomware bigwigs going after the juicy target of VMware ESXi, where one hit gets scads of VMs.

πŸ“– Read

via "Threat Post".
?
19:28
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-34447 β€Ό

Windows MSHTML Platform Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-34497.

πŸ“– Read

via "National Vulnerability Database".
19:28
β€Ό CVE-2021-34464 β€Ό

Microsoft Defender Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-34522.

πŸ“– Read

via "National Vulnerability Database".
19:28
β€Ό CVE-2021-34459 β€Ό

Windows AppContainer Elevation Of Privilege Vulnerability

πŸ“– Read

via "National Vulnerability Database".
?
21:28
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2019-3752 β€Ό

Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2 and 19.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1, 2.2, 2.3 and 2.4. contain an XML External Entity(XXE) Injection vulnerability. A remote unauthenticated malicious user could potentially exploit this vulnerability to cause Denial of Service or information exposure by supplying specially crafted document type definitions (DTDs) in an XML request.

πŸ“– Read

via "National Vulnerability Database".
17 July 2021
?
02:28
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-36769 β€Ό

A reordering issue exists in Telegram before 7.8.1 for Android, Telegram before 7.8.3 for iOS, and Telegram Desktop before 2.8.8. An attacker can cause the server to receive messages in a different order than they were sent a client.

πŸ“– Read

via "National Vulnerability Database".
?
17:29
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-36213 β€Ό

In HashiCorp Consul before 1.10.1 (and Consul Enterprise), xds can generate a situation where a single L7 deny intention (with a default deny policy) results in an allow action.

πŸ“– Read

via "National Vulnerability Database".
17:29
β€Ό CVE-2021-32574 β€Ό

HashiCorp Consul before 1.10.1 (and Consul Enterprise) has Missing SSL Certificate Validation. xds does not ensure that the Subject Alternative Name of an upstream is validated.

πŸ“– Read

via "National Vulnerability Database".
18 July 2021
?
02:30
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-36773 β€Ό

uBlock Origin before 1.36.2 and nMatrix before 4.4.9 support an arbitrary depth of parameter nesting for strict blocking, which allows crafted web sites to cause a denial of service (unbounded recursion that can trigger memory consumption and a loss of all blocking functionality).

πŸ“– Read

via "National Vulnerability Database".
?
21:24
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
⚠ S3 Ep41: Crashing iPhones, PrintNightmares, and Code Red memories [Podcast] ⚠

Latest episode - listen now!

πŸ“– Read

via "Naked Security".
19 July 2021
?
07:32
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-33592 β€Ό

NAVER Toolbar before 4.0.30.323 allows remote attackers to execute arbitrary code via a crafted upgrade.xml file. Special characters in filename parameter can be the cause of bypassing code signing check function.

πŸ“– Read

via "National Vulnerability Database".
?
09:32
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-24453 β€Ό

The Include Me WordPress plugin through 1.2.1 is vulnerable to path traversal / local file inclusion, which can lead to Remote Code Execution (RCE) of the system due to log poisoning and therefore potentially a full compromise of the underlying structure

πŸ“– Read

via "National Vulnerability Database".
09:32
β€Ό CVE-2021-24452 β€Ό

The W3 Total Cache WordPress plugin before 2.1.5 was affected by a reflected Cross-Site Scripting (XSS) issue within the "extension" parameter in the Extensions dashboard, when the 'Anonymously track usage to improve product quality' setting is enabled, as the parameter is output in a JavaScript context without proper escaping. This could allow an attacker, who can convince an authenticated admin into clicking a link, to run malicious JavaScript within the user's web browser, which could lead to full site compromise.

πŸ“– Read

via "National Vulnerability Database".
?
11:03
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
πŸ•΄ Breaking Down the Threat of Going All-In With Microsoft Security πŸ•΄

Limit risk by dividing responsibility for infrastructure, tools, and security.

πŸ“– Read

via "Dark Reading".
11:03
πŸ•΄ 7 Ways AI and ML Are Helping and Hurting Cybersecurity πŸ•΄

In the right hands, artificial intelligence and machine learning can enrich our cyber defenses. In the wrong hands, they can create significant harm.

πŸ“– Read

via "Dark Reading".
?
11:32
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-35967 β€Ό

The directory page parameter of the Orca HCM digital learning platform does not filter special characters. Remote attackers can access the system directory thru Path Traversal without logging in.

πŸ“– Read

via "National Vulnerability Database".
11:32
β€Ό CVE-2021-33501 β€Ό

Overwolf Client 0.169.0.22 allows XSS, with resultant Remote Code Execution, via an overwolfstore:// URL.

πŸ“– Read

via "National Vulnerability Database".
11:32
β€Ό CVE-2021-31216 β€Ό

Siren Investigate before 11.1.1 contains a server side request forgery (SSRF) defect in the built-in image proxy route (which is enabled by default). An attacker with access to the Investigate installation can specify an arbitrary URL in the parameters of the image proxy route and fetch external URLs as the Investigate process on the host.

πŸ“– Read

via "National Vulnerability Database".
?
12:56
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
πŸ›  American Fuzzy Lop plus plus 3.14c πŸ› 

Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc.

πŸ“– Read

via "Packet Storm Security".
12:56
πŸ›  Hashcat Advanced Password Recovery 6.2.3 Source Code πŸ› 

Hashcat is an advanced GPU hash cracking utility that includes the World's fastest md5crypt, phpass, mscash2 and WPA / WPA2 cracker. It also has the first and only GPGPU-based rule engine, focuses on highly iterated modern hashes, single dictionary-based attacks, and more. This is the source code release.

πŸ“– Read

via "Packet Storm Security".
?
13:12
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ Leaked NSO Group Data Hints at Widespread Pegasus Spyware Infections ❌

The secretive Israeli firm was allegedly storing 50,000+ mobile phone numbers for activists, journalists, business executives and politicians -- possible targets of iPhone and Android hacking.

πŸ“– Read

via "Threat Post".
?
13:32
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-34817 β€Ό

A Cross-Site Scripting (XSS) issue in the chat component of Etherpad 1.8.13 allows remote attackers to inject arbitrary JavaScript or HTML by importing a crafted pad.

πŸ“– Read

via "National Vulnerability Database".
13:32
β€Ό CVE-2021-32014 β€Ό

SheetJS Pro through 0.16.9 allows attackers to cause a denial of service (CPU consumption) via a crafted .xlsx document that is mishandled when read by xlsx.js.

πŸ“– Read

via "National Vulnerability Database".
?
15:03
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
πŸ•΄ When Ransomware Comes to (Your) Town πŸ•΄

While steps for defending against a ransomware attack vary based on the size of the government entity and the resources available to each one, rooting out ransomware ultimately will come down to two things: system architecture and partnerships.

πŸ“– Read

via "Dark Reading".
15:12
❌ Protecting Phones From Pegasus-Like Spyware Attacks ❌

Podcast: Can a new SIM card and prepaid service from an MVNO help? Former spyware insider, current mobile white hat hacker Adam Weinberg on how to block spyware attacks.

πŸ“– Read

via "Threat Post".
?
15:32
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2020-36423 β€Ό

An issue was discovered in Arm Mbed TLS before 2.23.0. A remote attacker can recover plaintext because a certain Lucky 13 countermeasure doesn't properly consider the case of a hardware accelerator.

πŸ“– Read

via "National Vulnerability Database".
15:32
β€Ό CVE-2021-29707 β€Ό

IBM HMC (Hardware Management Console) V9.1.910.0 and V9.2.950.0 could allow a local user to escalate their privileges to root access on a restricted shell. IBM X-Force ID: 200879.

πŸ“– Read

via "National Vulnerability Database".
?
16:04
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
🦿 US and allies finger China in Microsoft Exchange hack 🦿

The US has also blamed hackers working with China for ransomware attacks, extortion, crypto-jacking and other cybercrimes.

πŸ“– Read

via "Tech Republic".
16:12
❌ Ruthless Attackers Target Florida Condo Collapse Victims ❌

Hackers are stealing the identities of those lost in the condo-collapse tragedy.

πŸ“– Read

via "Threat Post".
?
16:33
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
πŸ•΄ NSO Group Spyware Used On Journalists & Activists Worldwide πŸ•΄

An investigation finds Pegasus spyware, intended for use on criminals and terrorists, has been used in targeted campaigns against others around the world.

πŸ“– Read

via "Dark Reading".
16:46
πŸ” What is HITECH Compliance? Understanding and Meeting HITECH Requirements πŸ”

Learn about the requirements for HITECH compliance and how to meet them in Data Protection 101, our series on the fundamentals of information security.

πŸ“– Read

via "".
?
17:32
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2020-20248 β€Ό

Mikrotik RouterOs before stable 6.47 suffers from an uncontrolled resource consumption in the memtest process. An authenticated remote attacker can cause a Denial of Service due to overloading the systems CPU.

πŸ“– Read

via "National Vulnerability Database".
17:32
πŸ•΄ How Gaming Attack Data Aids Defenders Across Industries πŸ•΄

Web application attacks against the video game industry quadrupled in 2020 compared to the previous year, but companies outside entertainment can learn from the data.

πŸ“– Read

via "Dark Reading".
?
18:03
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
πŸ•΄ US Accuses China of Using Criminal Hackers in Cyber Espionage Operations πŸ•΄

DOJ indicts four Chinese individuals for alleged role in attacks targeting intellectual property, trade secrets belonging to defense contractors, maritime companies, aircraft service firms, and others.

πŸ“– Read

via "Dark Reading".
?
18:35
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
🦿 How to activate virtualization-based security and core isolation in Windows 10 🦿

Give your PC a little extra security. HVCI and VBS are available in 64-bit versions of Windows 10, but you must turn them on manually. We show you how.

πŸ“– Read

via "Tech Republic".
18:42
❌ Unpatched iPhone Bug Allows Remote Device Takeover ❌

A format-string bug believed to be a low-risk denial-of-service issue turns out to be much nastier than expected.

πŸ“– Read

via "Threat Post".
?
19:03
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
πŸ•΄ Law Firm for Ford, Pfizer, Exxon Discloses Ransomware Attack πŸ•΄

Campbell Conroy & O'Neil reports the attack affected personal data including Social Security numbers, passport numbers, and payment card data for some individuals.

πŸ“– Read

via "Dark Reading".
?
19:32
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-34618 β€Ό

A remote denial of service (DoS) vulnerability was discovered in some Aruba Instant Access Point (IAP) products in version(s): Aruba Instant 6.4.x: 6.4.4.8-4.2.4.18 and below; Aruba Instant 6.5.x: 6.5.4.18 and below; Aruba Instant 8.3.x: 8.3.0.14 and below; Aruba Instant 8.4.x: All versions; Aruba Instant 8.5.x: 8.5.0.11 and below; Aruba Instant 8.6.x: 8.6.0.7 and below; Aruba Instant 8.7.x: 8.7.1.1 and below. Aruba has released patches for Aruba Instant that address this security vulnerability.

πŸ“– Read

via "National Vulnerability Database".
?
20:42
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ What’s Next for REvil’s Victims?Β  ❌

Podcast: Nothing, says a ransomware negotiator who has tips on staying out of the sad subset of victims left in the lurch, mid-negotiation, after REvil's servers went up in smoke.

πŸ“– Read

via "Threat Post".
?
21:32
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2020-5321 β€Ό

Dell EMC OpenManage Enterprise (OME) versions prior to 3.2 and OpenManage Enterprise-Modular (OME-M) versions prior to 1.10.00 contain an improper input validation vulnerability. A remote authenticated malicious user with high privileges could potentially exploit this vulnerability to spawn tasks with elevated privileges.

πŸ“– Read

via "National Vulnerability Database".
21:32
β€Ό CVE-2020-29499 β€Ό

Dell EMC PowerStore versions prior to 1.0.3.0.5.006 contain an OS Command Injection vulnerability in PowerStore X environment . A locally authenticated attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS command on the PowerStore underlying OS. Exploiting may lead to a system take over by an attacker.

πŸ“– Read

via "National Vulnerability Database".
20 July 2021
?
02:33
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-26081 β€Ό

REST API in Atlassian Jira Server and Jira Data Center before version 8.5.14, from version 8.6.0 before 8.13.6, and from version 8.14.0 before 8.16.1 allows remote attackers to enumerate usernames via a Sensitive Data Exposure vulnerability in the `/rest/api/latest/user/avatar/temporary` endpoint.

πŸ“– Read

via "National Vulnerability Database".
02:33
β€Ό CVE-2021-26082 β€Ό

The XML Export in Atlassian Jira Server and Jira Data Center before version 8.5.14, from version 8.6.0 before 8.13.6, and from version 8.14.0 before 8.17.0 allows remote attackers to inject arbitrary HTML or JavaScript via a stored cross site scripting vulnerability.

πŸ“– Read

via "National Vulnerability Database".
?
07:33
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2019-25051 β€Ό

objstack in GNU Aspell 0.60.8 has a heap-based buffer overflow in acommon::ObjStack::dup_top (called from acommon::StringMap::add and acommon::Config::lookup_list).

πŸ“– Read

via "National Vulnerability Database".
07:33
β€Ό CVE-2021-36979 β€Ό

Unicorn Engine 1.0.2 has an out-of-bounds write in tb_flush_armeb (called from cpu_arm_exec_armeb and tcg_cpu_exec_armeb).

πŸ“– Read

via "National Vulnerability Database".
?
09:33
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-26095 β€Ό

The combination of various cryptographic issues in the session management of FortiMail 6.4.0 through 6.4.4 and 6.2.0 through 6.2.6, including the encryption construction of the session cookie, may allow a remote attacker already in possession of a cookie to possibly reveal and alter or forge its content, thereby escalating privileges.

πŸ“– Read

via "National Vulnerability Database".
09:33
β€Ό CVE-2021-27021 β€Ό

A flaw was discovered in Puppet DB, this flaw results in an escalation of privileges which allows the user to delete tables via an SQL query.

πŸ“– Read

via "National Vulnerability Database".
09:42
❌ MosaicLoader Malware Delivers Facebook Stealers, RATs ❌

The newly documented code is a full-service malware-delivery threat that's spreading indiscriminately globally through paid search ads.

πŸ“– Read

via "Threat Post".
?
10:05
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
🦿 Companies are losing the war against phishing as attacks increase in number and sophistication 🦿

A new report finds that 74% of companies have been the victim of phishing in the last year. Staff shortages, a lack of security training and an increase in mobile device usage for work are factors.

πŸ“– Read

via "Tech Republic".
10:12
❌ A New Security Paradigm: External Attack Surface Management ❌

Advanced EASM solutions are crucial to automating the discovery of the downstream third-party (or fourth-party, or fifth-party, etc.) IT infrastructures that your organization is exposed to, and may be vulnerable to attack, posing a critical risk for your organization.

πŸ“– Read

via "Threat Post".
?
10:43
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ 16-Year-Old HP Printer-Driver Bug Impacts Millions of Windows Machines ❌

The bug could allow cyberattackers to bypass security products, tamper with data and run code in kernel mode.

πŸ“– Read

via "Threat Post".
?
11:13
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ Why Your Business Needs a Long-Term Remote Security Strategy ❌

Chris Hass, director of information security and research at Automox, discusses the future of work: A hybrid home/office model that will demand new security approaches.

πŸ“– Read

via "Threat Post".
11:24
⚠ Apple iPhone patches are out – no news if recent Wi-Fi bug is fixed ⚠

Remember that weird iPhone Wi-Fi bug from a week or so ago? Let's hope this update patches it!

πŸ“– Read

via "Naked Security".
11:33
β€Ό CVE-2020-15660 β€Ό

Missing checks on Content-Type headers in geckodriver before 0.27.0 could lead to a CSRF vulnerability, that might, when paired with a specifically prepared request, lead to remote code execution.

πŸ“– Read

via "National Vulnerability Database".
11:35
🦿 Ransomware: International cooperation is needed to curb these cybersecurity threats, says expert 🦿

Ransomware knows no borders. An attorney with cybersecurity expertise suggests the only way to stop ransomware is for nations to create a global solution.

πŸ“– Read

via "Tech Republic".
?
13:33
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-32668 β€Ό

TYPO3 is an open source PHP based web content management system. Versions 9.0.0 through 9.5.28, 10.0.0 through 10.4.17, and 11.0.0 through 11.3.0 have a cross-site scripting vulnerability. When error messages are not properly encoded, the components _QueryGenerator_ and _QueryView_ are vulnerable to both reflected and persistent cross-site scripting. A valid backend user account having administrator privileges is needed to exploit this vulnerability. TYPO3 versions 9.5.29, 10.4.18, 11.3.1 contain a patch for this issue.

πŸ“– Read

via "National Vulnerability Database".
?
14:13
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ Law Firm to the Fortune 500 Breached with Ransomware ❌

Deep-pocketed clients' customers & suppliers could be in the attacker's net, with potential PII exposure from an A-list clientele such as Apple, Boeing and IBM.

πŸ“– Read

via "Threat Post".
?
15:33
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-32767 β€Ό

TYPO3 is an open source PHP based web content management system. In versions 9.0.0 through 9.5.27, 10.0.0 through 10.4.17, and 11.0.0 through 11.3.0, user credentials may been logged as plain-text. This occurs when explicitly using log level debug, which is not the default configuration. TYPO3 versions 9.5.28, 10.4.18, 11.3.1 contain a patch for this vulnerability.

πŸ“– Read

via "National Vulnerability Database".
?
16:05
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
🦿 Your iPhone and the Pegasus spyware hack: What you need to know 🦿

iPhones have been compromised by the NSO Group's Pegasus spyware. Should you be worried? That depends on who you ask.

πŸ“– Read

via "Tech Republic".
16:05
🦿 Top 5 things to know about supply chain attacks 🦿

Worried about supply chain attacks? Tom Merritt can help you understand your risk.

πŸ“– Read

via "Tech Republic".
16:13
❌ Researchers: NSO Group’s Pegasus Spyware Should Spark Bans, Apple Accountability ❌

Our roundtable of experts weighs in on implications for Apple and lawmakers in the wake of the bombshell report showing widespread surveillance of dissidents, journalists and others.

πŸ“– Read

via "Threat Post".
?
16:35
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
🦿 Top 5 things to know about supply chain attacks 🦿

Worried about supply chain attacks? Tom Merritt can help you understand your risk.

πŸ“– Read

via "Tech Republic".
?
17:33
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2020-25206 β€Ό

The web console for Mimosa B5, B5c, and C5x firmware through 2.8.0.2 allows authenticated command injection in the Throughput, WANStats, PhyStats, and QosStats API classes. An attacker with access to a web console account may execute operating system commands on affected devices by sending crafted POST requests to the affected endpoints (/core/api/calls/Throughput.php, /core/api/calls/WANStats.php, /core/api/calls/PhyStats.php, /core/api/calls/QosStats.php). This results in the complete takeover of the vulnerable device. This vulnerability does not occur in the older 1.5.x firmware versions.

πŸ“– Read

via "National Vulnerability Database".
17:35
🦿 Security experts: Consistency and security are key in creating vaccine passports 🦿

Countries and states have to agree on a consistent platform for vaccine passports in order to make them work effectively.

πŸ“– Read

via "Tech Republic".
17:35
🦿 Vaccine passports have to be consistent so that all countries can recognize them, expert says 🦿

This might create problems for those from poorer countries. Their countries may not have the resources to create vaccine passports that are readable everywhere.

πŸ“– Read

via "Tech Republic".
?
19:33
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2020-23284 β€Ό

Information disclosure in aspx pages in MV's IDCE application v1.0 allows an attacker to copy and paste aspx pages in the end of the URL application that connect into the database which reveals internal and sensitive information without logging into the web application.

πŸ“– Read

via "National Vulnerability Database".
?
21:33
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-32751 β€Ό

Gradle is a build tool with a focus on build automation. In versions prior to 7.2, start scripts generated by the `application` plugin and the `gradlew` script are both vulnerable to arbitrary code execution when an attacker is able to change environment variables for the user running the script. This may impact those who use `gradlew` on Unix-like systems or use the scripts generated by Gradle in thieir application on Unix-like systems. For this vulnerability to be exploitable, an attacker needs to be able to set the value of particular environment variables and have those environment variables be seen by the vulnerable scripts. This issue has been patched in Gradle 7.2 by removing the use of `eval` and requiring the use of the `bash` shell. There are a few workarounds available. For CI/CD systems using the Gradle build tool, one may ensure that untrusted users are unable to change environment variables for the user that executes `gradlew`. If one is unable to upgrade to Gradle 7.2, one may generate a new `gradlew` script with Gradle 7.2 and use it for older versions of Gradle. Fpplications using start scripts generated by Gradle, one may ensure that untrusted users are unable to change environment variables for the user that executes the start script. A vulnerable start script could be manually patched to remove the use of `eval` or the use of environment variables that affect the application's command-line. If the application is simple enough, one may be able to avoid the use of the start scripts by running the application directly with Java command.

πŸ“– Read

via "National Vulnerability Database".
21 July 2021
?
02:34
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-1098 β€Ό

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where it doesn't release some resources during driver unload requests from guests. This flaw allows a malicious guest to perform operations by reusing those resources, which may lead to information disclosure, data tampering, or denial of service. This affects vGPU version 12.x (prior to 12.3), version 11.x (prior to 11.5) and version 8.x (prior 8.8).

πŸ“– Read

via "National Vulnerability Database".
02:34
β€Ό CVE-2021-2451 β€Ό

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). The supported version that is affected is 8.5.5. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Outside In Technology accessible data as well as unauthorized read access to a subset of Oracle Outside In Technology accessible data. Note: Outside In Technology is a suite of software development kits (SDKs). The protocol and CVSS Base Score depend on the software that uses Outside In Technology. The CVSS score assumes that the software passes data received over a network directly to Outside In Technology, but if data is not received over a network the CVSS score may be lower. CVSS 3.1 Base Score 6.5 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N).

πŸ“– Read

via "National Vulnerability Database".
02:34
β€Ό CVE-2021-1100 β€Ό

NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager kernel mode driver (nvidia.ko), in which a pointer to a user-space buffer is not validated before it is dereferenced, which may lead to denial of service. This affects vGPU version 12.x (prior to 12.3), version 11.x (prior to 11.5) and version 8.x (prior 8.8).

πŸ“– Read

via "National Vulnerability Database".
?
07:13
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ MacOS Being Picked Apart by $49 XLoader Data Stealer ❌

Cheap, easy & prolific, the new version of the old FormBook form-stealer and keylogger has added Mac users to its hit list, and it’s selling like hotcakes.

πŸ“– Read

via "Threat Post".
?
07:44
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-23409 β€Ό

The package github.com/pires/go-proxyproto before 0.6.0 are vulnerable to Denial of Service (DoS) via creating connections without the proxy protocol header.

πŸ“– Read

via "National Vulnerability Database".
?
08:05
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
🦿 Moving OT to the cloud means accounting for a whole new host of security risks 🦿

ICS systems managed via cloud software are open to exploits that could be destructive enough to cause physical damage to industrial systems. Here's how to protect your operational technology network.

πŸ“– Read

via "Tech Republic".
?
08:35
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
🦿 Cybersecurity lags behind as IoT devices proliferate, according to a new report 🦿

About one-quarter of respondents do not incorporate any of the listed measures to protect these devices and many feel as though consumers are not responsible for smart and IoT device security.

πŸ“– Read

via "Tech Republic".
?
10:13
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ Tracking Malware and Ransomware Domains in 2021 ❌

Ransomware is the threat of 2021. It’s impacting everything from large enterprises, hospitals, to other aspects of our critical infrastructure. Here, we’ll take a look at actual malware domain traffic and how it correlates to ransomware attacks in the news.

πŸ“– Read

via "Threat Post".
?
10:43
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ French Launch NSO Probe After Macron Believed Spyware Target ❌

Fourteen world leaders were among those found on list of NSO believed targets for its Pegasus spyware.

πŸ“– Read

via "Threat Post".
?
11:17
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
πŸ” Catch Up With Digital Guardian Virtually at Black Hat 2021 πŸ”

We're looking forward to seeing you online at Black Hat next month!

πŸ“– Read

via "".
?
12:05
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
🦿 Cybersecurity risk: The number of employees going around IT security may surprise you 🦿

The findings detail a complex security balancing act between IT teams and users; especially in the age of remote work and virtual collaboration at scale.

πŸ“– Read

via "Tech Republic".
?
12:35
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
🦿 The space wide web is ready to launch 🦿

There is even more to space innovation than the fledgling space tourism sector. Somewhat out of the public eye, there is a fast-growing space tech industry.

πŸ“– Read

via "Tech Republic".
12:43
❌ Kubernetes Cloud Clusters Face Cyberattacks via Argo Workflows ❌

Misconfigured permissions for Argo's web-facing dashboard allow unauthenticated attackers to run code on Kubernetes targets, including cryptomining containers.

πŸ“– Read

via "Threat Post".
?
13:25
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
⚠ Windows β€œHiveNightmare” bug could leak passwords – here’s what to do! ⚠

Windows "hives" contain registry data, some of it secret. The nightmare is that these files aren't properly protected against snooping.

πŸ“– Read

via "Naked Security".
13:34
β€Ό CVE-2021-2361 β€Ό

Vulnerability in the Oracle Advanced Inbound Telephony product of Oracle E-Business Suite (component: SDK client integration). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Advanced Inbound Telephony. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Advanced Inbound Telephony accessible data as well as unauthorized access to critical data or complete access to all Oracle Advanced Inbound Telephony accessible data. CVSS 3.1 Base Score 8.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N).

πŸ“– Read

via "National Vulnerability Database".
13:34
β€Ό CVE-2021-2429 β€Ό

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 8.0.25 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).

πŸ“– Read

via "National Vulnerability Database".
13:34
β€Ό CVE-2021-2390 β€Ό

Vulnerability in the MySQL Server product of Oracle MySQL (component: InnoDB). Supported versions that are affected are 5.7.34 and prior and 8.0.25 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).

πŸ“– Read

via "National Vulnerability Database".
13:41
β€Ό CVE-2021-2398 β€Ό

Vulnerability in the Oracle Advanced Outbound Telephony product of Oracle E-Business Suite (component: Region Mapping). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Advanced Outbound Telephony. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Advanced Outbound Telephony accessible data as well as unauthorized access to critical data or complete access to all Oracle Advanced Outbound Telephony accessible data. CVSS 3.1 Base Score 8.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N).

πŸ“– Read

via "National Vulnerability Database".
13:41
β€Ό CVE-2021-2418 β€Ό

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

πŸ“– Read

via "National Vulnerability Database".
13:41
β€Ό CVE-2021-2345 β€Ό

Vulnerability in the Oracle Commerce Guided Search / Oracle Commerce Experience Manager product of Oracle Commerce (component: Tools and Frameworks). The supported version that is affected is 11.3.1.5. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Commerce Guided Search / Oracle Commerce Experience Manager. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Commerce Guided Search / Oracle Commerce Experience Manager, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Commerce Guided Search / Oracle Commerce Experience Manager accessible data as well as unauthorized read access to a subset of Oracle Commerce Guided Search / Oracle Commerce Experience Manager accessible data. CVSS 3.1 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N).

πŸ“– Read

via "National Vulnerability Database".
13:41
β€Ό CVE-2021-2356 β€Ό

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Replication). Supported versions that are affected are 5.7.34 and prior and 8.0.25 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server as well as unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 5.9 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:H).

πŸ“– Read

via "National Vulnerability Database".
13:45
β€Ό CVE-2021-2336 β€Ό

Vulnerability in the Oracle Database - Enterprise Edition Data Redaction component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Easily exploitable vulnerability allows low privileged attacker having Create Session privilege with network access via Oracle Net to compromise Oracle Database - Enterprise Edition Data Redaction. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Database - Enterprise Edition Data Redaction accessible data. CVSS 3.1 Base Score 3.5 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N).

πŸ“– Read

via "National Vulnerability Database".
13:45
β€Ό CVE-2020-23282 β€Ό

SQL injection in Logon Page in MV's mConnect application, v02.001.00, allows an attacker to use a non existing user with a generic password to connect to the application and get access to unauthorized information.

πŸ“– Read

via "National Vulnerability Database".
13:45
β€Ό CVE-2021-2335 β€Ό

Vulnerability in the Oracle Database - Enterprise Edition Data Redaction component of Oracle Database Server. Supported versions that are affected are 12.1.0.2, 12.2.0.1 and 19c. Easily exploitable vulnerability allows low privileged attacker having Create Session privilege with network access via Oracle Net to compromise Oracle Database - Enterprise Edition Data Redaction. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Database - Enterprise Edition Data Redaction accessible data. CVSS 3.1 Base Score 3.5 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N).

πŸ“– Read

via "National Vulnerability Database".
13:45
β€Ό CVE-2021-2350 β€Ό

Vulnerability in the Hyperion Essbase Administration Services product of Oracle Essbase (component: EAS Console). Supported versions that are affected are 11.1.2.4 and 21.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Hyperion Essbase Administration Services. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Hyperion Essbase Administration Services accessible data. CVSS 3.1 Base Score 7.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N).

πŸ“– Read

via "National Vulnerability Database".
13:45
β€Ό CVE-2021-2368 β€Ό

Vulnerability in the Siebel CRM product of Oracle Siebel CRM (component: Siebel Core - Server Infrastructure). Supported versions that are affected are 21.5 and Prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTPS to compromise Siebel CRM. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Siebel CRM accessible data. CVSS 3.1 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).

πŸ“– Read

via "National Vulnerability Database".
13:45
β€Ό CVE-2021-2402 β€Ό

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Locking). Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

πŸ“– Read

via "National Vulnerability Database".
13:45
β€Ό CVE-2021-2369 β€Ό

Vulnerability in the Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Library). Supported versions that are affected are Java SE: 7u301, 8u291, 11.0.11, 16.0.1; Oracle GraalVM Enterprise Edition: 20.3.2 and 21.1.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Java SE, Oracle GraalVM Enterprise Edition. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Java SE, Oracle GraalVM Enterprise Edition accessible data. Note: This vulnerability applies to Java deployments, typically in clients running sandboxed Java Web Start applications or sandboxed Java applets, that load and run untrusted code (e.g., code that comes from the internet) and rely on the Java sandbox for security. This vulnerability does not apply to Java deployments, typically in servers, that load and run only trusted code (e.g., code installed by an administrator). CVSS 3.1 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N).

πŸ“– Read

via "National Vulnerability Database".
13:45
β€Ό CVE-2021-2393 β€Ό

Vulnerability in the Oracle E-Records product of Oracle E-Business Suite (component: E-signatures). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle E-Records. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle E-Records accessible data as well as unauthorized access to critical data or complete access to all Oracle E-Records accessible data. CVSS 3.1 Base Score 8.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N).

πŸ“– Read

via "National Vulnerability Database".
13:45
β€Ό CVE-2021-2339 β€Ό

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: DDL). Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

πŸ“– Read

via "National Vulnerability Database".
13:45
β€Ό CVE-2021-2348 β€Ό

Vulnerability in the Oracle Commerce Guided Search / Oracle Commerce Experience Manager product of Oracle Commerce (component: Tools and Frameworks). The supported version that is affected is 11.3.1.5. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Commerce Guided Search / Oracle Commerce Experience Manager. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle Commerce Guided Search / Oracle Commerce Experience Manager accessible data. CVSS 3.1 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).

πŸ“– Read

via "National Vulnerability Database".
13:48
β€Ό CVE-2021-34619 β€Ό

The WooCommerce Stock Manager WordPress plugin is vulnerable to Cross-Site Request Forgery leading to Arbitrary File Upload in versions up to, and including, 2.5.7 due to missing nonce and file validation in the /woocommerce-stock-manager/trunk/admin/views/import-export.php file.

πŸ“– Read

via "National Vulnerability Database".
13:48
β€Ό CVE-2021-2422 β€Ό

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: PS). Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

πŸ“– Read

via "National Vulnerability Database".
13:48
β€Ό CVE-2021-2420 β€Ό

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). The supported version that is affected is 8.5.5. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Outside In Technology accessible data as well as unauthorized read access to a subset of Oracle Outside In Technology accessible data. Note: Outside In Technology is a suite of software development kits (SDKs). The protocol and CVSS Base Score depend on the software that uses Outside In Technology. The CVSS score assumes that the software passes data received over a network directly to Outside In Technology, but if data is not received over a network the CVSS score may be lower. CVSS 3.1 Base Score 6.5 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N).

πŸ“– Read

via "National Vulnerability Database".
13:48
β€Ό CVE-2021-34365 β€Ό

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.

πŸ“– Read

via "National Vulnerability Database".
13:48
β€Ό CVE-2021-2366 β€Ό

Vulnerability in the Primavera P6 Enterprise Project Portfolio Management product of Oracle Construction and Engineering (component: Web Access). Supported versions that are affected are 17.12.0-17.12.20, 18.8.0-18.8.23, 19.12.0-19.12.14 and 20.12.0-20.12.3. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Primavera P6 Enterprise Project Portfolio Management. While the vulnerability is in Primavera P6 Enterprise Project Portfolio Management, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Primavera P6 Enterprise Project Portfolio Management accessible data as well as unauthorized read access to a subset of Primavera P6 Enterprise Project Portfolio Management accessible data. CVSS 3.1 Base Score 6.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N).

πŸ“– Read

via "National Vulnerability Database".
13:48
β€Ό CVE-2020-23283 β€Ό

Information disclosure in Logon Page in MV's mConnect application v02.001.00 allows an attacker to know valid users from the application's database via brute force.

πŸ“– Read

via "National Vulnerability Database".
13:48
β€Ό CVE-2021-2423 β€Ό

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Filters). The supported version that is affected is 8.5.5. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Outside In Technology. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Outside In Technology accessible data as well as unauthorized read access to a subset of Oracle Outside In Technology accessible data. Note: Outside In Technology is a suite of software development kits (SDKs). The protocol and CVSS Base Score depend on the software that uses Outside In Technology. The CVSS score assumes that the software passes data received over a network directly to Outside In Technology, but if data is not received over a network the CVSS score may be lower. CVSS 3.1 Base Score 6.5 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:H/A:N).

πŸ“– Read

via "National Vulnerability Database".
13:48
β€Ό CVE-2020-21935 β€Ό

A command injection vulnerability in HNAP1/GetNetworkTomographySettings of Motorola CX2 router CX 1.0.2 Build 20190508 Rel.97360n allows attackers to execute arbitrary code.

πŸ“– Read

via "National Vulnerability Database".
13:48
β€Ό CVE-2021-2404 β€Ό

Vulnerability in the PeopleSoft Enterprise HCM Candidate Gateway product of Oracle PeopleSoft (component: e-mail notification). The supported version that is affected is 9.2. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise HCM Candidate Gateway. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of PeopleSoft Enterprise HCM Candidate Gateway accessible data as well as unauthorized read access to a subset of PeopleSoft Enterprise HCM Candidate Gateway accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N).

πŸ“– Read

via "National Vulnerability Database".
13:48
β€Ό CVE-2021-22708 β€Ό

A CWE-347: Improper Verification of Cryptographic Signature vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1), EVlink Parking (EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1), and EVlink Smart Wallbox (EVB1A all versions prior to R8 V3.4.0.1 ) that could allow an attacker to craft a malicious firmware package and bypass the signature verification mechanism.

πŸ“– Read

via "National Vulnerability Database".
13:48
β€Ό CVE-2021-22730 β€Ό

A CWE-798: Use of Hard-coded Credentials vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1), EVlink Parking (EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1), and EVlink Smart Wallbox (EVB1A all versions prior to R8 V3.4.0.1 ) that could an attacker to gain unauthorized administrative privileges when accessing to the charging station web server.

πŸ“– Read

via "National Vulnerability Database".
13:48
β€Ό CVE-2021-2407 β€Ό

Vulnerability in the PeopleSoft Enterprise PeopleTools product of Oracle PeopleSoft (component: Portal). Supported versions that are affected are 8.57, 8.58 and 8.59. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PeopleTools. Successful attacks of this vulnerability can result in unauthorized read access to a subset of PeopleSoft Enterprise PeopleTools accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N).

πŸ“– Read

via "National Vulnerability Database".
13:48
β€Ό CVE-2021-2415 β€Ό

Vulnerability in the Oracle Time and Labor product of Oracle E-Business Suite (component: Timecard). Supported versions that are affected are 12.1.1-12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle Time and Labor. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle Time and Labor accessible data as well as unauthorized access to critical data or complete access to all Oracle Time and Labor accessible data. CVSS 3.1 Base Score 8.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N).

πŸ“– Read

via "National Vulnerability Database".
13:48
β€Ό CVE-2021-22726 β€Ό

A CWE-918: Server-Side Request Forgery (SSRF) vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1), EVlink Parking (EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1), and EVlink Smart Wallbox (EVB1A all versions prior to R8 V3.4.0.1 ) that could allow an attacker to perform unintended actions or access to data when crafted malicious parameters are submitted to the charging station web server.

πŸ“– Read

via "National Vulnerability Database".
13:48
β€Ό CVE-2021-2373 β€Ό

Vulnerability in the JD Edwards EnterpriseOne Tools product of Oracle JD Edwards (component: Web Runtime). Supported versions that are affected are 9.2.5.3 and Prior. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise JD Edwards EnterpriseOne Tools. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in JD Edwards EnterpriseOne Tools, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of JD Edwards EnterpriseOne Tools accessible data as well as unauthorized read access to a subset of JD Edwards EnterpriseOne Tools accessible data. CVSS 3.1 Base Score 5.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N).

πŸ“– Read

via "National Vulnerability Database".
13:48
β€Ό CVE-2021-2441 β€Ό

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.25 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

πŸ“– Read

via "National Vulnerability Database".
13:48
β€Ό CVE-2021-22727 β€Ό

A CWE-331: Insufficient Entropy vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1), EVlink Parking (EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1), and EVlink Smart Wallbox (EVB1A all versions prior to R8 V3.4.0.1 ) that could allow an attacker to gain unauthorized access to the charging station web server

πŸ“– Read

via "National Vulnerability Database".
13:48
β€Ό CVE-2021-2392 β€Ό

Vulnerability in the Oracle BI Publisher product of Oracle Fusion Middleware (component: BI Publisher Security). Supported versions that are affected are 5.5.0.0.0, 11.1.1.7.0, 11.1.1.9.0, 12.2.1.3.0 and 12.2.1.4.0. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle BI Publisher. Successful attacks of this vulnerability can result in takeover of Oracle BI Publisher. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

πŸ“– Read

via "National Vulnerability Database".
13:48
β€Ό CVE-2021-22773 β€Ό

A CWE-620: Unverified Password Change vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1), EVlink Parking (EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1), and EVlink Smart Wallbox (EVB1A all versions prior to R8 V3.4.0.1 ) that could allow an attacker connected to the charging station web server to modify the password of a user.

πŸ“– Read

via "National Vulnerability Database".
13:48
β€Ό CVE-2021-2443 β€Ό

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.24. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox as well as unauthorized update, insert or delete access to some of Oracle VM VirtualBox accessible data and unauthorized read access to a subset of Oracle VM VirtualBox accessible data. Note: This vulnerability applies to Solaris x86 and Linux systems only. CVSS 3.1 Base Score 7.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:H).

πŸ“– Read

via "National Vulnerability Database".
13:51
β€Ό CVE-2021-22722 β€Ό

A CWE-79: Improper Neutralization of Input During Web Page Generation ('Stored Cross-site Scripting') vulnerability exists in EVlink City (EVC1S22P4 / EVC1S7P4 all versions prior to R8 V3.4.0.1), EVlink Parking (EVW2 / EVF2 / EV.2 all versions prior to R8 V3.4.0.1), and EVlink Smart Wallbox (EVB1A all versions prior to R8 V3.4.0.1 ) that could cause code injection when importing a CSV file or changing station parameters.

πŸ“– Read

via "National Vulnerability Database".
13:51
β€Ό CVE-2021-2446 β€Ό

Vulnerability in the Oracle Secure Global Desktop product of Oracle Virtualization (component: Client). The supported version that is affected is 5.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle Secure Global Desktop. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Secure Global Desktop, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle Secure Global Desktop. CVSS 3.1 Base Score 9.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).

πŸ“– Read

via "National Vulnerability Database".
13:51
β€Ό CVE-2021-2397 β€Ό

Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Core). Supported versions that are affected are 10.3.6.0.0, 12.1.3.0.0, 12.2.1.3.0, 12.2.1.4.0 and 14.1.1.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via T3, IIOP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.1 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

πŸ“– Read

via "National Vulnerability Database".
?
14:43
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ Indictments, Attribution Unlikely to Deter Chinese Hacking, Researchers Say ❌

Researchers are skeptical that much will come from calling out China for the Microsoft Exchange attacks and APT40 activity, but the move marks an important foreign-policy change.

πŸ“– Read

via "Threat Post".
?
15:13
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ NPM Package Steals Passwords via Chrome’s Account-Recovery Tool ❌

In another vast software supply-chain attack, the password-stealer is filching credentials from Chrome on Windows systems.

πŸ“– Read

via "Threat Post".
?
15:35
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2020-22150 β€Ό

A cross site scripting (XSS) vulnerability in /admin.php?page=permalinks of Piwigo 2.10.1 allows attackers to execute arbitrary web scripts or HTML.

πŸ“– Read

via "National Vulnerability Database".
15:35
🦿 Should we use AI in cybersecurity? Yes, but with caution and human help 🦿

Artificial intelligence is a powerful tool, and an expert says we had better ensure it stays just thatβ€”a useful tool.

πŸ“– Read

via "Tech Republic".
?
17:05
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
🦿 How to activate Microsoft Defender Application Guard in Windows 10 🦿

Microsoft Defender Application Guard protects your networks and data from malicious applications running in your web browser, but you must install and activate it first.

πŸ“– Read

via "Tech Republic".
?
17:35
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2020-19492 β€Ό

There is a floating point exception in ReadImage that leads to a Segmentation fault in sam2p 0.49.4. A crafted input will lead to a denial of service or possibly unspecified other impact.

πŸ“– Read

via "National Vulnerability Database".
17:35
β€Ό CVE-2020-19475 β€Ό

An issue has been found in function CCITTFaxStream::lookChar in PDF2JSON 0.70 that allows attackers to cause a Denial of Service due to an invalid write of size 2 .

πŸ“– Read

via "National Vulnerability Database".
?
19:35
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-32776 β€Ό

Combodo iTop is a web based IT Service Management tool. In versions prior to 2.7.4, CSRF tokens can be reused by a malicious user, as on Windows servers no cleanup is done on CSRF tokens. This issue is fixed in versions 2.7.4 and 3.0.0.

πŸ“– Read

via "National Vulnerability Database".
?
21:35
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-37220 β€Ό

MuPDF through 1.18.1 has an out-of-bounds write because the cached color converter does not properly consider the maximum key size of a hash table. This can, for example, be seen with crafted "mutool draw" input.

πŸ“– Read

via "National Vulnerability Database".
22 July 2021
?
07:36
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-1093 β€Ό

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in firmware where the driver contains an assert() or similar statement that can be triggered by an attacker, which leads to an application exit or other behavior that is more severe than necessary, and may lead to denial of service or system crash.

πŸ“– Read

via "National Vulnerability Database".
07:36
β€Ό CVE-2021-1089 β€Ό

NVIDIA GPU Display Driver for Windows contains a vulnerability in nvidia-smi where an uncontrolled DLL loading path may lead to arbitrary code execution, denial of service, information disclosure, and data tampering.

πŸ“– Read

via "National Vulnerability Database".
07:36
β€Ό CVE-2021-1090 β€Ό

NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for control calls where the software reads or writes to a buffer by using an index or pointer that references a memory location after the end of the buffer, which may lead to data tampering or denial of service.

πŸ“– Read

via "National Vulnerability Database".
07:36
β€Ό CVE-2021-1096 β€Ό

NVIDIA Windows GPU Display Driver for Windows contains a vulnerability in the NVIDIA kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape where dereferencing a NULL pointer may lead to a system crash.

πŸ“– Read

via "National Vulnerability Database".
07:36
β€Ό CVE-2021-1091 β€Ό

NVIDIA GPU Display driver for Windows contains a vulnerability where an unprivileged user can create a file hard link that causes the driver to overwrite a file that requires elevated privilege to modify, which could lead to data loss or denial of service.

πŸ“– Read

via "National Vulnerability Database".
07:36
β€Ό CVE-2021-1092 β€Ό

NVIDIA GPU Display Driver for Windows contains a vulnerability in the NVIDIA Control Panel application where it is susceptible to a Windows file system symbolic link attack where an unprivileged attacker can cause the applications to overwrite privileged files, resulting in potential denial of service or data loss.

πŸ“– Read

via "National Vulnerability Database".
?
09:36
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-28131 β€Ό

Impala sessions use a 16 byte secret to verify that the session is not being hijacked by another user. However, these secrets appear in the Impala logs, therefore Impala users with access to the logs can use another authenticated user's sessions with specially constructed requests. This means the attacker is able to execute statements for which they don't have the necessary privileges otherwise. Impala deployments with Apache Sentry or Apache Ranger authorization enabled may be vulnerable to privilege escalation if an authenticated attacker is able to hijack a session or query from another authenticated user with privileges not assigned to the attacker. Impala deployments with audit logging enabled may be vulnerable to incorrect audit logging as a user could undertake actions that were logged under the name of a different authenticated user. Constructing an attack requires a high degree of technical sophistication and access to the Impala system as an authenticated user. Mitigation: If an Impala deployment uses Apache Sentry, Apache Ranger or audit logging, then users should upgrade to a version of Impala with the fix for IMPALA-10600. The Impala 4.0 release includes this fix. This hides session secrets from the logs to eliminate the risk of any attack using this mechanism. In lieu of an upgrade, restricting access to logs that expose secrets will reduce the risk of an attack. Restricting access to the Impala deployment to trusted users will also reduce the risk of an attack. Log redaction techniques can be used to redact secrets from the logs.

πŸ“– Read

via "National Vulnerability Database".
?
10:14
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ Microsoft Issues Windows 10 Workaround Fix for β€˜SeriousSAM’ Bug ❌

A privilege elevation bug in Windows 10 opens all systems to attackers to access data and create new accounts on systems.

πŸ“– Read

via "Threat Post".
?
11:36
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-20596 β€Ό

NULL Pointer Dereference in MELSEC-F Series FX3U-ENET firmware version 1.14 and prior, FX3U-ENET-L firmware version 1.14 and prior and FX3U-ENET-P502 firmware version 1.14 and prior allows a remote unauthenticated attacker to cause a DoS condition in communication by sending specially crafted packets. Control by MELSEC-F series PLC is not affected and system reset is required for recovery.

πŸ“– Read

via "National Vulnerability Database".
11:36
🦿 Windows "HiveNightmare" bug could expose system files to non-admin users 🦿

An attacker who exploits this flaw could use system privileges to install programs, view or delete data, and create accounts with full user rights.

πŸ“– Read

via "Tech Republic".
11:36
β€Ό CVE-2019-20467 β€Ό

An issue was discovered on Sannce Smart HD Wifi Security Camera EAN 2 950004 595317 devices. The device by default has a TELNET interface available (which is not advertised or functionally used, but is nevertheless available). Two backdoor accounts (root and default) exist that can be used on this interface. The usernames and passwords of the backdoor accounts are the same on all devices. Attackers can use these backdoor accounts to obtain access and execute code as root within the device.

πŸ“– Read

via "National Vulnerability Database".
11:36
β€Ό CVE-2021-35522 β€Ό

A Buffer Overflow in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2, Sigma devices before 4.9.4, and MA VP MD devices before 4.9.7 allows remote attackers to achieve code execution, denial of services, and information disclosure via TCP/IP packets.

πŸ“– Read

via "National Vulnerability Database".
11:36
β€Ό CVE-2021-22523 β€Ό

XML External Entity vulnerability in Micro Focus Verastream Host Integrator, affecting version 7.8 Update 1 and earlier versions. The vulnerability could allow the control of web browser and hijacking user sessions.

πŸ“– Read

via "National Vulnerability Database".
11:36
β€Ό CVE-2021-35521 β€Ό

A path traversal in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2 allows remote authenticated attackers to achieve denial of services and information disclosure via TCP/IP packets.

πŸ“– Read

via "National Vulnerability Database".
11:36
β€Ό CVE-2021-22522 β€Ό

Reflected Cross-Site Scripting vulnerability in Micro Focus Verastream Host Integrator, affecting version version 7.8 Update 1 and earlier versions. The vulnerability could allow disclosure of confidential data.

πŸ“– Read

via "National Vulnerability Database".
11:36
β€Ό CVE-2021-30110 β€Ό

dttray.exe in Greyware Automation Products Inc Domain Time II before 5.2.b.20210331 allows remote attackers to execute arbitrary code via a URL to a malicious update in a spoofed response to the UDP query used to check for updates.

πŸ“– Read

via "National Vulnerability Database".
11:36
β€Ό CVE-2021-35520 β€Ό

A Buffer Overflow in Thrift command handlers in IDEMIA Morpho Wave Compact and VisionPass devices before 2.6.2 allows physically proximate authenticated attackers to achieve code execution, denial of services, and information disclosure via serial ports.

πŸ“– Read

via "National Vulnerability Database".
11:36
β€Ό CVE-2021-30049 β€Ό

SysAid 20.3.64 b14 is affected by Cross Site Scripting (XSS) via a /KeepAlive.jsp?stamp= URI.

πŸ“– Read

via "National Vulnerability Database".
11:36
β€Ό CVE-2021-30486 β€Ό

SysAid 20.3.64 b14 is affected by Blind and Stacker SQL injection via AssetManagementChart.jsp (GET computerID), AssetManagementChart.jsp (POST group1), AssetManagementList.jsp (GET computerID or group1), or AssetManagementSummary.jsp (GET group1).

πŸ“– Read

via "National Vulnerability Database".
?
11:55
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
⚠ S3 Ep42: Viruses, Nightmares, patches, rewards and scammers [Podcast] ⚠

Latest episode - listen now!

πŸ“– Read

via "Naked Security".
12:06
🦿 The ransomware risk management calculus is changing for OT, ICS and critical infrastructure 🦿

Paralysis is the worst possible state for businesses to find themselves in when faced with the threat, says Claroty's CPO.

πŸ“– Read

via "Tech Republic".
12:06
🦿 How cyberattacks exploit known security vulnerabilities 🦿

Knowing that many organizations fail to patch known flaws, attackers continually scan for security holes that they can exploit, says Barracuda.

πŸ“– Read

via "Tech Republic".
12:06
🦿 Systemd can't seem to catch a break: New vulnerability found 🦿

A dangerous vulnerability was found in the Linux systemd stack. Find out what it is and how to upgrade your Linux distributions.

πŸ“– Read

via "Tech Republic".
?
13:36
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-22001 β€Ό

In UAA versions prior to 75.3.0, sensitive information like relaying secret of the provider was revealed in response when deletion request of an identity provider( IdP) of type Ò€œoauth 1.0Ҁ� was sent to UAA server.

πŸ“– Read

via "National Vulnerability Database".
13:36
β€Ό CVE-2021-29143 β€Ό

A remote execution of arbitrary commands vulnerability was discovered in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series version(s): Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001. Aruba has released upgrades for Aruba AOS-CX devices that address this security vulnerability.

πŸ“– Read

via "National Vulnerability Database".
13:36
β€Ό CVE-2021-34431 β€Ό

In Eclipse Mosquitto version 1.6 to 2.0.10, if an authenticated client that had connected with MQTT v5 sent a crafted CONNECT message to the broker a memory leak would occur, which could be used to provide a DoS attack against the broker.

πŸ“– Read

via "National Vulnerability Database".
13:36
β€Ό CVE-2021-29149 β€Ό

A local bypass security restrictions vulnerability was discovered in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series version(s): Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001. Aruba has released upgrades for Aruba AOS-CX devices that address this security vulnerability.

πŸ“– Read

via "National Vulnerability Database".
13:36
β€Ό CVE-2021-29148 β€Ό

A local cross-site scripting (XSS) vulnerability was discovered in Aruba CX 6200F Switch Series, Aruba 6300 Switch Series, Aruba 6400 Switch Series, Aruba 8320 Switch Series, Aruba 8325 Switch Series, Aruba 8400 Switch Series, Aruba CX 8360 Switch Series version(s): Aruba AOS-CX firmware: 10.04.xxxx - versions prior to 10.04.3070, 10.05.xxxx - versions prior to 10.05.0070, 10.06.xxxx - versions prior to 10.06.0110, 10.07.xxxx - versions prior to 10.07.0001. Aruba has released upgrades for Aruba AOS-CX devices that address this security vulnerability.

πŸ“– Read

via "National Vulnerability Database".
13:44
❌ Apple Issues Urgent iPhone Updates; None for Pegasus Zero-Day ❌

Update now: The ream of bugs includes some remotely exploitable code execution flaws. Still to come: a fix for what makes iPhones easy prey for Pegasus spyware.

πŸ“– Read

via "Threat Post".
?
14:05
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
πŸ•΄ 7 Hot Cyber Threat Trends to Expect at Black Hat πŸ•΄

A sneak peek of some of the main themes at Black Hat USA next month.

πŸ“– Read

via "Dark Reading".
14:17
πŸ” An Interview with Adam Burns, Manager of Cybersecurity Analysts at Digital Guardian Part II πŸ”

In part two of our Q&A with Adam Burns, we discuss how to expand the security talent pool, the potential impact of automation on infosec, and the biggest challenge facing the industry.

πŸ“– Read

via "".
?
15:06
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
🦿 Scammers offer streaming services, giveaways and a fake cyber currency to cash in on the Olympic Games 🦿

Kaspersky's analysis found that cybercriminals are getting extra creative with the latest campaigns designed to harvest credentials.

πŸ“– Read

via "Tech Republic".
15:14
❌ Industrial Networks Exposed Through Cloud-Based Operational Tech ❌

Critical ICS vulnerabilities can be exploited through leading cloud-management platforms.

πŸ“– Read

via "Threat Post".
?
15:36
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-26228 β€Ό

SQL injection vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to edit_class1.php.

πŸ“– Read

via "National Vulnerability Database".
15:36
β€Ό CVE-2020-5316 β€Ό

Dell SupportAssist for Business PCs versions 2.0, 2.0.1, 2.0.2, 2.1, 2.1.1, 2.1.2, 2.1.3 and Dell SupportAssist for Home PCs version 2.0, 2.0.1, 2.0.2, 2.1, 2.1.1, 2.1.2, 2.1.3, 2.2, 2.2.1, 2.2.2, 2.2.3, 3.0, 3.0.1, 3.0.2, 3.1, 3.2, 3.2.1, 3.2.2, 3.3, 3.3.1, 3.3.2, 3.3.3, 3.4 contain an uncontrolled search path vulnerability. A locally authenticated low privileged user could exploit this vulnerability to cause the loading of arbitrary DLLs by the SupportAssist binaries, resulting in the privileged execution of arbitrary code.

πŸ“– Read

via "National Vulnerability Database".
15:36
β€Ό CVE-2021-1618 β€Ό

Multiple vulnerabilities in the web-based management interface of Cisco Intersight Virtual Appliance could allow an authenticated, remote attacker to conduct a path traversal or command injection attack on an affected system. These vulnerabilities are due to insufficient input validation. An attacker could exploit these vulnerabilities by using the web-based management interface to do one or both of the following: Execute a command using crafted input Upload a file that has been altered using path traversal techniques A successful exploit could allow the attacker to read and write arbitrary files or execute arbitrary commands as root on an affected system. For more information about these vulnerabilities, see the Details section of this advisory.

πŸ“– Read

via "National Vulnerability Database".
15:36
β€Ό CVE-2021-26762 β€Ό

SQL injection vulnerability in PHPGurukul Student Record System 4.0 allows remote attackers to execute arbitrary SQL statements, via the cid parameter to edit-course.php.

πŸ“– Read

via "National Vulnerability Database".
15:36
β€Ό CVE-2021-1601 β€Ό

Multiple vulnerabilities in Cisco Intersight Virtual Appliance could allow an unauthenticated, adjacent attacker to access sensitive internal services from an external interface. These vulnerabilities are due to insufficient restrictions for IPv4 or IPv6 packets that are received on the external management interface. An attacker could exploit these vulnerabilities by sending specific traffic to this interface on an affected device. A successful exploit could allow the attacker to access sensitive internal services and make configuration changes on the affected device.

πŸ“– Read

via "National Vulnerability Database".
15:36
β€Ό CVE-2021-29657 β€Ό

arch/x86/kvm/svm/nested.c in the Linux kernel before 5.11.12 has a use-after-free in which an AMD KVM guest can bypass access control on host OS MSRs when there are nested guests, aka CID-a58d9166a756. This occurs because of a TOCTOU race condition associated with a VMCB12 double fetch in nested_svm_vmrun.

πŸ“– Read

via "National Vulnerability Database".
15:36
β€Ό CVE-2021-26764 β€Ό

SQL injection vulnerability in PHPGurukul Student Record System v 4.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to edit-std.php.

πŸ“– Read

via "National Vulnerability Database".
15:36
β€Ό CVE-2021-33478 β€Ό

The TrustZone implementation in certain Broadcom MediaxChange firmware could allow an unauthenticated, physically proximate attacker to achieve arbitrary code execution in the TrustZone Trusted Execution Environment (TEE) of an affected device. This, for example, affects certain Cisco IP Phone and Wireless IP Phone products before 2021-07-07. Exploitation is possible only when the attacker can disassemble the device in order to control the voltage/current for chip pins.

πŸ“– Read

via "National Vulnerability Database".
15:36
β€Ό CVE-2021-26229 β€Ό

SQL injection vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to edit_stud.php.

πŸ“– Read

via "National Vulnerability Database".
15:36
β€Ό CVE-2021-23897 β€Ό

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability. However, the number was once accidentally misused to refer to the vulnerability that has the proper number of CVE-2021-31830. Notes: none.

πŸ“– Read

via "National Vulnerability Database".
15:36
β€Ό CVE-2021-26230 β€Ό

Cross-site scripting (XSS) vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to inject arbitrary web script or HTML via the user information to save_user.php.

πŸ“– Read

via "National Vulnerability Database".
15:36
β€Ό CVE-2021-26227 β€Ό

Cross-site scripting (XSS) vulnerability in SourceCodester CASAP Automated Enrollment System v 1.0 allows remote attackers to inject arbitrary web script or HTML via the student information parameters to edit_stud.php.

πŸ“– Read

via "National Vulnerability Database".
15:36
β€Ό CVE-2021-1600 β€Ό

Multiple vulnerabilities in Cisco Intersight Virtual Appliance could allow an unauthenticated, adjacent attacker to access sensitive internal services from an external interface. These vulnerabilities are due to insufficient restrictions for IPv4 or IPv6 packets that are received on the external management interface. An attacker could exploit these vulnerabilities by sending specific traffic to this interface on an affected device. A successful exploit could allow the attacker to access sensitive internal services and make configuration changes on the affected device.

πŸ“– Read

via "National Vulnerability Database".
15:36
β€Ό CVE-2021-26765 β€Ό

SQL injection vulnerability in PHPGurukul Student Record System 4.0 allows remote attackers to execute arbitrary SQL statements, via the sid parameter to edit-sub.php.

πŸ“– Read

via "National Vulnerability Database".
15:36
β€Ό CVE-2021-1614 β€Ό

A vulnerability in the Multiprotocol Label Switching (MPLS) packet handling function of Cisco SD-WAN Software could allow an unauthenticated, remote attacker to gain access to information stored in MPLS buffer memory. This vulnerability is due to insufficient handling of malformed MPLS packets that are processed by a device that is running Cisco SD-WAN Software. An attacker could exploit this vulnerability by sending a crafted MPLS packet to an affected device that is running Cisco SD-WAN Software or Cisco SD-WAN vManage Software. A successful exploit could allow the attacker to gain unauthorized access to sensitive information.

πŸ“– Read

via "National Vulnerability Database".
15:36
β€Ό CVE-2021-1518 β€Ό

A vulnerability in the REST API of Cisco Firepower Device Manager (FDM) On-Box Software could allow an authenticated, remote attacker to execute arbitrary code on the underlying operating system of an affected device. This vulnerability is due to insufficient sanitization of user input on specific REST API commands. An attacker could exploit this vulnerability by sending a crafted HTTP request to the API subsystem of an affected device. A successful exploit could allow the attacker to execute arbitrary code on the underlying operating system. To exploit this vulnerability, an attacker would need valid low-privileged user credentials.

πŸ“– Read

via "National Vulnerability Database".
15:36
β€Ό CVE-2020-5370 β€Ό

Dell EMC OpenManage Enterprise (OME) versions prior to 3.4 contain an arbitrary file overwrite vulnerability. A remote authenticated malicious user with high privileges could potentially exploit this vulnerability to overwrite arbitrary files via directory traversal sequences using a crafted tar file to inject malicious RPMs which may cause a denial of service or perform unauthorized actions.

πŸ“– Read

via "National Vulnerability Database".
15:36
β€Ό CVE-2021-1617 β€Ό

Multiple vulnerabilities in the web-based management interface of Cisco Intersight Virtual Appliance could allow an authenticated, remote attacker to conduct a path traversal or command injection attack on an affected system. These vulnerabilities are due to insufficient input validation. An attacker could exploit these vulnerabilities by using the web-based management interface to do one or both of the following: Execute a command using crafted input Upload a file that has been altered using path traversal techniques A successful exploit could allow the attacker to read and write arbitrary files or execute arbitrary commands as root on an affected system. For more information about these vulnerabilities, see the Details section of this advisory.

πŸ“– Read

via "National Vulnerability Database".
15:36
β€Ό CVE-2021-37403 β€Ό

OX App Suite before 7.10.3-rev32 and 7.10.4 before 7.10.4-rev18 allows XSS via a code snippet (user-generated content) when a sharing link is created and an App Loader relative URL is used.

πŸ“– Read

via "National Vulnerability Database".
15:36
β€Ό CVE-2021-37402 β€Ό

OX App Suite before 7.10.3-rev32 and 7.10.4 before 7.10.4-rev18 allows XSS via binary data that is mishandled when the legacy dataretrieval endpoint has been enabled.

πŸ“– Read

via "National Vulnerability Database".
?
18:06
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
🦿 Kaseya obtains universal decryptor key for recent REvil ransomware attacks 🦿

A company spokesperson confirmed that the key works but won't reveal the source, saying only that it came from a trusted third party.

πŸ“– Read

via "Tech Republic".
18:14
❌ Critical Jira Flaw in Atlassian Could Lead to RCE ❌

The software-engineering platform is urging users to patch the critical flaw ASAP.

πŸ“– Read

via "Threat Post".
18:14
❌ Phish Swims Past Email Security With Milanote Pages ❌

The β€œEvernote for creatives” is anchoring a rapidly spiking phishing campaign, evading SEGs with ease.

πŸ“– Read

via "Threat Post".
?
18:44
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ FBI: Cybercriminals Eyeing Broadcast Disruption at Tokyo Olympics ❌

Expected cyberattacks on Tokyo Olympics likely include attempts to hijack video feeds, the Feds warn.

πŸ“– Read

via "Threat Post".
?
19:36
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-34262 β€Ό

A buffer overflow vulnerability in the USBH_ParseEPDesc() function of STMicroelectronics STM32Cube Middleware v1.8.0 and below allows attackers to execute arbitrary code.

πŸ“– Read

via "National Vulnerability Database".
19:36
β€Ό CVE-2021-34261 β€Ό

An issue in USBH_ParseCfgDesc() of STMicroelectronics STM32Cube Middleware v1.8.0 and below causes a denial of service due to the system hanging when trying to set a remote wake-up feature.

πŸ“– Read

via "National Vulnerability Database".
19:36
β€Ό CVE-2021-25211 β€Ό

Arbitrary file upload vulnerability in SourceCodester Ordering System v 1.0 allows attackers to execute arbitrary code, via the file upload to ordering\admin\products\edit.php.

πŸ“– Read

via "National Vulnerability Database".
19:36
β€Ό CVE-2021-34259 β€Ό

A buffer overflow vulnerability in the USBH_ParseCfgDesc() function of STMicroelectronics STM32Cube Middleware v1.8.0 and below allows attackers to execute arbitrary code.

πŸ“– Read

via "National Vulnerability Database".
19:36
β€Ό CVE-2021-34268 β€Ό

An issue in the USBH_ParseDevDesc() function of STMicroelectronics STM32Cube Middleware v1.8.0 and below causes a denial of service (DOS) via a malformed USB device packet.

πŸ“– Read

via "National Vulnerability Database".
19:36
β€Ό CVE-2021-25205 β€Ό

SQL injection vulnerability in SourceCodester E-Commerce Website V 1.0 allows remote attackers to execute arbitrary SQL statements, via the update parameter to empViewUpdate.php .

πŸ“– Read

via "National Vulnerability Database".
19:36
β€Ό CVE-2021-34260 β€Ό

A buffer overflow vulnerability in the USBH_ParseInterfaceDesc() function of STMicroelectronics STM32Cube Middleware v1.8.0 and below allows attackers to execute arbitrary code.

πŸ“– Read

via "National Vulnerability Database".
19:36
β€Ό CVE-2020-22284 β€Ό

A buffer overflow vulnerability in the zepif_linkoutput() function of Free Software Foundation lwIP git head version and version 2.1.2 allows attackers to access sensitive information via a crafted 6LoWPAN packet.

πŸ“– Read

via "National Vulnerability Database".
19:36
β€Ό CVE-2021-34267 β€Ό

An in the USBH_MSC_InterfaceInit() function of STMicroelectronics STM32Cube Middleware v1.8.0 and below causes a denial of service (DOS) when the system tries to communicate with the connected endpoint.

πŸ“– Read

via "National Vulnerability Database".
19:36
β€Ό CVE-2021-25213 β€Ό

SQL injection vulnerability in SourceCodester Travel Management System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the catid parameter to subcat.php.

πŸ“– Read

via "National Vulnerability Database".
19:36
β€Ό CVE-2020-22283 β€Ό

A buffer overflow vulnerability in the icmp6_send_response_with_addrs_and_netif() function of Free Software Foundation lwIP version git head allows attackers to access sensitive information via a crafted ICMPv6 packet.

πŸ“– Read

via "National Vulnerability Database".
19:36
β€Ό CVE-2021-25209 β€Ό

SQL injection vulnerability in SourceCodester Theme Park Ticketing System v 1.0 allows remote attackers to execute arbitrary SQL statements, via the id parameter to view_user.php .

πŸ“– Read

via "National Vulnerability Database".
23 July 2021
?
02:37
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-24036 β€Ό

Passing an attacker controlled size when creating an IOBuf could cause integer overflow, leading to an out of bounds write on the heap with the possibility of remote code execution. This issue affects versions of folly prior to v2021.07.22.00. This issue affects HHVM versions prior to 4.80.5, all versions between 4.81.0 and 4.102.1, all versions between 4.103.0 and 4.113.0, and versions 4.114.0, 4.115.0, 4.116.0, 4.117.0, 4.118.0 and 4.118.1.

πŸ“– Read

via "National Vulnerability Database".
?
09:37
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-26799 β€Ό

Cross Site Scripting (XSS) vulnerability in admin/files/edit in Omeka Classic <=2.7 allows remote attackers to inject arbitrary web script or HTML.

πŸ“– Read

via "National Vulnerability Database".
09:37
β€Ό CVE-2020-14032 β€Ό

ASRock 4x4 BOX-R1000 before BIOS P1.40 allows privilege escalation via code execution in the SMM.

πŸ“– Read

via "National Vulnerability Database".
09:45
❌ Kaseya Obtains Universal Decryptor for REvil Ransomware ❌

The vendor will work with customers affected by the early July spate of ransomware attacks to unlock files; it's unclear if the ransom was paid.

πŸ“– Read

via "Threat Post".
?
11:37
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2019-9983 β€Ό

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.

πŸ“– Read

via "National Vulnerability Database".
11:37
β€Ό CVE-2021-25207 β€Ό

Arbitrary file upload vulnerability in SourceCodester E-Commerce Website v 1.0 allows attackers to execute arbitrary code via the file upload to prodViewUpdate.php.

πŸ“– Read

via "National Vulnerability Database".
11:37
β€Ό CVE-2021-20333 β€Ό

Sending specially crafted commands to a MongoDB Server may result in artificial log entries being generated or for log entries to be split. This issue affects MongoDB Server v3.6 versions prior to 3.6.20; MongoDB Server v4.0 versions prior to 4.0.21; MongoDB Server v4.2 versions prior to 4.2.10;

πŸ“– Read

via "National Vulnerability Database".
?
13:45
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ FIN7’s Liquor Lure Compromises Law Firm with Backdoor ❌

Using a lure relating to a lawsuit against the owner of Jack Daniels whiskey, the cybergang launched a campaign that may be bent on ransomware deployment.

πŸ“– Read

via "Threat Post".
13:57
⚠ US court gets UK Twitter hack suspect arrested in Spain ⚠

O, what a tangled web we weave/When first we practise to deceive!

πŸ“– Read

via "Naked Security".
13:57
⚠ S3 Ep42: Viruses, Nightmares, patches, rewards and scammers [Podcast] ⚠

Latest episode - listen now!

πŸ“– Read

via "Naked Security".
?
15:06
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
🦿 How DuckDuckGo makes money selling search, not privacy 🦿

Commentary: DuckDuckGo is small by Google's standards, but the company is proving it's very possible to make a lot of money with just a bit more privacy.

πŸ“– Read

via "Tech Republic".
?
15:37
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-23412 β€Ό

All versions of package gitlogplus are vulnerable to Command Injection via the main functionality, as options attributes are appended to the command to be executed without sanitization.

πŸ“– Read

via "National Vulnerability Database".
?
16:15
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ 5 Steps to Improving Ransomware Resiliency ❌

Alex Restrepo, cybersecurity researcher at Veritas, lays out the key concepts that organizations should be paying attention to now and implementing today.

πŸ“– Read

via "Threat Post".
16:30
πŸ›  Logwatch 7.5.6 πŸ› 

Logwatch analyzes and reports on unix system logs. It is a customizable and pluggable log monitoring system which will go through the logs for a given period of time and make a customizable report. It should work right out of the package on most systems.

πŸ“– Read

via "Packet Storm Security".
?
17:11
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
πŸ•΄ Biden Administration Responds to Geopolitical Cyber Threats πŸ•΄

In response to growing concerns regarding the recent uptick in large-scale, nation-state-backed ransomware attacks on critical infrastructure, the Biden administration is taking new action to tackle the evolving challenges posed by ransomware attacks.

πŸ“– Read

via "Dark Reading".
?
17:37
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-25790 β€Ό

Multiple stored cross site scripting (XSS) vulnerabilities in the "Register" module of House Rental and Property Listing 1.0 allows authenticated attackers to execute arbitrary web scripts or HTML via crafted payloads in all text fields except for Phone Number and Alternate Phone Number.

πŸ“– Read

via "National Vulnerability Database".
17:37
β€Ό CVE-2021-25791 β€Ό

Multiple stored cross site scripting (XSS) vulnerabilities in the "Update Profile" module of Online Doctor Appointment System 1.0 allows authenticated attackers to execute arbitrary web scripts or HTML via crafted payloads in the First Name, Last Name, and Address text fields.

πŸ“– Read

via "National Vulnerability Database".
?
19:15
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ Discord CDN and API Abuses Drive Wave of Malware Detections ❌

Targets of Discord malware expand far beyond gamers.

πŸ“– Read

via "Threat Post".
?
19:37
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-25809 β€Ό

UCMS 1.5.0 was discovered to contain a physical path leakage via an error message returned by the adminchannelscache() function in top.php.

πŸ“– Read

via "National Vulnerability Database".
19:37
β€Ό CVE-2021-25808 β€Ό

A code injection vulnerability in backup/plugin.php of Bludit 3.13.1 allows attackers to execute arbitrary code via a crafted ZIP file.

πŸ“– Read

via "National Vulnerability Database".
19:37
β€Ό CVE-2020-20741 β€Ό

Incorrect Access Control in Beckhoff Automation GmbH & Co. KG CX9020 with firmware version CX9020_CB3011_WEC7_HPS_v602_TC31_B4016.6 allows remote attackers to bypass authentication via the "CE Remote Display Tool" as it does not close the incoming connection on the Windows CE side if the credentials are incorrect.

πŸ“– Read

via "National Vulnerability Database".
19:37
β€Ό CVE-2021-3169 β€Ό

An issue in Jumpserver 2.6.2 and below allows attackers to create a connection token through an API which does not have access control and use it to access sensitive assets.

πŸ“– Read

via "National Vulnerability Database".
24 July 2021
?
21:39
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-37436 β€Ό

Amazon Echo Dot devices through 2021-07-02 sometimes allow attackers, who have physical access to a device after a factory reset, to obtain sensitive information via a series of complex hardware and software attacks. NOTE: reportedly, there were vendor marketing statements about safely removing personal content via a factory reset. Also, the vendor has reportedly indicated that they are working on mitigations.

πŸ“– Read

via "National Vulnerability Database".
25 July 2021
?
11:39
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-23413 β€Ό

This affects the package jszip before 3.7.0. Crafting a new zip file with filenames set to Object prototype values (e.g __proto__, toString, etc) results in a returned object with a modified prototype instance.

πŸ“– Read

via "National Vulnerability Database".
?
13:40
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-3663 β€Ό

firefly-iii is vulnerable to Improper Restriction of Excessive Authentication Attempts

πŸ“– Read

via "National Vulnerability Database".
?
21:40
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-37447 β€Ό

In NCH Quorum v2.03 and earlier, an authenticated user can use directory traversal via documentdelete?file=/.. for file deletion.

πŸ“– Read

via "National Vulnerability Database".
21:40
β€Ό CVE-2021-37441 β€Ό

NCH Axon PBX v2.22 and earlier allows path traversal for file deletion via the logdelete?file=/.. substring.

πŸ“– Read

via "National Vulnerability Database".
21:40
β€Ό CVE-2021-37442 β€Ό

NCH IVM Attendant v5.12 and earlier allows path traversal via viewfile?file=/.. to read files.

πŸ“– Read

via "National Vulnerability Database".
21:40
β€Ό CVE-2021-37445 β€Ό

In NCH Quorum v2.03 and earlier, an authenticated user can use directory traversal via logprop?file=/.. for file reading.

πŸ“– Read

via "National Vulnerability Database".
21:40
β€Ό CVE-2021-37440 β€Ό

NCH Axon PBX v2.22 and earlier allows path traversal for file disclosure via the logprop?file=/.. substring.

πŸ“– Read

via "National Vulnerability Database".
21:40
β€Ό CVE-2021-37446 β€Ό

In NCH Quorum v2.03 and earlier, an authenticated user can use directory traversal via documentprop?file=/.. for file reading.

πŸ“– Read

via "National Vulnerability Database".
21:40
β€Ό CVE-2021-37448 β€Ό

Cross Site Scripting (XSS) exists in NCH IVM Attendant v5.12 and earlier via the Mailbox name (stored).

πŸ“– Read

via "National Vulnerability Database".
21:40
β€Ό CVE-2021-37439 β€Ό

NCH FlexiServer v6.00 suffers from a syslog?file=/.. path traversal vulnerability.

πŸ“– Read

via "National Vulnerability Database".
21:40
β€Ό CVE-2021-37443 β€Ό

NCH IVM Attendant v5.12 and earlier allows path traversal via the logdeleteselected check0 parameter for file deletion.

πŸ“– Read

via "National Vulnerability Database".
21:40
β€Ό CVE-2021-37449 β€Ό

Cross Site Scripting (XSS) exists in NCH IVM Attendant v5.12 and earlier via /ogmlist?folder= (reflected).

πŸ“– Read

via "National Vulnerability Database".
21:40
β€Ό CVE-2021-37444 β€Ό

NCH IVM Attendant v5.12 and earlier suffers from a directory traversal weakness upon uploading plugins in a ZIP archive. This can lead to code execution if a ZIP element's pathname is set to a Windows startup folder, a file for the inbuilt Out-Going Message function, or a file for the the inbuilt Autodial function.

πŸ“– Read

via "National Vulnerability Database".
26 July 2021
?
07:41
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-36092 β€Ό

It's possible to create an email which contains specially crafted link and it can be used to perform XSS attack. This issue affects: OTRS AG ((OTRS)) Community Edition:6.0.x version 6.0.1 and later versions. OTRS AG OTRS: 7.0.x version 7.0.27 and prior versions; 8.0.x version 8.0.14 and prior versions.

πŸ“– Read

via "National Vulnerability Database".
07:41
β€Ό CVE-2021-33900 β€Ό

While investigating DIRSTUDIO-1219 it was noticed that configured StartTLS encryption was not applied when any SASL authentication mechanism (DIGEST-MD5, GSSAPI) was used. While investigating DIRSTUDIO-1220 it was noticed that any configured SASL confidentiality layer was not applied. This issue affects Apache Directory Studio version 2.0.0.v20210213-M16 and prior versions.

πŸ“– Read

via "National Vulnerability Database".
07:41
β€Ό CVE-2021-21440 β€Ό

Generated Support Bundles contains private S/MIME and PGP keys if containing folder is not hidden. This issue affects: OTRS AG ((OTRS)) Community Edition 6.0.x version 6.0.1 and later versions. OTRS AG OTRS 7.0.x version 7.0.27 and prior versions; 8.0.x version 8.0.14 and prior versions.

πŸ“– Read

via "National Vulnerability Database".
07:41
β€Ό CVE-2021-21443 β€Ό

Agents are able to list customer user emails without required permissions in the bulk action screen. This issue affects: OTRS AG ((OTRS)) Community Edition: 6.0.x version 6.0.1 and later versions. OTRS AG OTRS: 7.0.x versions prior to 7.0.27.

πŸ“– Read

via "National Vulnerability Database".
07:41
β€Ό CVE-2021-21442 β€Ό

In the project create screen it's possible to inject malicious JS code to the certain fields. The code might be executed in the Reporting screen. This issue affects: OTRS AG Time Accounting: 7.0.x versions prior to 7.0.19.

πŸ“– Read

via "National Vulnerability Database".
07:41
β€Ό CVE-2021-36091 β€Ό

Agents are able to list appointments in the calendars without required permissions. This issue affects: OTRS AG ((OTRS)) Community Edition: 6.0.x version 6.0.1 and later versions. OTRS AG OTRS: 7.0.x versions prior to 7.0.27.

πŸ“– Read

via "National Vulnerability Database".
?
10:17
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ The True Impact of Ransomware Attacks ❌

Keeper’s research reveals that in addition to knocking systems offline, ransomware attacks degrade productivity, cause organizations to incur significant indirect costs, and mar their reputations.

πŸ“– Read

via "Threat Post".
?
11:11
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-29766 β€Ό

IBM i2 Analyst's Notebook Premium (IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2) could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 202680.

πŸ“– Read

via "National Vulnerability Database".
11:11
β€Ό CVE-2021-29770 β€Ό

IBM i2 Analyst's Notebook Premium (IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2) could allow an authenticated user to perform unauthorized actions due to hazardous input validation. IBM X-Force ID: 202771.

πŸ“– Read

via "National Vulnerability Database".
11:11
β€Ό CVE-2021-3664 β€Ό

url-parse is vulnerable to URL Redirection to Untrusted Site

πŸ“– Read

via "National Vulnerability Database".
11:11
β€Ό CVE-2021-20431 β€Ό

IBM i2 Analyst's Notebook Premium 9.2.0, 9.2.1, and 9.2.2 does not invalidate session after logout which could allow an an attacker to obtain sensitive information from the system. IBM X-Force ID: 196342.

πŸ“– Read

via "National Vulnerability Database".
11:11
β€Ό CVE-2021-20560 β€Ό

IBM Sterling Connect:Direct Browser User Interface 1.4.1.1 and 1.5.0.2 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 199229.

πŸ“– Read

via "National Vulnerability Database".
11:11
β€Ό CVE-2021-35030 β€Ό

A vulnerability was found in the CGI program in Zyxel GS1900-8 firmware version V2.60, that did not properly sterilize packet contents and could allow an authenticated, local user to perform a cross-site scripting (XSS) attack via a crafted LLDP packet.

πŸ“– Read

via "National Vulnerability Database".
11:11
β€Ό CVE-2021-29784 β€Ό

IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 203168.

πŸ“– Read

via "National Vulnerability Database".
11:11
β€Ό CVE-2021-29767 β€Ό

IBM i2 Analyst's Notebook Premium 9.2.0, 9.2.1, and 9.2.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 202681.

πŸ“– Read

via "National Vulnerability Database".
11:11
β€Ό CVE-2021-20430 β€Ό

IBM i2 Analyst's Notebook Premium (IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2) could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 196341.

πŸ“– Read

via "National Vulnerability Database".
11:11
β€Ό CVE-2021-26824 β€Ό

DM FingerTool v1.19 in the DM PD065 Secure USB is susceptible to improper authentication by a replay attack, allowing local attackers to bypass user authentication and access all features and data on the USB.

πŸ“– Read

via "National Vulnerability Database".
11:11
β€Ό CVE-2020-12681 β€Ό

Missing TLS certificate validation on 3xLogic Infinias eIDC32 devices through 3.4.125 allows an attacker to intercept/control the channel by which door lock policies are applied.

πŸ“– Read

via "National Vulnerability Database".
11:11
β€Ό CVE-2020-4623 β€Ό

IBM i2 iBase 8.9.13 could allow a local authenticated attacker to execute arbitrary code on the system, caused by a DLL search order hijacking flaw. By using a specially-crafted .DLL file, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 184984.

πŸ“– Read

via "National Vulnerability Database".
11:11
β€Ό CVE-2021-22144 β€Ό

In Elasticsearch versions before 7.13.3 and 6.8.17 an uncontrolled recursion vulnerability that could lead to a denial of service attack was identified in the Elasticsearch Grok parser. A user with the ability to submit arbitrary queries to Elasticsearch could create a malicious Grok query that will crash the Elasticsearch node.

πŸ“– Read

via "National Vulnerability Database".
11:11
β€Ό CVE-2021-29769 β€Ό

IBM i2 Analyst's Notebook Premium (IBM i2 Analyze 4.3.0, 4.3.1, and 4.3.2) does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 202769.

πŸ“– Read

via "National Vulnerability Database".
11:11
β€Ό CVE-2021-20337 β€Ό

IBM QRadar SIEM 7.3.0 to 7.3.3 Patch 8 and 7.4.0 to 7.4.3 GA uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 194448.

πŸ“– Read

via "National Vulnerability Database".
?
12:17
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ Malware Makers Using β€˜Exotic’ Programming Languages ❌

Sprechen Sie Rust? Polyglot malware authors are increasingly using obscure programming languages to evade detection.

πŸ“– Read

via "Threat Post".
?
13:11
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-33629 β€Ό

isula-build before 0.9.5-8 can cause a program crash, when building container images, some functions for processing external data do not remove spaces when processing data.

πŸ“– Read

via "National Vulnerability Database".
13:11
β€Ό CVE-2021-37534 β€Ό

app/View/GalaxyClusters/add.ctp in MISP 2.4.146 allows Stored XSS when forking a galaxy cluster.

πŸ“– Read

via "National Vulnerability Database".
?
14:08
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
🦿 Deepfakes: Microsoft and others in Big Tech are working to bring authenticity to videos, photos 🦿

If you want people to trust the photos and videos your business puts out, it might be time to start learning how to prove they haven't been tampered with.

πŸ“– Read

via "Tech Republic".
?
15:11
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-32790 β€Ό

Woocommerce is an open source eCommerce plugin for WordPress. An SQL injection vulnerability impacts all WooCommerce sites running the WooCommerce plugin between version 3.3.0 and 3.3.6. Malicious actors (already) having admin access, or API keys to the WooCommerce site can exploit vulnerable endpoints of `/wp-json/wc/v3/webhooks`, `/wp-json/wc/v2/webhooks` and other webhook listing API. Read-only SQL queries can be executed using this exploit, while data will not be returned, by carefully crafting `search` parameter information can be disclosed using timing and related attacks. Version 3.3.6 is the earliest version of Woocommerce with a patch for this vulnerability. There are no known workarounds other than upgrading.

πŸ“– Read

via "National Vulnerability Database".
15:11
β€Ό CVE-2021-32791 β€Ό

mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. In mod_auth_openidc before version 2.4.9, the AES GCM encryption in mod_auth_openidc uses a static IV and AAD. It is important to fix because this creates a static nonce and since aes-gcm is a stream cipher, this can lead to known cryptographic issues, since the same key is being reused. From 2.4.9 onwards this has been patched to use dynamic values through usage of cjose AES encryption routines.

πŸ“– Read

via "National Vulnerability Database".
15:11
β€Ό CVE-2021-32789 β€Ό

woocommerce-gutenberg-products-block is a feature plugin for WooCommerce Gutenberg Blocks. An SQL injection vulnerability impacts all WooCommerce sites running the WooCommerce Blocks feature plugin between version 2.5.0 and prior to version 2.5.16. Via a carefully crafted URL, an exploit can be executed against the `wc/store/products/collection-data?calculate_attribute_counts[][taxonomy]` endpoint that allows the execution of a read only sql query. There are patches for many versions of this package, starting with version 2.5.16. There are no known workarounds aside from upgrading.

πŸ“– Read

via "National Vulnerability Database".
15:11
β€Ό CVE-2021-25802 β€Ό

A buffer overflow vulnerability in the AVI_ExtractSubtitle component of VideoLAN VLC Media Player 3.0.11 allows attackers to cause an out-of-bounds read via a crafted .avi file.

πŸ“– Read

via "National Vulnerability Database".
15:11
β€Ό CVE-2021-25803 β€Ό

A buffer overflow vulnerability in the vlc_input_attachment_New component of VideoLAN VLC Media Player 3.0.11 allows attackers to cause an out-of-bounds read via a crafted .avi file.

πŸ“– Read

via "National Vulnerability Database".
15:11
β€Ό CVE-2021-32631 β€Ό

Common is a package of common modules that can be accessed by NIMBLE services. Common before commit number 3b96cb0293d3443b870351945f41d7d55cb34b53 did not properly verify the signature of JSON Web Tokens. This allows someone to forge a valid JWT. Being able to forge JWTs may lead to authentication bypasses. Commit number 3b96cb0293d3443b870351945f41d7d55cb34b53 contains a patch for the issue. As a workaround, one may use the parseClaimsJws method to correctly verify the signature of a JWT.

πŸ“– Read

via "National Vulnerability Database".
15:11
β€Ό CVE-2021-31292 β€Ό

An integer overflow in CrwMap::encode0x1810 of Exiv2 0.27.3 allows attackers to trigger a heap-based buffer overflow and cause a denial of service (DOS) via crafted metadata.

πŸ“– Read

via "National Vulnerability Database".
15:11
β€Ό CVE-2021-25804 β€Ό

A NULL-pointer dereference in "Open" in avi.c of VideoLAN VLC Media Player 3.0.11 can a denial of service (DOS) in the application.

πŸ“– Read

via "National Vulnerability Database".
15:11
β€Ό CVE-2021-25801 β€Ό

A buffer overflow vulnerability in the __Parse_indx component of VideoLAN VLC Media Player 3.0.11 allows attackers to cause an out-of-bounds read via a crafted .avi file.

πŸ“– Read

via "National Vulnerability Database".
15:11
β€Ό CVE-2021-32792 β€Ό

mod_auth_openidc is an authentication/authorization module for the Apache 2.x HTTP server that functions as an OpenID Connect Relying Party, authenticating users against an OpenID Connect Provider. In mod_auth_openidc before version 2.4.9, there is an XSS vulnerability in when using `OIDCPreservePost On`.

πŸ“– Read

via "National Vulnerability Database".
15:11
β€Ό CVE-2021-31291 β€Ό

A heap-based buffer overflow vulnerability in jp2image.cpp of Exiv2 0.27.3 allows attackers to cause a denial of service (DOS) via crafted metadata.

πŸ“– Read

via "National Vulnerability Database".
?
15:50
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
πŸ” Ransomware Prevention Site Saves Users $1 Billion πŸ”

Five years after its inception, No More Ransom, the collaborative effort formed to combat ransomware attackers, has logged some impressive numbers.

πŸ“– Read

via "".
?
16:47
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ Microsoft Rushes Fix for β€˜PetitPotam’ Attack PoC ❌

Microsoft releases mitigations for a Windows NT LAN Manager exploit that forces remote Windows systems to reveal password hashes that can be easily cracked.

πŸ“– Read

via "Threat Post".
?
17:11
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-36563 β€Ό

The CheckMK management web console (versions 1.5.0 to 2.0.0) does not sanitise user input in various parameters of the WATO module. This allows an attacker to open a backdoor on the device with HTML content and interpreted by the browser (such as JavaScript or other client-side scripts), the XSS payload will be triggered when the user accesses some specific sections of the application. In the same sense a very dangerous potential way would be when an attacker who has the monitor role (not administrator) manages to get a stored XSS to steal the secretAutomation (for the use of the API in administrator mode) and thus be able to create another administrator user who has high privileges on the CheckMK monitoring web console. Another way is that persistent XSS allows an attacker to modify the displayed content or change the victim's information. Successful exploitation requires access to the web management interface, either with valid credentials or with a hijacked session.

πŸ“– Read

via "National Vulnerability Database".
17:11
β€Ό CVE-2021-37394 β€Ό

In RPCMS v1.8 and below, attackers can interact with API and change variable "role" to "admin" to achieve admin user registration.

πŸ“– Read

via "National Vulnerability Database".
17:11
β€Ό CVE-2021-37392 β€Ό

In RPCMS v1.8 and below, the "nickname" variable is not properly sanitized before being displayed on page. When the API functions are enabled, the attacker can use API to update user nickname with XSS payload and achieve stored XSS. Users who view the articles published by the injected user will trigger the XSS.

πŸ“– Read

via "National Vulnerability Database".
17:11
β€Ό CVE-2021-32794 β€Ό

ArchiSteamFarm is a C# application with primary purpose of idling Steam cards from multiple accounts simultaneously. Due to a bug in ASF code `POST /Api/ASF` ASF API endpoint responsible for updating global ASF config incorrectly removed `IPCPassword` from the resulting config when the caller did not specify it explicitly. Due to the above, it was possible for the user to accidentally remove `IPCPassword` security measure from his IPC interface when updating global ASF config, which exists as part of global config update functionality in ASF-ui. Removal of `IPCPassword` possesses a security risk, as unauthorized users may in result access the IPC interface after such modification. The issue is patched in ASF V5.1.2.4 and future versions. We recommend to manually verify that `IPCPassword` is specified after update, and if not, set it accordingly. In default settings, ASF is configured to allow IPC access from `localhost` only and should not affect majority of users.

πŸ“– Read

via "National Vulnerability Database".
17:11
β€Ό CVE-2021-37393 β€Ό

In RPCMS v1.8 and below, the "nickname" variable is not properly sanitized before being displayed on page. Attacker can use "update password" function to inject XSS payloads into nickname variable, and achieve stored XSS. Users who view the articles published by the injected user will trigger the XSS.

πŸ“– Read

via "National Vulnerability Database".
17:11
β€Ό CVE-2021-37473 β€Ό

In NavigateCMS version 2.9.4 and below, function in `product.php` is vulnerable to sql injection on parameter `products-order` through a post request, which results in arbitrary sql query execution in the backend database.

πŸ“– Read

via "National Vulnerability Database".
17:11
β€Ό CVE-2021-37476 β€Ό

In NavigateCMS version 2.9.4 and below, function in `product.php` is vulnerable to sql injection on parameter `id` through a post request, which results in arbitrary sql query execution in the backend database.

πŸ“– Read

via "National Vulnerability Database".
17:11
β€Ό CVE-2021-37475 β€Ό

In NavigateCMS version 2.9.4 and below, function in `templates.php` is vulnerable to sql injection on parameter `template-properties-order`, which results in arbitrary sql query execution in the backend database.

πŸ“– Read

via "National Vulnerability Database".
17:11
β€Ό CVE-2021-37477 β€Ό

In NavigateCMS version 2.9.4 and below, function in `structure.php` is vulnerable to sql injection on parameter `children_order`, which results in arbitrary sql query execution in the backend database.

πŸ“– Read

via "National Vulnerability Database".
17:11
β€Ό CVE-2021-37478 β€Ό

In NavigateCMS version 2.9.4 and below, function `block` is vulnerable to sql injection on parameter `block-order`, which results in arbitrary sql query execution in the backend database.

πŸ“– Read

via "National Vulnerability Database".
?
18:17
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ Babuk Ransomware Gang Ransomed, New Forum Stuffed With Porn ❌

A comment spammer flooded Babuk’s new ransomware forum with gay orgy porn GIFs and demanded $5K in bitcoin.

πŸ“– Read

via "Threat Post".
?
19:11
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2020-17952 β€Ό

A remote code execution (RCE) vulnerability in /library/think/App.php of Twothink v2.0 allows attackers to execute arbitrary PHP code.

πŸ“– Read

via "National Vulnerability Database".
19:11
β€Ό CVE-2020-18171 β€Ό

TechSmith Snagit 19.1.0.2653 uses Object Linking and Embedding (OLE) which can allow attackers to obfuscate and embed crafted files used to escalate privileges.

πŸ“– Read

via "National Vulnerability Database".
19:11
β€Ό CVE-2021-37555 β€Ό

TX9 Automatic Food Dispenser v3.2.57 devices allow access to a shell as root/superuser, a related issue to CVE-2019-16734. To connect, the telnet service is used on port 23 with the default password of 059AnkJ for the root account. The user can then download the filesystem through preinstalled BusyBox utilities (e.g., tar and nc).

πŸ“– Read

via "National Vulnerability Database".
19:11
β€Ό CVE-2020-18173 β€Ό

A DLL injection vulnerability in 1password.dll of 1Password 7.3.712 allows attackers to execute arbitrary code.

πŸ“– Read

via "National Vulnerability Database".
19:11
β€Ό CVE-2020-23242 β€Ό

Cross Site Scripting (XSS) vulnerability in NavigateCMS 2.9 when performing a Create or Edit via the Tools feature.

πŸ“– Read

via "National Vulnerability Database".
19:11
β€Ό CVE-2020-23238 β€Ό

Cross Site Scripting (XSS) vulnerability in Evolution CMS 2.0.2 via the Document Manager feature.

πŸ“– Read

via "National Vulnerability Database".
19:11
β€Ό CVE-2020-18172 β€Ό

A code injection vulnerability in the SeDebugPrivilege component of Trezor Bridge 2.0.27 allows attackers to escalate privileges.

πŸ“– Read

via "National Vulnerability Database".
19:11
β€Ό CVE-2020-18170 β€Ό

An issue in the SeChangeNotifyPrivilege component of Abloy Key Manager Version 7.14301.0.0 allows attackers to escalate privileges via a change in permissions.

πŸ“– Read

via "National Vulnerability Database".
19:11
β€Ό CVE-2020-18169 β€Ό

A vulnerability in the Windows installer XML (WiX) toolset of TechSmith Snagit 19.1.1.2860 allows attackers to escalate privileges.

πŸ“– Read

via "National Vulnerability Database".
19:11
β€Ό CVE-2020-18174 β€Ό

A process injection vulnerability in setup.exe of AutoHotkey 1.1.32.00 allows attackers to escalate privileges.

πŸ“– Read

via "National Vulnerability Database".
19:11
β€Ό CVE-2021-32795 β€Ό

ArchiSteamFarm is a C# application with primary purpose of idling Steam cards from multiple accounts simultaneously. In versions prior to 4.3.1.0 a Denial of Service (aka DoS) vulnerability which allows attacker to remotely crash running ASF instance through sending a specifically-crafted Steam chat message exists. The user sending the message does not need to be authorized within the bot or ASF process. The attacker needs to know ASF's `CommandPrefix` in advance, but majority of ASF setups run with an unchanged default value. This attack does not allow attacker to gain any potentially-sensitive information, such as logins or passwords, does not allow to execute arbitrary commands and otherwise exploit the crash further. The issue is patched in ASF V4.3.1.0. The only workaround which guarantees complete protection is running all bots with `OnlineStatus` of `0` (Offline). In this setup, ASF is able to ignore even the specifically-crafted message without attempting to interpret it.

πŸ“– Read

via "National Vulnerability Database".
19:11
β€Ό CVE-2020-23243 β€Ό

Cross Site Scripting (XSS) vulnerability in NavigateCMS NavigateCMS 2.9 via the name="wrong_path_redirect" feature.

πŸ“– Read

via "National Vulnerability Database".
19:11
β€Ό CVE-2020-23240 β€Ό

Cross Site Scripting (XSS) vulnerablity in CMS Made Simple 2.2.14 via the Logic field in the Content Manager feature.

πŸ“– Read

via "National Vulnerability Database".
19:11
β€Ό CVE-2020-23241 β€Ό

Cross Site Scripting (XSS) vulnerability in CMS Made Simple 2.2.14 in "Extra" via 'News > Article" feature.

πŸ“– Read

via "National Vulnerability Database".
19:11
β€Ό CVE-2020-23239 β€Ό

Cross Site Scripting (XSS) vulnerability in Textpattern CMS 4.8.1 via Custom fields in the Menu Preferences feature.

πŸ“– Read

via "National Vulnerability Database".
19:12
β€Ό CVE-2020-23234 β€Ό

Cross Site Scripting (XSS) vulnerabiity exists in LavaLite CMS 5.8.0 via the Menu Blocks feature, which can be bypassed by using HTML event handlers, such as "ontoggle,".

πŸ“– Read

via "National Vulnerability Database".
19:17
❌ Podcast: IoT Piranhas Are Swarming Industrial Controls ❌

Enormous botnets of IoT devices are going after decades-old legacy systems that are rife in systems that control crucial infrastructure.

πŸ“– Read

via "Threat Post".
?
21:11
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-37576 β€Ό

arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e.

πŸ“– Read

via "National Vulnerability Database".
21:11
β€Ό CVE-2020-18428 β€Ό

tinyexr commit 0.9.5 was discovered to contain an array index error in the tinyexr::SaveEXR component, which can lead to a denial of service (DOS).

πŸ“– Read

via "National Vulnerability Database".
21:11
β€Ό CVE-2020-18430 β€Ό

tinyexr 0.9.5 was discovered to contain an array index error in the tinyexr::DecodeEXRImage component, which can lead to a denial of service (DOS).

πŸ“– Read

via "National Vulnerability Database".
?
21:58
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
⚠ Windows β€œPetitPotam” network attack – how to protect against it ⚠

A cute name but an annoying and potentially damaging attack. Here's what to do.

πŸ“– Read

via "Naked Security".
27 July 2021
?
10:48
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ Apple Patches Actively Exploited Zero-Day in iOS, MacOS ❌

Company urges iPhone, iPad and Mac users to install updates to fix a critical memory corruption flaw that can allow for attackers to take over a system.

πŸ“– Read

via "Threat Post".
10:58
⚠ Apple emergency zero-day fix for iPhones and Macs – get it now! ⚠

You're probably expecting us to say, "Patch early, patch often." And that is EXACTLY what we're saying!

πŸ“– Read

via "Naked Security".
11:12
β€Ό CVE-2021-20399 β€Ό

IBM Qradar SIEM 7.3.0 to 7.3.3 Patch 8 and 7.4.0 to 7.4.3 GA is vulnerable to an XML External Entity Injection (XXE) attack when processing XML data. A remote attacker could exploit this vulnerability to expose sensitive information or consume memory resources. IBM X-Force ID: 196073.

πŸ“– Read

via "National Vulnerability Database".
11:12
β€Ό CVE-2021-20562 β€Ό

IBM Sterling B2B Integrator Standard Edition 5.2.0.0 through 5.2.6.5_3 and 6.1.0.0 through 6.1.0.2 vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 199232.

πŸ“– Read

via "National Vulnerability Database".
?
12:48
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ Three Zero-Day Bugs Plague Kaseya Unitrends Backup Servers ❌

The unpatched flaws include RCE and authenticated privilege escalation on the client-side: Just the latest woe for the ransomware-walloped MSP.

πŸ“– Read

via "Threat Post".
?
14:48
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ Zimbra Server Bugs Could Lead to Email Plundering ❌

Two bugs, now patched except in older versions, could be chained to allow attackers to hijack Zimbra server by simply sending a malicious email.

πŸ“– Read

via "Threat Post".
?
15:12
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-34432 β€Ό

In Eclipse Mosquitto versions 2.07 and earlier, the server will crash if the client tries to send a PUBLISH packet with topic length = 0.

πŸ“– Read

via "National Vulnerability Database".
?
15:50
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
πŸ” New Microsoft Teams Integration Provides Visibility, Controls to Prevent Data Loss πŸ”

Digital Guardian's integration with Microsoft Teams allows organizations to reduce the risk of data loss without hampering productivity.

πŸ“– Read

via "".
?
18:08
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
🦿 Frequently asked questions on Extended Detection and Response 🦿

This article answers a few of the more common questions from those who are trying to figure out the XDR space.

πŸ“– Read

via "Tech Republic".
18:18
❌ No More Ransom Saves Victims Nearly €1 Over 5 Years ❌

No More Ransom is collecting decryptors so ransomware victims don’t have to pay to get their data back and attackers don’t get rich.

πŸ“– Read

via "Threat Post".
?
19:12
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-32748 β€Ό

Nextcloud Richdocuments in an open source self hosted online office. Nextcloud uses the WOPI ("Web Application Open Platform Interface") protocol to communicate with the Collabora Editor, the communication between these two services was not protected by a credentials or IP check. Whilst this does not result in gaining access to data that the user has not yet access to, it can result in a bypass of any enforced watermark on documents as described on the [Nextcloud Virtual Data Room](https://nextcloud.com/virtual-data-room/) website and [our documentation](https://portal.nextcloud.com/article/nextcloud-and-virtual-data-room-configuration-59.html). The Nextcloud Richdocuments releases 3.8.3 and 4.2.0 add an additional admin settings for an allowlist of IP addresses that can access the WOPI API. We recommend upgrading and configuring the allowlist to a list of Collabora servers. There is no known workaround. Note that this primarily results a bypass of any configured watermark or download protection using File Access Control. If you do not require or rely on these as a security feature no immediate action is required on your end.

πŸ“– Read

via "National Vulnerability Database".
?
21:12
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-32796 β€Ό

xmldom is an open source pure JavaScript W3C standard-based (XML DOM Level 2 Core) DOMParser and XMLSerializer module. xmldom versions 0.6.0 and older do not correctly escape special characters when serializing elements removed from their ancestor. This may lead to unexpected syntactic changes during XML processing in some downstream applications. This issue has been resolved in version 0.7.0. As a workaround downstream applications can validate the input and reject the maliciously crafted documents.

πŸ“– Read

via "National Vulnerability Database".
21:12
β€Ό CVE-2021-32788 β€Ό

Discourse is an open source discussion platform. In versions prior to 2.7.7 there are two bugs which led to the post creator of a whisper post being revealed to non-staff users. 1: Staff users that creates a whisper post in a personal message is revealed to non-staff participants of the personal message even though the whisper post cannot be seen by them. 2: When a whisper post is before the last post in a post stream, deleting the last post will result in the creator of the whisper post to be revealed to non-staff users as the last poster of the topic.

πŸ“– Read

via "National Vulnerability Database".
28 July 2021
?
07:13
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-23414 β€Ό

This affects the package video.js before 7.14.3. The src attribute of track tag allows to bypass HTML escaping and execute arbitrary code.

πŸ“– Read

via "National Vulnerability Database".
?
08:18
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ Podcast: Why Securing Active Directory Is a Nightmare ❌

Researchers preview work to be presented at Black Hat on how AD β€œmisconfiguration debt” lays out a dizzying array of attack paths, such as in PetitPotam.

πŸ“– Read

via "Threat Post".
?
09:13
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-32000 β€Ό

A UNIX Symbolic Link (Symlink) Following vulnerability in the clone-master-clean-up.sh script of clone-master-clean-up in SUSE Linux Enterprise Server 12 SP3, SUSE Linux Enterprise Server 15 SP1; openSUSE Factory allows local attackers to delete arbitrary files. This issue affects: SUSE Linux Enterprise Server 12 SP3 clone-master-clean-up version 1.6-4.6.1 and prior versions. SUSE Linux Enterprise Server 15 SP1 clone-master-clean-up version 1.6-3.9.1 and prior versions. openSUSE Factory clone-master-clean-up version 1.6-1.4 and prior versions.

πŸ“– Read

via "National Vulnerability Database".
09:13
β€Ό CVE-2021-32001 β€Ό

A Missing Encryption of Sensitive Data vulnerability in k3s, kde2 of SUSE Rancher allows any user with direct access to the datastore, or a copy of a datastore backup to extract the cluster's confidential keying material (cluster certificate authority private keys, secrets encryption configuration passphrase, etc) and decrypt it, without having to know the token value. This issue affects: SUSE Rancher K3s version v1.19.12+k3s1, v1.20.8+k3s1, v1.21.2+k3s1 and prior versions; RKE2 version v1.19.12+rke2r1, v1.20.8+rke2r1, v1.21.2+rke2r1 and prior versions.

πŸ“– Read

via "National Vulnerability Database".
?
13:39
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
🦿 How the Dark Web enables access to corporate networks 🦿

The number of ads selling access to corporate networks has continued to increase from 2019 to 2020 and into 2021, says Positive Technologies.

πŸ“– Read

via "Tech Republic".
?
14:48
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ Reboot of PunkSpider Tool at DEF CON Stirs Debate ❌

Researchers plan to introduce a revamp of PunkSpider, which helps identify flaws in websites so companies can make their back-end systems more secure, at DEF CON.

πŸ“– Read

via "Threat Post".
?
15:13
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-23415 β€Ό

This affects the package elFinder.AspNet before 1.1.1. The user-controlled file name is not properly sanitized before it is used to create a file system path.

πŸ“– Read

via "National Vulnerability Database".
15:13
β€Ό CVE-2021-23416 β€Ό

This affects all versions of package curly-bracket-parser. When used as a template library, it does not properly sanitize the user input.

πŸ“– Read

via "National Vulnerability Database".
15:13
β€Ό CVE-2021-23417 β€Ό

All versions of package deepmergefn are vulnerable to Prototype Pollution via deepMerge function.

πŸ“– Read

via "National Vulnerability Database".
?
15:39
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
🦿 Data breach costs hit record high due to pandemic 🦿

The average cost of a data breach among companies surveyed for IBM Security reached $4.24 million per incident, the highest in 17 years.

πŸ“– Read

via "Tech Republic".
15:48
❌ BlackMatter & Haron: Evil Ransomware Newborns or Rebirths ❌

They’re either new or old REvil & DarkSide wine in new bottles. Both have a taste for deep-pocketed targets and DarkSide-esque virtue-signaling.

πŸ“– Read

via "Threat Post".
?
16:45
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
πŸ•΄ 8 Security Tools to be Unveiled at Black Hat USA πŸ•΄

Security researchers and practitioners share a host of new cyber tools for penetration testing, reverse engineering, malware defense, and more.

πŸ“– Read

via "Dark Reading".
29 July 2021
?
07:14
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-37578 β€Ό

Apache jUDDI uses several classes related to Java's Remote Method Invocation (RMI) which (as an extension to UDDI) provides an alternate transport for accessing UDDI services. RMI uses the default Java serialization mechanism to pass parameters in RMI invocations. A remote attacker can send a malicious serialized object to the above RMI entries. The objects get deserialized without any check on the incoming data. In the worst case, it may let the attacker run arbitrary code remotely. For both jUDDI web service applications and jUDDI clients, the usage of RMI is disabled by default. Since this is an optional feature and an extension to the UDDI protocol, the likelihood of impact is low. Starting with 3.3.10, all RMI related code was removed.

πŸ“– Read

via "National Vulnerability Database".
?
09:09
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
🦿 "Real Estate for a Purpose": Cisco unveils hybrid work plans and tech to support distributed teams 🦿

After a year of WFH, companies are offering a mixed bag of flexible work arrangements. In the hybrid work era, the traditional office is getting a makeover to assist workers on-site and elsewhere.

πŸ“– Read

via "Tech Republic".
09:14
β€Ό CVE-2020-36239 β€Ό

Jira Data Center, Jira Core Data Center, Jira Software Data Center from version 6.3.0 before 8.5.16, from 8.6.0 before 8.13.8, from 8.14.0 before 8.17.0 and Jira Service Management Data Center from version 2.0.2 before 4.5.16, from version 4.6.0 before 4.13.8, and from version 4.14.0 before 4.17.0 exposed a Ehcache RMI network service which attackers, who can connect to the service, on port 40001 and potentially 40011[0][1], could execute arbitrary code of their choice in Jira through deserialization due to a missing authentication vulnerability. While Atlassian strongly suggests restricting access to the Ehcache ports to only Data Center instances, fixed versions of Jira will now require a shared secret in order to allow access to the Ehcache service. [0] In Jira Data Center, Jira Core Data Center, and Jira Software Data Center versions prior to 7.13.1, the Ehcache object port can be randomly allocated. [1] In Jira Service Management Data Center versions prior to 3.16.1, the Ehcache object port can be randomly allocated.

πŸ“– Read

via "National Vulnerability Database".
?
10:19
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ Six Malicious Linux Shell Scripts Used to Evade Defenses and How to Stop Them ❌

Uptycs Threat Research outline how malicious Linux shell scripts are used to cloak attacks and how defenders can detect and mitigate against them.

πŸ“– Read

via "Threat Post".
?
11:14
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-20505 β€Ό

The PowerVM Logical Partition Mobility(LPM) (PowerVM Hypervisor FW920, FW930, FW940, and FW950) encryption key exchange protocol can be compromised. If an attacker has the ability to capture encrypted LPM network traffic and is able to gain service access to the FSP they can use this information to perform a series of PowerVM service procedures to decrypt the captured migration traffic IBM X-Force ID: 198232

πŸ“– Read

via "National Vulnerability Database".
?
11:39
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
🦿 How to attend Black Hat USA 2021 and DEF CON 29 virtually 🦿

DEF CON 29 sold out of virtual passes, so tuning in on Twitch and Discord are the best options for attending online this year.

πŸ“– Read

via "Tech Republic".
?
13:49
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ Israeli Government Agencies Visit NSO Group Offices ❌

Authorities opened an investigation into the secretive Israeli security firm.

πŸ“– Read

via "Threat Post".
?
15:14
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-21538 β€Ό

Dell EMC iDRAC9 versions 4.40.00.00 and later, but prior to 4.40.10.00, contain an improper authentication vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability to gain access to the virtual console.

πŸ“– Read

via "National Vulnerability Database".
15:14
β€Ό CVE-2020-5353 β€Ό

The Dell Isilon OneFS versions 8.2.2 and earlier and Dell EMC PowerScale OneFS version 9.0.0 default configuration for Network File System (NFS) allows access to an 'admin' home directory. An attacker may leverage a spoofed Unique Identifier (UID) over NFS to rewrite sensitive files to gain administrative access to the system.

πŸ“– Read

via "National Vulnerability Database".
15:14
β€Ό CVE-2021-21546 β€Ό

Dell EMC NetWorker versions 18.x,19.x prior to 19.3.0.4 and 19.4.0.0 contain an Information Disclosure in Log Files vulnerability. A local low-privileged user of the Networker server could potentially exploit this vulnerability to read plain-text credentials from server log files.

πŸ“– Read

via "National Vulnerability Database".
15:14
β€Ό CVE-2020-5329 β€Ό

Dell EMC Avamar Server contains an open redirect vulnerability. A remote unauthenticated attacker may exploit this vulnerability to redirect application users to arbitrary web URLs by tricking the victim users to click on maliciously crafted links.

πŸ“– Read

via "National Vulnerability Database".
?
15:49
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ CISA’s Top 30 Bugs: One’s Old Enough to Buy Beer ❌

There are patches or remediations for all of them, but they're still being picked apart. Why should attackers stop if the flaws remain unpatched, as so many do?

πŸ“– Read

via "Threat Post".
?
16:09
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
🦿 How to remove or update a single entry from the SSH known_hosts file 🦿

SSH holds fingerprints of your remote machines in the known_hosts file. Sometimes you might need to remove or update one of those entries. Jack Wallen shows you how.

πŸ“– Read

via "Tech Republic".
16:09
🦿 How to ensure your vendors are cybersecure to protect you from supply chain attacks 🦿

Right now supply-chain vendors are a prime target for cybercriminals. One expert offers ways to remove the bullseye from supply vendors.

πŸ“– Read

via "Tech Republic".
16:09
🦿 The evolution of spear phishing and who criminals are targeting 🦿

A report from Barracuda Networks also identifies attack risks associated with various roles throughout a company ranging from CEOs and IT departments to employees in sales.

πŸ“– Read

via "Tech Republic".
16:19
❌ UC San Diego Health Breach Tied to Phishing Attack ❌

Employee email takeover exposed personal, medical data of students, employees and patients.

πŸ“– Read

via "Threat Post".
?
17:14
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-23418 β€Ό

The package glances before 3.2.1 are vulnerable to XML External Entity (XXE) Injection via the use of Fault to parse untrusted XML data, which is known to be vulnerable to XML attacks.

πŸ“– Read

via "National Vulnerability Database".
17:21
πŸ” Mitigating Insider Risk in the Food and Agriculture Sector πŸ”

A new guide, published this week, can help organizations in the food and agriculture sector identify critical assets and defend against insider threats.

πŸ“– Read

via "".
?
19:14
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-36741 β€Ό

An improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG, and Worry-Free Business Security 10.0 SP1 allows a remote attached to upload arbitrary files on affected installations. Please note: an attacker must first obtain the ability to logon to the productÒ€ℒs management console in order to exploit this vulnerability.

πŸ“– Read

via "National Vulnerability Database".
19:14
β€Ό CVE-2021-36742 β€Ό

A improper input validation vulnerability in Trend Micro Apex One, Apex One as a Service, OfficeScan XG and Worry-Free Business Security 10.0 SP1 allows a local attacker to escalate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

πŸ“– Read

via "National Vulnerability Database".
19:14
β€Ό CVE-2021-25273 β€Ό

Stored XSS can execute as administrator in quarantined email detail view in Sophos UTM before version 9.706.

πŸ“– Read

via "National Vulnerability Database".
30 July 2021
?
07:40
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
🦿 HTML smuggling is the latest cybercrime tactic you need to worry about 🦿

It will be hard to catch these smugglers, as they're abusing an essential element of web browsers that allow them to assemble code at endpoints, bypassing perimeter security.

πŸ“– Read

via "Tech Republic".
?
09:29
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
⚠ S3 Ep43: Apple 0-day, pygmy hippos, hive nightmares and Twitter hacker bust [Podcast] ⚠

Latest episode - listen now!

πŸ“– Read

via "Naked Security".
?
11:15
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-29736 β€Ό

IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0 could allow a remote user to gain elevated privileges on the system. IBM X-Force ID: 201300.

πŸ“– Read

via "National Vulnerability Database".
11:15
β€Ό CVE-2021-29781 β€Ό

IBM Partner Engagement Manager 2.0 could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization flaw. By sending specially-crafted data, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 203091.

πŸ“– Read

via "National Vulnerability Database".
?
13:10
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
🦿 DDoS attacks are down 38.8% in Q2 2021 🦿

It's all quiet on the DDoS front, but don't get complacent: The lull is expected, said Kaskersky, and new attack vectors could spell a coming resurgence.

πŸ“– Read

via "Tech Republic".
13:15
β€Ό CVE-2020-20698 β€Ό

A remote code execution (RCE) vulnerability in /1.com.php of S-CMS PHP v3.0 allows attackers to getshell via modification of a PHP file.

πŸ“– Read

via "National Vulnerability Database".
13:15
β€Ό CVE-2020-21806 β€Ό

SQL Injection Vulnerability in ECTouch v2 via the shop page in index.php..

πŸ“– Read

via "National Vulnerability Database".
13:15
β€Ό CVE-2020-19118 β€Ό

Cross Site Scripting (XSS) vulnerabiity in YzmCMS 5.2 via the site_code parameter in admin/index/init.html.

πŸ“– Read

via "National Vulnerability Database".
13:15
β€Ό CVE-2021-20788 β€Ό

Server-side request forgery (SSRF) vulnerability in GroupSession (GroupSession Free edition from ver2.2.0 to the version prior to ver5.1.0, GroupSession byCloud from ver3.0.3 to the version prior to ver5.1.0, and GroupSession ZION from ver3.0.3 to the version prior to ver5.1.0) allows a remote authenticated attacker to conduct a port scan from the product and/or obtain information from the internal Web server.

πŸ“– Read

via "National Vulnerability Database".
13:15
β€Ό CVE-2021-20114 β€Ό

When installed following the default/recommended settings, TCExam <= 14.8.1 allowed unauthenticated users to access the /cache/backup/ directory, which included sensitive database backup files.

πŸ“– Read

via "National Vulnerability Database".
13:15
β€Ό CVE-2020-18158 β€Ό

Cross Site Scripting (XSS) vulnerability in HuCart 5.7.4 via nickname in index.php.

πŸ“– Read

via "National Vulnerability Database".
13:15
β€Ό CVE-2021-28966 β€Ό

In Ruby through 3.0 on Windows, a remote attacker can submit a crafted path when a Web application handles a parameter with TmpDir.

πŸ“– Read

via "National Vulnerability Database".
13:15
β€Ό CVE-2020-11511 β€Ό

The LearnPress plugin before 3.2.6.9 for WordPress allows remote attackers to escalate the privileges of any user to LP Instructor via the accept-to-be-teacher action parameter.

πŸ“– Read

via "National Vulnerability Database".
13:15
β€Ό CVE-2020-21808 β€Ό

SQL Injection vulnerability in NukeViet CMS 4.0.10 - 4.3.07 via:the topicsid parameter in modules/news/admin/addtotopics.php.

πŸ“– Read

via "National Vulnerability Database".
13:15
β€Ό CVE-2021-28674 β€Ό

The node management page in SolarWinds Orion Platform before 2020.2.5 HF1 allows an attacker to create or delete a node (outside of the attacker's perimeter) via an account with write permissions. This occurs because node IDs are predictable (with incrementing numbers) and the access control on Services/NodeManagement.asmx/DeleteObjNow is incorrect. To exploit this, an attacker must be authenticated and must have node management rights associated with at least one valid group on the platform.

πŸ“– Read

via "National Vulnerability Database".
13:15
β€Ό CVE-2021-20789 β€Ό

Open redirect vulnerability in GroupSession (GroupSession Free edition from ver2.2.0 to the version prior to ver5.1.0, GroupSession byCloud from ver3.0.3 to the version prior to ver5.1.0, and GroupSession ZION from ver3.0.3 to the version prior to ver5.1.0) allows a remote attacker to redirect a user to an arbitrary web site and conduct a phishing attack via a specially crafted URL.

πŸ“– Read

via "National Vulnerability Database".
13:15
β€Ό CVE-2021-30124 β€Ό

The unofficial vscode-phpmd (aka PHP Mess Detector) extension before 1.3.0 for Visual Studio Code allows remote attackers to execute arbitrary code via a crafted phpmd.command value in a workspace folder.

πŸ“– Read

via "National Vulnerability Database".
13:15
β€Ό CVE-2020-18157 β€Ό

Cross Site Request Forgery (CSRF) vulnerability in MetInfo 6.1.3 via a doaddsave action in admin/index.php.

πŸ“– Read

via "National Vulnerability Database".
13:15
β€Ό CVE-2020-18175 β€Ό

SQL Injection vulnerability in Metinfo 6.1.3 via a dosafety_emailadd action in basic.php.

πŸ“– Read

via "National Vulnerability Database".
13:15
β€Ό CVE-2020-22765 β€Ό

Cross Site Scripting (XSS) vulnerability in NukeViet cms 4.4.0 via the editor in the News module.

πŸ“– Read

via "National Vulnerability Database".
13:15
β€Ό CVE-2021-20783 β€Ό

Cross-site request forgery (CSRF) vulnerability in Optical BB unit E-WMTA2.3 allows a remote attacker to hijack the authentication of administrators via a specially crafted page.

πŸ“– Read

via "National Vulnerability Database".
13:15
β€Ό CVE-2021-28094 β€Ό

OX Documents before 7.10.5-rev7 has Incorrect Access Control for converted documents because hash collisions can occur, due to use of CRC32.

πŸ“– Read

via "National Vulnerability Database".
13:15
β€Ό CVE-2021-20113 β€Ό

An exposure of sensitive information vulnerability exists in TCExam <= 14.8.1. If a password reset request was made for an email address that was not registered with a user then we would be presented with an Γ’β‚¬Λœunknown emailÒ€ℒ error. If an email is given that is registered with a user then this error will not appear. A malicious actor could abuse this to enumerate the email addresses of

πŸ“– Read

via "National Vulnerability Database".
13:15
β€Ό CVE-2020-14999 β€Ό

A logic bug in system monitoring driver of Acronis Agent after 12.5.21540 and before 12.5.23094 allowed to bypass Windows memory protection and access sensitive data.

πŸ“– Read

via "National Vulnerability Database".
13:15
β€Ό CVE-2021-37595 β€Ό

In FreeRDP before 2.4.0 on Windows, wf_cliprdr_server_file_contents_request in client/Windows/wf_cliprdr.c has missing input checks for a FILECONTENTS_RANGE File Contents Request PDU.

πŸ“– Read

via "National Vulnerability Database".
13:21
β€Ό CVE-2021-37144 β€Ό

CSZ CMS 1.2.9 is vulnerable to Arbitrary File Deletion. This occurs in PHP when the unlink() function is called and user input might affect portions of or the whole affected parameter, which represents the path of the file to remove, without sufficient sanitization.

πŸ“– Read

via "National Vulnerability Database".
13:21
β€Ό CVE-2021-37743 β€Ό

app/View/GalaxyElements/ajax/index.ctp in MISP 2.4.147 allows Stored XSS when viewing galaxy cluster elements in JSON format.

πŸ“– Read

via "National Vulnerability Database".
13:21
β€Ό CVE-2021-20787 β€Ό

Cross-site scripting vulnerability in GroupSession (GroupSession Free edition from ver2.2.0 to the version prior to ver5.1.0, GroupSession byCloud from ver3.0.3 to the version prior to ver5.1.0, and GroupSession ZION from ver3.0.3 to the version prior to ver5.1.0) allows a remote attacker to inject an arbitrary script by sending a specially crafted request to a specific URL.

πŸ“– Read

via "National Vulnerability Database".
13:21
β€Ό CVE-2021-35478 β€Ό

Nagios Log Server before 2.1.9 contains Reflected XSS in the dropdown box for the alert history and audit log function. All parameters used for filtering are affected. This affects users who open a crafted link or third-party web page.

πŸ“– Read

via "National Vulnerability Database".
13:21
β€Ό CVE-2021-37601 β€Ό

muc.lib.lua in Prosody 0.11.0 through 0.11.9 allows remote attackers to obtain sensitive information (list of admins, members, owners, and banned entities of a Multi-User chat room) in some common configurations.

πŸ“– Read

via "National Vulnerability Database".
13:21
β€Ό CVE-2021-37746 β€Ό

textview_uri_security_check in textview.c in Claws Mail before 3.18.0, and Sylpheed through 3.7.0, does not have sufficient link checks before accepting a click.

πŸ“– Read

via "National Vulnerability Database".
13:21
β€Ό CVE-2021-37587 β€Ό

In Charm 0.43, any single user can decrypt DAC-MACS or MA-ABE-YJ14 data.

πŸ“– Read

via "National Vulnerability Database".
13:21
β€Ό CVE-2021-36624 β€Ό

Sourcecodester Phone Shop Sales Managements System version 1.0 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

πŸ“– Read

via "National Vulnerability Database".
13:21
β€Ό CVE-2021-37606 β€Ό

Meow hash 0.5/calico does not sufficiently thwart key recovery by an attacker who can query whether there's a collision in the bottom bits of the hashes of two messages, as demonstrated by an attack against a long-running web service that allows the attacker to infer collisions by measuring timing differences.

πŸ“– Read

via "National Vulnerability Database".
13:21
β€Ό CVE-2021-37600 β€Ό

An integer overflow in util-linux through 2.37.1 can potentially cause a buffer overflow if an attacker were able to use system resources in a way that leads to a large number in the /proc/sysvipc/sem file.

πŸ“– Read

via "National Vulnerability Database".
13:21
β€Ό CVE-2021-32558 β€Ό

An issue was discovered in Sangoma Asterisk 13.x before 13.38.3, 16.x before 16.19.1, 17.x before 17.9.4, and 18.x before 18.5.1, and Certified Asterisk before 16.8-cert10. If the IAX2 channel driver receives a packet that contains an unsupported media format, a crash can occur.

πŸ“– Read

via "National Vulnerability Database".
13:21
β€Ό CVE-2021-35472 β€Ό

An issue was discovered in LemonLDAP::NG before 2.0.12. Session cache corruption can lead to authorization bypass or spoofing. By running a loop that makes many authentication attempts, an attacker might alternately be authenticated as one of two different users.

πŸ“– Read

via "National Vulnerability Database".
13:21
β€Ό CVE-2021-35479 β€Ό

Nagios Log Server before 2.1.9 contains Stored XSS in the custom column view for the alert history and audit log function through the affected pp parameter. This affects users who open a crafted link or third-party web page.

πŸ“– Read

via "National Vulnerability Database".
13:21
β€Ό CVE-2021-34166 β€Ό

A SQL INJECTION vulnerability in Sourcecodester Simple Food Website 1.0 allows a remote attacker to Bypass Authentication and become Admin.

πŸ“– Read

via "National Vulnerability Database".
13:21
β€Ό CVE-2021-37594 β€Ό

In FreeRDP before 2.4.0 on Windows, wf_cliprdr_server_file_contents_request in client/Windows/wf_cliprdr.c has missing input checks for a FILECONTENTS_SIZE File Contents Request PDU.

πŸ“– Read

via "National Vulnerability Database".
13:21
β€Ό CVE-2021-32610 β€Ό

In Archive_Tar before 1.4.14, symlinks can refer to targets outside of the extracted archive, a different vulnerability than CVE-2020-36193.

πŸ“– Read

via "National Vulnerability Database".
13:21
β€Ό CVE-2021-36766 β€Ό

Concrete5 through 8.5.5 deserializes Untrusted Data. The vulnerable code is located within the controllers/single_page/dashboard/system/environment/logging.php Logging::update_logging() method. User input passed through the logFile request parameter is not properly sanitized before being used in a call to the file_exists() PHP function. This can be exploited by malicious users to inject arbitrary PHP objects into the application scope (PHP Object Injection via phar:// stream wrapper), allowing them to carry out a variety of attacks, such as executing arbitrary PHP code.

πŸ“– Read

via "National Vulnerability Database".
13:21
β€Ό CVE-2021-36004 β€Ό

Adobe InDesign version 16.0 (and earlier) is affected by an Out-of-bounds Write vulnerability in the CoolType library. An unauthenticated attacker could leverage this vulnerability to achieve remote code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

πŸ“– Read

via "National Vulnerability Database".
13:21
β€Ό CVE-2021-35458 β€Ό

Online Pet Shop We App 1.0 is vulnerable to Union SQL Injection in products.php (aka p=products) via the c or s parameter.

πŸ“– Read

via "National Vulnerability Database".
13:21
β€Ό CVE-2021-37588 β€Ό

In Charm 0.43, any two users can collude to achieve the ability to decrypt YCT14 data.

πŸ“– Read

via "National Vulnerability Database".
?
15:10
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
🦿 Cryptomining scams target Android app users 🦿

TechRepublic's Karen Roby interviews Lance Whitney about a recent report that detailed how cryptomining scams targeted Android app users and stole an estimated $350,000 from more than 93,000 people.

πŸ“– Read

via "Tech Republic".
15:10
🦿 Cyber-physical attacks: Top 5 things to know 🦿

The recent trend of cyberattacks on physical infrastructure is a concern for everyone. Tom Merritt explains with five things we should know.

πŸ“– Read

via "Tech Republic".
15:10
🦿 Top 5 things to know about cyber-physical attacks 🦿

Tom Merritt breaks down the recent trend of cyberattacks on physical infrastructure and how to prevent them.

πŸ“– Read

via "Tech Republic".
15:22
πŸ” Friday Five 7/30 πŸ”

Securing the nation's critical infrastructure, CISOs in high demand, and a new record GDPR fine - catch up with the week's infosec news with this week's Friday Five!

πŸ“– Read

via "".
?
17:10
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
🦿 Ransomware risk management: How to start preparing for the future now 🦿

TechRepublic's Karen Roby interviews Brandon Vigliarolo about how the ransomware risk management calculus is changing for OT, ICS and critical infrastructure.

πŸ“– Read

via "Tech Republic".
17:15
β€Ό CVE-2021-29298 β€Ό

Improper Input Validation in Emerson GE Automation Proficy Machine Edition v8.0 allows an attacker to cause a denial of service and application crash via crafted traffic from a Man-in-the-Middle (MITM) attack to the component "FrameworX.exe"in the module "fxVPStatcTcp.dll".

πŸ“– Read

via "National Vulnerability Database".
17:15
β€Ό CVE-2021-35193 β€Ό

Patterson Application Service in Patterson Eaglesoft 18 through 21 accepts the same certificate authentication across different customers' installations (that have the same software version). This provides remote access to SQL database credentials. (In the normal use of the product, retrieving those credentials only occurs after a username/password authentication step; however, this authentication step is on the client side, and an attacker can develop their own client that skips this step.)

πŸ“– Read

via "National Vulnerability Database".
17:15
β€Ό CVE-2021-29297 β€Ό

Buffer Overflow in Emerson GE Automation Proficy Machine Edition v8.0 allows an attacker to cause a denial of service and application crash via crafted traffic from a Man-in-the-Middle (MITM) attack to the component "FrameworX.exe" in the module "MSVCR100.dll".

πŸ“– Read

via "National Vulnerability Database".
?
18:10
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
🦿 Create a VirtualBox virtual machine backup on a Linux host for security 🦿

Jack Wallen teaches you how to use simple bash scripts to automate backing up your VirtualBox VMs.

πŸ“– Read

via "Tech Republic".
18:20
❌ NSA Warns Public Networks are Hacker Hotbeds ❌

Agency warns attackers targeting teleworkers to steal corporate data.

πŸ“– Read

via "Threat Post".
?
20:28
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
🦿 This ethical hacking course could give your cybersecurity career a boost 🦿

Move up in the profitable field of cybersecurity by improving your ethical hacking skills.

πŸ“– Read

via "Tech Republic".
?
21:25
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-27491 β€Ό

Ypsomed mylife Cloud, mylife Mobile Application:Ypsomed mylife Cloud,All versions prior to 1.7.2,Ypsomed mylife App,All versions prior to 1.7.5,The Ypsomed mylife Cloud discloses password hashes during the registration process.

πŸ“– Read

via "National Vulnerability Database".
21:25
β€Ό CVE-2021-32807 β€Ό

The module `AccessControl` defines security policies for Python code used in restricted code within Zope applications. Restricted code is any code that resides in Zope's object database, such as the contents of `Script (Python)` objects. The policies defined in `AccessControl` severely restrict access to Python modules and only exempt a few that are deemed safe, such as Python's `string` module. However, full access to the `string` module also allows access to the class `Formatter`, which can be overridden and extended within `Script (Python)` in a way that provides access to other unsafe Python libraries. Those unsafe Python libraries can be used for remote code execution. By default, you need to have the admin-level Zope "Manager" role to add or edit `Script (Python)` objects through the web. Only sites that allow untrusted users to add/edit these scripts through the web - which would be a very unusual configuration to begin with - are at risk. The problem has been fixed in AccessControl 4.3 and 5.2. Only AccessControl versions 4 and 5 are vulnerable, and only on Python 3, not Python 2.7. As a workaround, a site administrator can restrict adding/editing `Script (Python)` objects through the web using the standard Zope user/role permission mechanisms. Untrusted users should not be assigned the Zope Manager role and adding/editing these scripts through the web should be restricted to trusted users only. This is the default configuration in Zope.

πŸ“– Read

via "National Vulnerability Database".
21:25
β€Ό CVE-2021-27495 β€Ό

Ypsomed mylife Cloud, mylife Mobile Application:Ypsomed mylife Cloud,All versions prior to 1.7.2,Ypsomed mylife App,All versions prior to 1.7.5,he Ypsomed mylife Cloud reflects the user password during the login process after redirecting the user from a HTTPS endpoint to a HTTP endpoint.

πŸ“– Read

via "National Vulnerability Database".
31 July 2021
?
15:25
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-33617 β€Ό

Zoho ManageEngine Password Manager Pro before 11.2 11200 allows login/AjaxResponse.jsp?RequestType=GetUserDomainName&userName= username enumeration, because the response (to a failed login request) is null only when the username is invalid.

πŸ“– Read

via "National Vulnerability Database".
15:25
β€Ό CVE-2020-26564 β€Ό

ObjectPlanet Opinio before 7.15 allows XXE attacks via three steps: modify a .css file to have <!ENTITY content, create a .xml file for a generic survey template (containing a link to this .css file), and import this .xml file at the survey/admin/folderSurvey.do?action=viewImportSurvey['importFile'] URI. The XXE can then be triggered at a admin/preview.do?action=previewSurvey&surveyId= URI.

πŸ“– Read

via "National Vulnerability Database".
15:25
β€Ό CVE-2020-26565 β€Ό

ObjectPlanet Opinio before 7.14 allows Expression Language Injection via the admin/permissionList.do from parameter. This can be used to retrieve possibly sensitive serverInfo data.

πŸ“– Read

via "National Vulnerability Database".
15:25
β€Ό CVE-2020-26806 β€Ό

admin/file.do in ObjectPlanet Opinio before 7.15 allows Unrestricted File Upload of executable JSP files, resulting in remote code execution, because filePath can have directory traversal and fileContent can be valid JSP code.

πŸ“– Read

via "National Vulnerability Database".
1 August 2021
?
17:26
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-32066 β€Ό

An issue was discovered in Ruby through 2.6.7, 2.7.x through 2.7.3, and 3.x through 3.0.1. Net::IMAP does not raise an exception when StartTLS fails with an an unknown response, which might allow man-in-the-middle attackers to bypass the TLS protections by leveraging a network position between the client and the registry to block the StartTLS command, aka a "StartTLS stripping attack."

πŸ“– Read

via "National Vulnerability Database".
2 August 2021
?
07:27
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-3351 β€Ό

OpenPLC runtime V3 through 2016-03-14 allows stored XSS via the Device Name to the web server's Add New Device page.

πŸ“– Read

via "National Vulnerability Database".
07:27
β€Ό CVE-2021-34556 β€Ό

In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects the possibility of uninitialized memory locations on the BPF stack.

πŸ“– Read

via "National Vulnerability Database".
?
07:57
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
🦿 PwnedPiper threatens thousands of hospitals worldwide, patch your systems now 🦿

Nine critical vulnerabilities in a popular hospital pneumatic tube software could give attackers control of infrastructure and allow them to launch additional attacks that cripple healthcare operations.

πŸ“– Read

via "Tech Republic".
?
09:27
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-24484 β€Ό

The get_reports() function in the Secure Copy Content Protection and Content Locking WordPress plugin before 2.6.7 did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the get_results() DB calls, leading to SQL injection issues in the admin dashboard

πŸ“– Read

via "National Vulnerability Database".
09:27
β€Ό CVE-2021-24460 β€Ό

The get_fb_likeboxes() function in the Popup Like box ΓƒΒ’Γ’β€šΒ¬Γ’β‚¬Ε“ Page Plugin WordPress plugin before 3.5.3 did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the get_results() DB calls, leading to SQL injection issues in the admin dashboard

πŸ“– Read

via "National Vulnerability Database".
09:27
β€Ό CVE-2021-24498 β€Ό

The Calendar Event Multi View WordPress plugin before 1.4.01 does not sanitise or escape the 'start' and 'end' GET parameters before outputting them in the page (via php/edit.php), leading to a reflected Cross-Site Scripting issue.

πŸ“– Read

via "National Vulnerability Database".
09:27
β€Ό CVE-2021-24461 β€Ό

The get_faqs() function in the FAQ Builder AYS WordPress plugin before 1.3.6 did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the get_results() DB calls, leading to SQL injection issues in the admin dashboard

πŸ“– Read

via "National Vulnerability Database".
09:27
β€Ό CVE-2021-24481 β€Ό

The Any Hostname WordPress plugin through 1.0.6 does not sanitise or escape its "Allowed hosts" setting, leading to an authenticated stored XSS issue as high privilege users are able to set XSS payloads in it

πŸ“– Read

via "National Vulnerability Database".
09:27
β€Ό CVE-2021-24472 β€Ό

The OnAir2 WordPress theme before 3.9.9.2 and QT KenthaRadio WordPress plugin before 2.0.2 have exposed proxy functionality to unauthenticated users, sending requests to this proxy functionality will have the web server fetch and display the content from any URI, this would allow for SSRF (Server Side Request Forgery) and RFI (Remote File Inclusion) vulnerabilities on the website.

πŸ“– Read

via "National Vulnerability Database".
09:27
β€Ό CVE-2021-24450 β€Ό

The User Registration, User Profiles, Login & Membership ΓƒΒ’Γ’β€šΒ¬Γ’β‚¬Ε“ ProfilePress (Formerly WP User Avatar) WordPress plugin before 3.1.8 did not sanitise or escape some of its settings before saving them and outputting them back in the page, allowing high privilege users such as admin to set JavaScript payloads in them even when the unfiltered_html capability is disallowed, leading to an authenticated Stored Cross-Site Scripting issue

πŸ“– Read

via "National Vulnerability Database".
09:27
β€Ό CVE-2021-24496 β€Ό

The Community Events WordPress plugin before 1.4.8 does not sanitise, validate or escape its importrowscount and successimportcount GET parameters before outputting them back in an admin page, leading to a reflected Cross-Site Scripting issue which will be executed in the context of a logged in administrator

πŸ“– Read

via "National Vulnerability Database".
09:27
β€Ό CVE-2021-34575 β€Ό

In MB connect line mymbCONNECT24, mbCONNECT24 in versions <= 2.8.0 an unauthenticated user can enumerate valid users by checking what kind of response the server sends.

πŸ“– Read

via "National Vulnerability Database".
09:27
β€Ό CVE-2021-24492 β€Ό

The hndtst_action_instance_callback AJAX call of the Handsome Testimonials & Reviews WordPress plugin before 2.1.1, available to any authenticated users, does not sanitise, validate or escape the hndtst_previewShortcodeInstanceId POST parameter before using it in a SQL statement, leading to an SQL Injection issue.

πŸ“– Read

via "National Vulnerability Database".
09:27
β€Ό CVE-2021-33526 β€Ό

In MB connect line mbDIALUP versions <= 3.9R0.0 a low privileged local attacker can send a command to the service running with NT AUTHORITY\SYSTEM instructing it to execute a malicous OpenVPN configuration resulting in arbitrary code execution with the privileges of the service.

πŸ“– Read

via "National Vulnerability Database".
09:27
β€Ό CVE-2021-24458 β€Ό

The get_ays_popupboxes() and get_popup_categories() functions of the Popup box WordPress plugin before 2.3.4 did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the get_results() DB calls, leading to SQL injection issues in the admin dashboard

πŸ“– Read

via "National Vulnerability Database".
09:27
β€Ό CVE-2021-24430 β€Ό

The Speed Booster Pack Òő‘ PageSpeed Optimization Suite WordPress plugin before 4.2.0 did not validate its caching_exclude_urls and caching_include_query_strings settings before outputting them in a PHP file, which could lead to RCE

πŸ“– Read

via "National Vulnerability Database".
09:27
β€Ό CVE-2021-24428 β€Ό

The RSS for Yandex Turbo WordPress plugin through 1.30 does not sanitise or escape some of its settings before saving and outputing them in the admin dashboard, leading to an Authenticated Stored Cross-Site Scripting issue even when the unfiltered_html capability is disallowed.

πŸ“– Read

via "National Vulnerability Database".
09:27
β€Ό CVE-2021-24503 β€Ό

The Popular Brand Icons ΓƒΒ’Γ’β€šΒ¬Γ’β‚¬Ε“ Simple Icons WordPress plugin before 2.7.8 does not sanitise or validate some of its shortcode parameters, such as "color", "size" or "class", allowing users with a role as low as Contributor to set Cross-Site payload in them. A post made by a contributor would still have to be approved by an admin to have the XSS triggered in the frontend, however, higher privilege users, such as editor could exploit this without the need of approval, and even when the blog disallows the unfiltered_html capability.

πŸ“– Read

via "National Vulnerability Database".
09:27
β€Ό CVE-2021-24483 β€Ό

The get_poll_categories(), get_polls() and get_reports() functions in the Poll Maker WordPress plugin before 3.2.1 did not use whitelist or validate the orderby parameter before using it in SQL statements passed to the get_results() DB calls, leading to SQL injection issues in the admin dashboard

πŸ“– Read

via "National Vulnerability Database".
09:27
β€Ό CVE-2021-24476 β€Ό

The Steam Group Viewer WordPress plugin through 2.1 does not sanitise or escape its "Steam Group Address" settings before outputting it in the page, leading to an authenticated Stored Cross-Site Scripting issue

πŸ“– Read

via "National Vulnerability Database".
09:27
β€Ό CVE-2021-24479 β€Ό

The DrawBlog WordPress plugin through 0.90 does not sanitise or validate some of its settings before outputting them back in the page, leading to an authenticated stored Cross-Site Scripting issue

πŸ“– Read

via "National Vulnerability Database".
09:27
β€Ό CVE-2021-24504 β€Ό

The WP LMS ΓƒΒ’Γ’β€šΒ¬Γ’β‚¬Ε“ Best WordPress LMS Plugin WordPress plugin through 1.1.2 does not properly sanitise or validate its User Field Titles, allowing XSS payload to be used in them. Furthermore, no CSRF and capability checks were in place, allowing such attack to be performed either via CSRF or as any user (including unauthenticated)

πŸ“– Read

via "National Vulnerability Database".
09:27
β€Ό CVE-2021-34574 β€Ό

In MB connect line mymbCONNECT24, mbCONNECT24 in versions <= 2.8.0 an authenticated attacker can change the password of his account into a new password that violates the password policy by intercepting and modifying the request that is send to the server.

πŸ“– Read

via "National Vulnerability Database".
?
10:23
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
πŸ•΄ Multiple Zero-Day Flaws Discovered in Popular Hospital Pneumatic Tube System πŸ•΄

"PwnedPiper" flaws could allow attackers to disrupt delivery of lab samples or steal hospital employee credentials, new research shows.

πŸ“– Read

via "Dark Reading".
?
11:27
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-37164 β€Ό

A buffer overflow issue was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus Panel operated by released versions of software before Nexus Software 7.2.5.7. In the tcpTxThread function, the received data is copied to a stack buffer. An off-by-3 condition can occur, resulting in a stack-based buffer overflow.

πŸ“– Read

via "National Vulnerability Database".
11:27
β€Ό CVE-2021-37160 β€Ό

A firmware validation issue was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus Panel operated by released versions of software before Nexus Software 7.2.5.7. There is no firmware validation (e.g., cryptographic signature validation) during a File Upload for a firmware update.

πŸ“– Read

via "National Vulnerability Database".
11:27
β€Ό CVE-2021-37216 β€Ό

QSAN Storage Manager header page parameters does not filter special characters. Remote attackers can inject JavaScript without logging in and launch reflected XSS attacks to access and modify specific data.

πŸ“– Read

via "National Vulnerability Database".
11:27
β€Ό CVE-2021-37167 β€Ό

An insecure permissions issue was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus Panel operated by released versions of software before Nexus Software 7.2.5.7. A user logged in using the default credentials can gain root access to the device, which provides permissions for all of the functionality of the device.

πŸ“– Read

via "National Vulnerability Database".
11:27
β€Ό CVE-2021-37162 β€Ό

A buffer overflow issue was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus Panel operated by released versions of software before Nexus Software 7.2.5.7. If an attacker sends a malformed UDP message, a buffer underflow occurs, leading to an out-of-bounds copy and possible remote code execution.

πŸ“– Read

via "National Vulnerability Database".
11:27
β€Ό CVE-2021-37166 β€Ό

A buffer overflow issue leading to denial of service was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus Panel operated by released versions of software before Nexus Software 7.2.5.7. When HMI3 starts up, it binds a local service to a TCP port on all interfaces of the device, and takes extensive time for the GUI to connect to the TCP socket, allowing the connection to be hijacked by an external attacker.

πŸ“– Read

via "National Vulnerability Database".
11:27
β€Ό CVE-2021-20332 β€Ό

Specific MongoDB Rust Driver versions can include credentials used by the connection pool to authenticate connections in the monitoring event that is emitted when the pool is created. The user's logging infrastructure could then potentially ingest these events and unexpectedly leak the credentials. Note that such monitoring is not enabled by default.

πŸ“– Read

via "National Vulnerability Database".
11:27
β€Ό CVE-2021-37161 β€Ό

A buffer overflow issue was discovered in the HMI3 Control Panel contained within the Swisslog Healthcare Nexus Panel, operated by released versions of software before Nexus Software 7.2.5.7. A buffer overflow allows an attacker to overwrite an internal queue data structure and can lead to remote code execution.

πŸ“– Read

via "National Vulnerability Database".
11:27
β€Ό CVE-2021-37163 β€Ό

An insecure permissions issue was discovered in HMI3 Control Panel in Swisslog Healthcare Nexus operated by released versions of software before Nexus Software 7.2.5.7. The device has two user accounts with passwords that are hardcoded.

πŸ“– Read

via "National Vulnerability Database".
11:30
πŸ›  SQLMAP - Automatic SQL Injection Tool 1.5.8 πŸ› 

sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

πŸ“– Read

via "Packet Storm Security".
?
12:27
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
🦿 Behind the scenes: A day in the life of a cybersecurity expert 🦿

Leading a team is kind of like when a burglar alarm goes off and "you're the police," says the head of cybersecurity at ExpressVPN.

πŸ“– Read

via "Tech Republic".
?
12:57
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
🦿 Set up an SSH tarpit in Ubuntu Server 20.04: Here's how 🦿

You can add an SSH tarpit to Ubuntu Server with the help of endlessh. Jack Wallen shows you how.

πŸ“– Read

via "Tech Republic".
?
13:27
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-29741 β€Ό

IBM AIX 7.1, 7.2, and VIOS 3.1 could allow a local user to exploit a vulnerability in Korn Shell (ksh) to gain root privileges. IBM X-Force ID: 201478.

πŸ“– Read

via "National Vulnerability Database".
13:27
β€Ό CVE-2021-37840 β€Ό

aaPanel through 6.8.12 allows Cross-Site WebSocket Hijacking (CSWH) involving OS commands within WebSocket messages at a ws:// URL for /webssh (the victim must have configured Terminal with at least one host). Successful exploitation depends on the browser used by a potential victim (e.g., exploitation can occur with Firefox but not Chrome).

πŸ“– Read

via "National Vulnerability Database".
?
15:54
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
πŸ•΄ New Normal Demands New Security Leadership Structure πŸ•΄

At the inaugural Omdia Analyst Summit, experts discuss where the past year has created gaps in traditional security strategy and how organizations can fill them.

πŸ“– Read

via "Dark Reading".
?
16:29
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ Chipotle Emails Serve Up Phishing Lures ❌

Mass email distribution service compromise mirrors earlier Nobelium attacks.

πŸ“– Read

via "Threat Post".
16:32
πŸ” Vigilance Needed: Financial Services Firms Fight Imposter Scams πŸ”

To tamp down on fraud and fight back against a new investment scam, the FBI and SEC is providing new guidance for investors to combat imposters.

πŸ“– Read

via "".
?
16:59
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ ❌

Vulnerability Name Affected Component CVE# Date Underflow in udpRXThread HMI3 Control Panel in: Nexus Panel CVE-2021-37161 02/08/2021 Overflow in sccProcessMsg HMI3 Control Panel in: Nexus Panel CVE-2021-37162 02/08/2021 Overflow in hmiProcessMsg HMI3 Control Panel in: Nexus Panel CVE-2021-37165 02/08/2021 Off-by-three stack overflow in tcpTxThread HMI3 Control Panel in: Nexus Panel CVE-2021-37164 02/08/2021 GUI socket Denial […]

πŸ“– Read

via "Threat Post".
?
17:27
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-32810 β€Ό

crossbeam-deque is a package of work-stealing deques for building task schedulers when programming in Rust. In versions prior to 0.7.4 and 0.8.0, the result of the race condition is that one or more tasks in the worker queue can be popped twice instead of other tasks that are forgotten and never popped. If tasks are allocated on the heap, this can cause double free and a memory leak. If not, this still can cause a logical bug. Crates using `Stealer::steal`, `Stealer::steal_batch`, or `Stealer::steal_batch_and_pop` are affected by this issue. This has been fixed in crossbeam-deque 0.8.1 and 0.7.4.

πŸ“– Read

via "National Vulnerability Database".
17:27
β€Ό CVE-2021-33196 β€Ό

Go before 1.15.12 and 1.16.x before 1.16.5 attempts to allocate excessive memory (issue 1 of 2).

πŸ“– Read

via "National Vulnerability Database".
17:27
β€Ό CVE-2021-22446 β€Ό

There is an Information Disclosure Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset.

πŸ“– Read

via "National Vulnerability Database".
17:27
β€Ό CVE-2021-3673 β€Ό

A vulnerability was found in Radare2 in version 5.3.1. Improper input validation when reading a crafted LE binary can lead to resource exhaustion and DoS.

πŸ“– Read

via "National Vulnerability Database".
17:27
β€Ό CVE-2021-22447 β€Ό

There is an Improper Check for Unusual or Exceptional Conditions Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset.

πŸ“– Read

via "National Vulnerability Database".
17:27
β€Ό CVE-2021-32806 β€Ό

Products.isurlinportal is a replacement for isURLInPortal method in Plone. Versions of Products.isurlinportal prior to 1.2.0 have an Open Redirect vulnerability. Various parts of Plone use the 'is url in portal' check for security, mostly to see if it is safe to redirect to a url. A url like `https://example.org` is not in the portal. The url `https:example.org` without slashes is considered to be in the portal. When redirecting, some browsers go to `https://example.org`, others give an error. Attackers may use this to redirect victims to their site, especially as part of a phishing attack. The problem has been patched in Products.isurlinportal 1.2.0.

πŸ“– Read

via "National Vulnerability Database".
17:27
β€Ό CVE-2021-33197 β€Ό

Go before 1.15.12 and 1.16.x before 1.16.5 acts as an Unintended Proxy or Intermediary.

πŸ“– Read

via "National Vulnerability Database".
17:27
β€Ό CVE-2021-33198 β€Ό

Go before 1.15.12 and 1.16.x before 1.16.5 attempts to allocate excessive memory (issue 2 of 2).

πŸ“– Read

via "National Vulnerability Database".
17:27
β€Ό CVE-2021-33195 β€Ό

Go before 1.15.12 and 1.16.x before 1.16.5 allows injection.

πŸ“– Read

via "National Vulnerability Database".
17:27
β€Ό CVE-2021-22445 β€Ό

There is an Input Verification Vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause the system to reset.

πŸ“– Read

via "National Vulnerability Database".
17:27
β€Ό CVE-2021-37843 β€Ό

The resolution SAML SSO apps for Atlassian products allow a remote attacker to login to a user account when only the username is known (i.e., no other authentication is provided). The fixed versions are for Jira: 3.6.6.1, 4.0.12, 5.0.5; for Confluence 3.6.6, 4.0.12, 5.0.5; for Bitbucket 2.5.9, 3.6.6, 4.0.12, 5.0.5; for Bamboo 2.5.9, 3.6.6, 4.0.12, 5.0.5; and for Fisheye 2.5.9.

πŸ“– Read

via "National Vulnerability Database".
?
18:29
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ β€˜PwnedPiper’: Devastating Bugs in >80% of Hospital Pneumatics ❌

Podcast: Blood samples aren’t martinis. You can’t shake them. But bugs in pneumatic control systems could lead to that, RCE or ransomware.

πŸ“– Read

via "Threat Post".
?
19:27
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-35450 β€Ό

A Server Side Template Injection in the Entando Admin Console 6.3.9 and before allows a user with privileges to execute FreeMarker template with command execution via freemarker.template.utility.Execute

πŸ“– Read

via "National Vulnerability Database".
19:27
β€Ό CVE-2021-34637 β€Ό

The Post Index WordPress plugin is vulnerable to Cross-Site Request Forgery via the OptionsPage function found in the ~/php/settings.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 0.7.5.

πŸ“– Read

via "National Vulnerability Database".
19:27
β€Ό CVE-2021-32019 β€Ό

There is missing input validation of host names displayed in OpenWrt before 19.07.8. The Connection Status page of the luci web-interface allows XSS, which can be used to gain full control over the affected system via ICMP.

πŸ“– Read

via "National Vulnerability Database".
19:27
β€Ό CVE-2021-27943 β€Ό

The pairing procedure used by the Vizio P65-F1 6.0.31.4-2 and E50x-E1 10.0.31.4-2 Smart TVs and mobile application is vulnerable to a brute-force attack (against only 10000 possibilities), allowing a threat actor to forcefully pair the device, leading to remote control of the TV settings and configurations.

πŸ“– Read

via "National Vulnerability Database".
19:27
β€Ό CVE-2021-34628 β€Ό

The Admin Custom Login WordPress plugin is vulnerable to Cross-Site Request Forgery due to the loginbgSave action found in the ~/includes/Login-form-setting/Login-form-background.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 3.2.7.

πŸ“– Read

via "National Vulnerability Database".
19:27
β€Ό CVE-2021-34635 β€Ό

The Poll Maker WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the mcount parameter found in the ~/admin/partials/settings/poll-maker-settings.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 3.2.8.

πŸ“– Read

via "National Vulnerability Database".
19:27
β€Ό CVE-2021-21865 β€Ό

A unsafe deserialization vulnerability exists in the PackageManagement.plugin ExtensionMethods.Clone() functionality of CODESYS GmbH CODESYS Development System 3.5.16. A specially crafted file can lead to arbitrary command execution. An attacker can provide a malicious file to trigger this vulnerability.

πŸ“– Read

via "National Vulnerability Database".
19:27
β€Ό CVE-2021-34632 β€Ό

The SEO Backlinks WordPress plugin is vulnerable to Cross-Site Request Forgery via the loc_config function found in the ~/seo-backlinks.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 4.0.1.

πŸ“– Read

via "National Vulnerability Database".
19:27
β€Ό CVE-2021-27503 β€Ό

Ypsomed mylife Cloud, mylife Mobile Application, Ypsomed mylife Cloud: All versions prior to 1.7.2, Ypsomed mylife App: All versions prior to 1.7.5,The application encrypts on the application layer of the communication protocol between the Ypsomed mylife App and mylife Cloud credentials based on hard-coded secrets, which allows man-in-the-middle attackers to tamper with messages.

πŸ“– Read

via "National Vulnerability Database".
19:27
β€Ό CVE-2021-29979 β€Ό

Hubs Cloud allows users to download shared content, specifically HTML and JS, which could allow javascript execution in the Hub Cloud instanceÒ€ℒs primary hosting domain.*. This vulnerability affects Hubs Cloud < mozillareality/reticulum/1.0.1/20210618012634.

πŸ“– Read

via "National Vulnerability Database".
19:28
β€Ό CVE-2021-37847 β€Ό

crypto/digest.c in Pengutronix barebox through 2021.07.0 leaks timing information because memcmp is used during digest verification.

πŸ“– Read

via "National Vulnerability Database".
19:28
β€Ό CVE-2021-21866 β€Ό

A unsafe deserialization vulnerability exists in the ObjectManager.plugin ProfileInformation.ProfileData functionality of CODESYS GmbH CODESYS Development System 3.5.16 and 3.5.17. A specially crafted file can lead to arbitrary command execution. An attacker can provide a malicious file to trigger this vulnerability.

πŸ“– Read

via "National Vulnerability Database".
19:28
β€Ό CVE-2021-21864 β€Ό

A unsafe deserialization vulnerability exists in the ComponentModel ComponentManager.StartupCultureSettings functionality of CODESYS GmbH CODESYS Development System 3.5.16 and 3.5.17. A specially crafted file can lead to arbitrary command execution. An attacker can provide a malicious file to trigger this vulnerability.

πŸ“– Read

via "National Vulnerability Database".
19:28
β€Ό CVE-2021-27499 β€Ό

Ypsomed mylife Cloud, mylife Mobile Application, Ypsomed mylife Cloud: All versions prior to 1.7.2, Ypsomed mylife App: All versions prior to 1.7.5,The application layer encryption of the communication protocol between the Ypsomed mylife App and mylife Cloud uses non-random IVs, which allows man-in-the-middle attackers to tamper with messages.

πŸ“– Read

via "National Vulnerability Database".
19:28
β€Ό CVE-2021-37848 β€Ό

common/password.c in Pengutronix barebox through 2021.07.0 leaks timing information because strncmp is used during hash comparison.

πŸ“– Read

via "National Vulnerability Database".
?
19:57
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
🦿 Black Hat USA 2021 and DEF CON 29: What to expect from the security events 🦿

Key topics analysts anticipate for these security conferences include supply chain attacks, Microsoft Exchange vulnerabilities and the iPhone/Pegasus spyware incident.

πŸ“– Read

via "Tech Republic".
?
21:27
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-32812 β€Ό

Monkshu is an enterprise application server for mobile apps (iOS and Android), responsive HTML 5 apps, and JSON API services. In version 2.90 and earlier, there is a reflected cross-site scripting vulnerability in frontend HTTP server. The attacker can send in a carefully crafted URL along with a known bug in the server which will cause a 500 error, and the response will then embed the URL provided by the hacker. The impact is moderate as the hacker must also be able to craft an HTTP request which should cause a 500 server error. None such requests are known as this point. The issue is patched in version 2.95. As a workaround, one may use a disk caching plugin.

πŸ“– Read

via "National Vulnerability Database".
21:27
β€Ό CVE-2021-32811 β€Ό

Zope is an open-source web application server. Zope versions prior to versions 4.6.3 and 5.3 have a remote code execution security issue. In order to be affected, one must use Python 3 for one's Zope deployment, run Zope 4 below version 4.6.3 or Zope 5 below version 5.3, and have the optional `Products.PythonScripts` add-on package installed. By default, one must have the admin-level Zope "Manager" role to add or edit Script (Python) objects through the web. Only sites that allow untrusted users to add/edit these scripts through the web are at risk. Zope releases 4.6.3 and 5.3 are not vulnerable. As a workaround, a site administrator can restrict adding/editing Script (Python) objects through the web using the standard Zope user/role permission mechanisms. Untrusted users should not be assigned the Zope Manager role and adding/editing these scripts through the web should be restricted to trusted users only. This is the default configuration in Zope.

πŸ“– Read

via "National Vulnerability Database".
21:27
β€Ό CVE-2021-32787 β€Ό

Sourcegraph is a code search and navigation engine. Sourcegraph before version 3.30.0 has two potential information leaks. The site-admin area can be accessed by regular users and all information and features are properly protected except for daily usage statistics and code intelligence uploads and indexes. It is not possible to alter the information, nor interact with any other features in the site-admin area. The issue is patched in version 3.30.0, where the information cannot be accessed by unprivileged users. There are no workarounds aside from upgrading.

πŸ“– Read

via "National Vulnerability Database".
3 August 2021
?
02:27
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
🦿 Chinese threat actors have been compromising telecom networks for years, investigation finds 🦿

Hackers linked to the Chinese government invaded major telecom companies "across Southeast Asia," says reporting firm Cybereason, and the tools they used will sound familiar.

πŸ“– Read

via "Tech Republic".
02:27
β€Ό CVE-2021-21565 β€Ό

Dell PowerScale OneFS versions 9.1.0.3 and earlier contain a denial of service vulnerability. SmartConnect had an error condition that may be triggered to loop, using CPU and potentially preventing other SmartConnect DNS responses.

πŸ“– Read

via "National Vulnerability Database".
02:27
β€Ό CVE-2021-21562 β€Ό

Dell EMC PowerScale OneFS contains an untrusted search path vulnerability. This vulnerability allows a user with (ISI_PRIV_LOGIN_SSH or ISI_PRIV_LOGIN_CONSOLE) and (ISI_PRIV_SYS_UPGRADE or ISI_PRIV_AUDIT) to provide an untrusted path which can lead to run resources that are not under the applicationÒ€ℒs direct control.

πŸ“– Read

via "National Vulnerability Database".
02:27
β€Ό CVE-2021-26085 β€Ό

Affected versions of Atlassian Confluence Server allow remote attackers to view restricted resources via a Pre-Authorization Arbitrary File Read vulnerability in the /s/ endpoint. The affected versions are before version 7.4.10, and from version 7.5.0 before 7.12.3.

πŸ“– Read

via "National Vulnerability Database".
02:27
β€Ό CVE-2021-21563 β€Ό

Dell EMC PowerScale OneFS versions 8.1.2-9.1.0.x contain an Improper Check for Unusual or Exceptional Conditions in its auditing component.This can lead to an authenticated user with low-privileges to trigger a denial of service event.

πŸ“– Read

via "National Vulnerability Database".
02:27
β€Ό CVE-2021-37914 β€Ό

In Argo Workflows through 3.1.3, if EXPRESSION_TEMPLATES is enabled and untrusted users are allowed to specify input parameters when running workflows, an attacker may be able to disrupt a workflow because expression template output is evaluated.

πŸ“– Read

via "National Vulnerability Database".
02:27
β€Ό CVE-2021-21553 β€Ό

Dell PowerScale OneFS versions 8.1.0-9.1.0 contain an Incorrect User Management vulnerability.under some specific conditions, this can allow the CompAdmin user to elevate privileges and break out of Compliance mode. This is a critical vulnerability and Dell recommends upgrading at the earliest.

πŸ“– Read

via "National Vulnerability Database".
02:27
β€Ό CVE-2021-37916 β€Ό

Joplin before 2.0.9 allows XSS via button and form in the note body.

πŸ“– Read

via "National Vulnerability Database".
?
09:27
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
🦿 Connect Ubuntu Linux Desktop 21.04 to an Active Directory domain: Here's how 🦿

Jack Wallen walks you through the steps to join Ubuntu Desktop to Active Directory domains.

πŸ“– Read

via "Tech Republic".
?
11:28
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-35265 β€Ό

A reflected cross-site scripting (XSS) vulnerability in MaxSite CMS before V106 via product/page/* allows remote attackers to inject arbitrary web script to a page.

πŸ“– Read

via "National Vulnerability Database".
11:28
β€Ό CVE-2021-37832 β€Ό

A SQL injection vulnerability exists in version 3.0.2 of Hotel Druid when SQLite is being used as the application database. A malicious attacker can issue SQL commands to the SQLite database through the vulnerable idappartamenti parameter.

πŸ“– Read

via "National Vulnerability Database".
11:28
β€Ό CVE-2021-37833 β€Ό

A reflected cross-site scripting (XSS) vulnerability exists in multiple pages in version 3.0.2 of the Hotel Druid application that allows for arbitrary execution of JavaScript commands.

πŸ“– Read

via "National Vulnerability Database".
?
11:57
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
🦿 Olympic-themed passwords put people at risk 🦿

Beyond using "tokyo" and "olympics" as their passwords, people have been turning to names of athletes, such as "kenny," "williams," and "asher," says NordPass.

πŸ“– Read

via "Tech Republic".
12:00
❌ β€˜DeadRinger’ Targeted Exchange Servers Long Before Discovery ❌

Cyberespionage campaigns linked to China attacked telecoms via ProxyLogon bugs, stealing call records and maintaining persistence, as far back as 2017.

πŸ“– Read

via "Threat Post".
?
12:30
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ Raccoon Stealer Bundles Malware, Propagates Via Google SEO ❌

An update to the stealer-as-a-service platform hides in pirated software, pilfers crypto-coins and installs a software dropper for downloads of more malware.

πŸ“– Read

via "Threat Post".
12:33
⚠ S3 Ep43: Apple 0-day, pygmy hippos, hive nightmares and Twitter hacker bust [Podcast] ⚠

Latest episode - listen now!

πŸ“– Read

via "Naked Security".
12:33
⚠ BazarCaller – the malware gang that talks you into infecting yourself ⚠

Calling someone back feels safer than clicking an unknown link... but it isn't! Remind your friends and family.

πŸ“– Read

via "Naked Security".
?
13:27
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
🦿 DDoS attacks largely target the US and the computers and internet sectors 🦿

DDoS attacks are a nuisance to be sure, but they're also used in a variety of ways that make them a severe threat, says Atlas VPN.

πŸ“– Read

via "Tech Republic".
13:27
β€Ό CVE-2021-36157 β€Ό

An issue was discovered in Grafana Cortex through 1.9.0. The header value X-Scope-OrgID is used to construct file paths for rules files, and if crafted to conduct directory traversal such as ae ../../sensitive/path/in/deployment pathname, then Cortex will attempt to parse a rules file at that location and include some of the contents in the error message. (Other Cortex API requests can also be sent a malicious OrgID header, e.g., tricking the ingester into writing metrics to a different location, but the effect is nuisance rather than information disclosure.)

πŸ“– Read

via "National Vulnerability Database".
13:27
β€Ό CVE-2021-36156 β€Ό

An issue was discovered in Grafana Loki through 2.2.1. The header value X-Scope-OrgID is used to construct file paths for rules files, and if crafted to conduct directory traversal such as ae ../../sensitive/path/in/deployment pathname, then Loki will attempt to parse a rules file at that location and include some of the contents in the error message.

πŸ“– Read

via "National Vulnerability Database".
13:27
β€Ό CVE-2021-31630 β€Ό

Command Injection in Open PLC Webserver v3 allows remote attackers to execute arbitrary code via the "Hardware Layer Code Box" component on the "/hardware" page of the application.

πŸ“– Read

via "National Vulnerability Database".
13:27
β€Ό CVE-2021-36379 β€Ό

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.

πŸ“– Read

via "National Vulnerability Database".
13:27
β€Ό CVE-2021-27952 β€Ό

Hardcoded default root credentials exist on the ecobee3 lite 4.5.81.200 device. This allows a threat actor to gain access to the password-protected bootloader environment through the serial console.

πŸ“– Read

via "National Vulnerability Database".
13:27
β€Ό CVE-2021-22400 β€Ό

Some Huawei Smartphones has an insufficient input validation vulnerability due to the lack of parameter validation. An attacker may trick a user into installing a malicious APP. The app can modify specific parameters, causing the system to crash. Affected product include:OxfordS-AN00A 10.0.1.10(C00E10R1P1),10.0.1.105(C00E103R3P3),10.0.1.115(C00E110R3P3),10.0.1.123(C00E121R3P3),10.0.1.135(C00E130R3P3),10.0.1.135(C00E130R4P1),10.0.1.152(C00E140R4P1),10.0.1.160(C00E160R4P1),10.0.1.167(C00E166R4P1),10.0.1.173(C00E172R5P1),10.0.1.178(C00E175R5P1) and 10.1.0.202(C00E79R5P1).

πŸ“– Read

via "National Vulnerability Database".
13:27
β€Ό CVE-2021-36159 β€Ό

libfetch before 2021-07-26, as used in apk-tools, xbps, and other products, mishandles numeric strings for the FTP and HTTP protocols. The FTP passive mode implementation allows an out-of-bounds read because strtol is used to parse the relevant numbers into address bytes. It does not check if the line ends prematurely. If it does, the for-loop condition checks for the '\0' terminator one byte too late.

πŸ“– Read

via "National Vulnerability Database".
13:27
β€Ό CVE-2021-27953 β€Ό

A NULL pointer dereference vulnerability exists on the ecobee3 lite 4.5.81.200 device in the HomeKit Wireless Access Control setup process. A threat actor can exploit this vulnerability to cause a denial of service, forcing the device to reboot via a crafted HTTP request.

πŸ“– Read

via "National Vulnerability Database".
13:28
β€Ό CVE-2021-27954 β€Ό

A heap-based buffer overflow vulnerability exists on the ecobee3 lite 4.5.81.200 device in the HKProcessConfig function of the HomeKit Wireless Access Control setup process. A threat actor can exploit this vulnerability to force the device to connect to a SSID or cause a denial of service.

πŸ“– Read

via "National Vulnerability Database".
13:28
β€Ό CVE-2021-32772 β€Ό

Poddycast is a podcast app made with Electron. Prior to version 0.8.1, an attacker can create a podcast or episode with malicious characters and execute commands on the client machine. The application does not clean the HTML characters of the podcast information obtained from the Feed, which allows the injection of HTML and JS code (cross-site scripting). Being an application made in electron, cross-site scripting can be scaled to remote code execution, making it possible to execute commands on the machine where the application is running. The vulnerability is patched in Poddycast version 0.8.1.

πŸ“– Read

via "National Vulnerability Database".
?
13:57
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
🦿 Cybersecurity professionals: Positive reinforcement works wonders with users 🦿

The blame game is not working; experts suggest using positive reinforcement to improve employee attitude and performance.

πŸ“– Read

via "Tech Republic".
?
14:27
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
🦿 Beef up security in Firefox with Fission 🦿

Jack Wallen shows you how to enable Fission. Firefox developers understand web browser security is at a premium, so they've rolled out a site isolation feature.

πŸ“– Read

via "Tech Republic".
?
15:28
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-37556 β€Ό

A SQL injection vulnerability in reporting export in Centreon before 20.04.14, 20.10.8, and 21.04.2 allows remote authenticated (but low-privileged) attackers to execute arbitrary SQL commands via the include/reporting/dashboard/csvExport/csv_HostGroupLogs.php start and end parameters.

πŸ“– Read

via "National Vulnerability Database".
15:28
β€Ό CVE-2021-33486 β€Ό

All versions of the CODESYS V3 Runtime Toolkit for VxWorks from version V3.5.8.0 and before version V3.5.17.10 have Improper Handling of Exceptional Conditions.

πŸ“– Read

via "National Vulnerability Database".
15:28
β€Ό CVE-2021-21578 β€Ό

Dell EMC iDRAC9 versions prior to 4.40.40.00 contain an open redirect vulnerability. A remote unauthenticated attacker may exploit this vulnerability to redirect users to arbitrary web URLs by tricking the victim users to click on maliciously crafted links.

πŸ“– Read

via "National Vulnerability Database".
15:28
β€Ό CVE-2021-21576 β€Ό

Dell EMC iDRAC9 versions prior to 4.40.40.00 contain a DOM-based cross-site scripting vulnerability. A remote attacker could potentially exploit this vulnerability to run malicious HTML or JavaScript in a victimÒ€ℒs browser by tricking a victim in to following a specially crafted link.

πŸ“– Read

via "National Vulnerability Database".
15:28
β€Ό CVE-2021-32814 β€Ό

Skytable is a NoSQL database with automated snapshots and TLS. Versions prior to 0.5.1 are vulnerable to a a directory traversal attack enabling remotely connected clients to destroy and/or manipulate critical files on the host's file system. This security bug has been patched in version 0.5.1. There are no known workarounds aside from upgrading.

πŸ“– Read

via "National Vulnerability Database".
15:28
β€Ό CVE-2021-21579 β€Ό

Dell EMC iDRAC9 versions prior to 4.40.40.00 contain an open redirect vulnerability. A remote unauthenticated attacker may exploit this vulnerability to redirect users to arbitrary web URLs by tricking the victim users to click on maliciously crafted links.

πŸ“– Read

via "National Vulnerability Database".
15:28
β€Ό CVE-2021-36763 β€Ό

In CODESYS V3 web server before 3.5.17.10, files or directories are accessible to External Parties.

πŸ“– Read

via "National Vulnerability Database".
15:28
β€Ό CVE-2021-32017 β€Ό

An issue was discovered in JUMP AMS 3.6.0.04.009-2487. A JUMP SOAP endpoint permitted the listing of the content of the remote file system. This can be used to identify the complete server filesystem structure, i.e., identifying all the directories and files.

πŸ“– Read

via "National Vulnerability Database".
15:28
β€Ό CVE-2021-21577 β€Ό

Dell EMC iDRAC9 versions prior to 4.40.40.00 contain a DOM-based cross-site scripting vulnerability. A remote attacker could potentially exploit this vulnerability to run malicious HTML or JavaScript in a victimÒ€ℒs browser by tricking a victim in to following a specially crafted link.

πŸ“– Read

via "National Vulnerability Database".
15:28
β€Ό CVE-2021-31503 β€Ό

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop Build 16.6.3.84 (package 16.6.3.134). User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of IGS files. The issue results from the lack of proper initialization of a pointer prior to accessing it. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12690.

πŸ“– Read

via "National Vulnerability Database".
15:28
β€Ό CVE-2021-21581 β€Ό

Dell EMC iDRAC9 versions prior to 5.00.00.00 contain a cross-site scripting vulnerability. A remote attacker could potentially exploit this vulnerability to run malicious HTML or JavaScript in a victimÒ€ℒs browser by tricking a victim in to following a specially crafted link.

πŸ“– Read

via "National Vulnerability Database".
15:28
β€Ό CVE-2021-31504 β€Ό

This vulnerability allows remote attackers to execute arbitrary code on affected installations of OpenText Brava! Desktop Build 16.6.3.84 (package 16.6.3.134). User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDF files. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-12691.

πŸ“– Read

via "National Vulnerability Database".
15:28
β€Ό CVE-2021-37558 β€Ό

A SQL injection vulnerability in a MediaWiki script in Centreon before 20.04.14, 20.10.8, and 21.04.2 allows remote unauthenticated attackers to execute arbitrary SQL commands via the host_name and service_description parameters. The vulnerability can be exploited only when a valid Knowledge Base URL is configured on the Knowledge Base configuration page and points to a MediaWiki instance. This relates to the proxy feature in class/centreon-knowledge/ProceduresProxy.class.php and include/configuration/configKnowledge/proxy/proxy.php.

πŸ“– Read

via "National Vulnerability Database".
15:28
β€Ό CVE-2021-33485 β€Ό

CODESYS Control Runtime system before 3.5.17.10 has a Heap-based Buffer Overflow.

πŸ“– Read

via "National Vulnerability Database".
15:28
β€Ό CVE-2021-37557 β€Ό

A SQL injection vulnerability in image generation in Centreon before 20.04.14, 20.10.8, and 21.04.2 allows remote authenticated (but low-privileged) attackers to execute arbitrary SQL commands via the include/views/graphs/generateGraphs/generateImage.php index parameter.

πŸ“– Read

via "National Vulnerability Database".
15:29
β€Ό CVE-2021-21580 β€Ό

Dell EMC iDRAC8 versions prior to 2.80.80.80 & Dell EMC iDRAC9 versions prior to 5.00.00.00 contain a Content spoofing / Text injection, where a malicious URL can inject text to present a customized message on the application that can phish users into believing that the message is legitimate.

πŸ“– Read

via "National Vulnerability Database".
?
18:23
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ Ransomware Volumes Hit Record Highs as 2021 Wears On ❌

The second quarter of the year saw the highest volumes of ransomware attacks ever, with Ryuk leading the way.

πŸ“– Read

via "Threat Post".
18:23
❌ Iranian APT Lures Defense Contractor in Catfishing-Malware Scam ❌

Fake aerobics-instructor profile delivers malware in a supply-chain attack attempt from TA456.

πŸ“– Read

via "Threat Post".
?
19:28
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-30571 β€Ό

Insufficient policy enforcement in DevTools in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially perform a sandbox escape via a crafted HTML page.

πŸ“– Read

via "National Vulnerability Database".
19:28
β€Ό CVE-2021-30589 β€Ό

Insufficient validation of untrusted input in Sharing in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to bypass navigation restrictions via a crafted click-to-call link.

πŸ“– Read

via "National Vulnerability Database".
19:28
β€Ό CVE-2021-30569 β€Ό

Use after free in sqlite in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

πŸ“– Read

via "National Vulnerability Database".
19:28
β€Ό CVE-2021-30581 β€Ό

Use after free in DevTools in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.

πŸ“– Read

via "National Vulnerability Database".
19:28
β€Ό CVE-2021-30576 β€Ό

Use after free in DevTools in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.

πŸ“– Read

via "National Vulnerability Database".
19:28
β€Ό CVE-2021-30582 β€Ό

Inappropriate implementation in Animation in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

πŸ“– Read

via "National Vulnerability Database".
19:28
β€Ό CVE-2021-30573 β€Ό

Use after free in GPU in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

πŸ“– Read

via "National Vulnerability Database".
19:29
β€Ό CVE-2021-30588 β€Ό

Type confusion in V8 in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

πŸ“– Read

via "National Vulnerability Database".
19:29
β€Ό CVE-2021-30586 β€Ό

Use after free in dialog box handling in Windows in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.

πŸ“– Read

via "National Vulnerability Database".
19:29
β€Ό CVE-2021-30584 β€Ό

Incorrect security UI in Downloads in Google Chrome on Android prior to 92.0.4515.107 allowed a remote attacker to perform domain spoofing via a crafted HTML page.

πŸ“– Read

via "National Vulnerability Database".
19:29
β€Ό CVE-2021-30567 β€Ό

Use after free in DevTools in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to open DevTools to potentially exploit heap corruption via specific user gesture.

πŸ“– Read

via "National Vulnerability Database".
19:29
β€Ό CVE-2021-33332 β€Ό

Cross-site scripting (XSS) vulnerability in the Portlet Configuration module in Liferay Portal 7.1.0 through 7.3.2, and Liferay DXP 7.1 before fix pack 19, and 7.2 before fix pack 7, allows remote attackers to inject arbitrary web script or HTML via the _com_liferay_portlet_configuration_css_web_portlet_PortletConfigurationCSSPortlet_portletResource parameter.

πŸ“– Read

via "National Vulnerability Database".
19:29
β€Ό CVE-2021-30578 β€Ό

Uninitialized use in Media in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to perform out of bounds memory access via a crafted HTML page.

πŸ“– Read

via "National Vulnerability Database".
19:29
β€Ό CVE-2021-30580 β€Ό

Insufficient policy enforcement in Android intents in Google Chrome prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious application to obtain potentially sensitive information via a crafted HTML page.

πŸ“– Read

via "National Vulnerability Database".
19:29
β€Ό CVE-2021-30572 β€Ό

Use after free in Autofill in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

πŸ“– Read

via "National Vulnerability Database".
19:29
β€Ό CVE-2021-30565 β€Ό

Out of bounds write in Tab Groups in Google Chrome on Linux and ChromeOS prior to 92.0.4515.107 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory write via a crafted HTML page.

πŸ“– Read

via "National Vulnerability Database".
19:29
β€Ό CVE-2021-30575 β€Ό

Out of bounds write in Autofill in Google Chrome prior to 92.0.4515.107 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page.

πŸ“– Read

via "National Vulnerability Database".
19:29
β€Ό CVE-2021-33334 β€Ό

The Dynamic Data Mapping module in Liferay Portal 7.0.0 through 7.3.2, and Liferay DXP 7.0 before fix pack 94, 7.1 before fix pack 19, and 7.2 before fix pack 6, does not properly check user permissions, which allows remote attackers with the forms "Access in Site Administration" permission to view all forms and form entries in a site via the forms section in site administration.

πŸ“– Read

via "National Vulnerability Database".
19:29
β€Ό CVE-2021-30583 β€Ό

Insufficient policy enforcement in image handling in iOS in Google Chrome on iOS prior to 92.0.4515.107 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

πŸ“– Read

via "National Vulnerability Database".
19:29
β€Ό CVE-2021-30568 β€Ό

Heap buffer overflow in WebGL in Google Chrome prior to 92.0.4515.107 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

πŸ“– Read

via "National Vulnerability Database".
4 August 2021
?
02:28
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
🦿 True cybersecurity means centering policies on employee behavior, report says 🦿

Protecting systems from bad actors is essential, but all the firewalls in the world are useless against the modern hacker who targets human weaknesses instead of digital ones.

πŸ“– Read

via "Tech Republic".
?
10:23
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-37232 β€Ό

A stack overflow vulnerability occurs in Atomicparsley 20210124.204813.840499f through APar_read64() in src/util.cpp due to the lack of buffer size of uint32_buffer while reading more bytes in APar_read64.

πŸ“– Read

via "National Vulnerability Database".
10:23
β€Ό CVE-2021-35397 β€Ό

A path traversal vulnerability in the static router for Drogon from 1.0.0-beta14 to 1.6.0 could allow an unauthenticated, remote attacker to arbitrarily read files. The vulnerability is due to lack of proper input validation for requested path. An attacker could exploit this vulnerability by sending crafted HTTP request with specific path to read. Successful exploitation could allow the attacker to read files that should be restricted.

πŸ“– Read

via "National Vulnerability Database".
10:23
β€Ό CVE-2021-36483 β€Ό

DevExpress.XtraReports.UI through v21.1 allows attackers to execute arbitrary code via insecure deserialization.

πŸ“– Read

via "National Vulnerability Database".
10:23
β€Ό CVE-2021-37231 β€Ό

A stack-buffer-overflow occurs in Atomicparsley 20210124.204813.840499f through APar_readX() in src/util.cpp while parsing a crafted mp4 file because of the missing boundary check.

πŸ“– Read

via "National Vulnerability Database".
10:23
❌ We COVID-Clicked on Garbage, Report Finds: Podcast ❌

Were we work-from-home clicking zombies? Steganography attacks snagged three out of eight recipients. Nasty CAPTCHAs suckered 50 times more clicks during 2020.

πŸ“– Read

via "Threat Post".
?
11:31
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
🦿 Global cyber intrusion activity jumped 125% in the first half of 2021 🦿

Companies in the U.S. were targeted more than those in any other country, according to Accenture's Cyber Incident Response Update.

πŸ“– Read

via "Tech Republic".
11:31
β€Ό CVE-2021-3680 β€Ό

showdoc is vulnerable to Missing Cryptographic Step

πŸ“– Read

via "National Vulnerability Database".
11:31
β€Ό CVE-2021-33336 β€Ό

Cross-site scripting (XSS) vulnerability in the Journal module's add article menu in Liferay Portal 7.3.0 through 7.3.3, and Liferay DXP 7.1 fix pack 18, and 7.2 fix pack 5 through 7, allows remote attackers to inject arbitrary web script or HTML via the _com_liferay_journal_web_portlet_JournalPortlet_name parameter.

πŸ“– Read

via "National Vulnerability Database".
11:31
β€Ό CVE-2021-33339 β€Ό

Cross-site scripting (XSS) vulnerability in the Fragment module in Liferay Portal 7.2.1 through 7.3.4, and Liferay DXP 7.2 before fix pack 9 allows remote attackers to inject arbitrary web script or HTML via the _com_liferay_site_admin_web_portlet_SiteAdminPortlet_name parameter.

πŸ“– Read

via "National Vulnerability Database".
?
12:23
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ Phishing Campaign Dangles SharePoint File-Shares ❌

Attackers spoof sender addresses to appear legitimate in a crafty campaign that can slip past numerous detections, Microsoft researchers have discovered.

πŸ“– Read

via "Threat Post".
?
14:24
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2020-24822 β€Ό

A vulnerability in the dwarf::cursor::uleb function of Libelfin v0.3 allows attackers to cause a denial of service (DOS) through a segmentation fault via a crafted ELF file.

πŸ“– Read

via "National Vulnerability Database".
14:24
β€Ό CVE-2021-33337 β€Ό

Cross-site scripting (XSS) vulnerability in the Document Library module's add document menu in Liferay Portal 7.3.0 through 7.3.4, and Liferay DXP 7.1 before fix pack 20, and 7.2 before fix pack 9, allows remote attackers to inject arbitrary web script or HTML via the _com_liferay_document_library_web_portlet_DLAdminPortlet_name parameter.

πŸ“– Read

via "National Vulnerability Database".
14:24
β€Ό CVE-2020-24826 β€Ό

A vulnerability in the elf::section::as_strtab function of Libelfin v0.3 allows attackers to cause a denial of service (DOS) through a segmentation fault via a crafted ELF file.

πŸ“– Read

via "National Vulnerability Database".
14:24
β€Ό CVE-2020-24824 β€Ό

A global buffer overflow issue in the dwarf::line_table::line_table function of Libelfin v0.3 allows attackers to cause a denial of service (DOS).

πŸ“– Read

via "National Vulnerability Database".
14:24
β€Ό CVE-2020-24827 β€Ό

A vulnerability in the dwarf::cursor::skip_form function of Libelfin v0.3 allows attackers to cause a denial of service (DOS) through a segmentation fault via a crafted ELF file.

πŸ“– Read

via "National Vulnerability Database".
14:24
β€Ό CVE-2021-29765 β€Ό

IBM PowerVM Hypervisor FW940 and FW950 could allow an attacker to obtain sensitive information if they gain service access to the FSP. IBM X-Force ID: 202476.

πŸ“– Read

via "National Vulnerability Database".
14:24
β€Ό CVE-2021-32590 β€Ό

Multiple improper neutralization of special elements used in an SQL command vulnerabilities in FortiPortal 6.0.0 through 6.0.4, 5.3.0 through 5.3.5, 5.2.0 through 5.2.5, and 4.2.2 and earlier may allow an attacker with regular user's privileges to execute arbitrary commands on the underlying SQL database via specifically crafted HTTP requests.

πŸ“– Read

via "National Vulnerability Database".
14:24
β€Ό CVE-2021-35463 β€Ό

Cross-site scripting (XSS) vulnerability in the Frontend Taglib module in Liferay Portal 7.4.0 allows remote attackers to inject arbitrary web script or HTML into the management toolbar search via the `keywords` parameter.

πŸ“– Read

via "National Vulnerability Database".
14:24
β€Ό CVE-2020-24821 β€Ό

A vulnerability in the dwarf::cursor::skip_form function of Libelfin v0.3 allows attackers to cause a denial of service (DOS) through a segmentation fault via a crafted ELF file.

πŸ“– Read

via "National Vulnerability Database".
14:24
β€Ό CVE-2021-26098 β€Ό

An instance of small space of random values in the RPC API of FortiSandbox before 4.0.0 may allow an attacker in possession of a few information pieces about the state of the device to possibly predict valid session IDs.

πŸ“– Read

via "National Vulnerability Database".
14:24
β€Ό CVE-2021-24010 β€Ό

Improper limitation of a pathname to a restricted directory vulnerabilities in FortiSandbox 3.2.0 through 3.2.2, and 3.1.0 through 3.1.4 may allow an authenticated user to obtain unauthorized access to files and data via specifially crafted web requests.

πŸ“– Read

via "National Vulnerability Database".
14:24
β€Ό CVE-2021-32594 β€Ό

An unrestricted file upload vulnerability in the web interface of FortiPortal 6.0.0 through 6.0.4, 5.3.0 through 5.3.5, 5.2.0 through 5.2.5, and 4.2.2 and earlier may allow a low-privileged user to potentially tamper with the underlying system's files via the upload of specifically crafted files.

πŸ“– Read

via "National Vulnerability Database".
14:24
β€Ό CVE-2020-4707 β€Ό

IBM API Connect 5.0.0.0 through 5.0.8.11 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 187370.

πŸ“– Read

via "National Vulnerability Database".
14:24
β€Ό CVE-2021-36764 β€Ό

In CODESYS Gateway V3 before 3.5.17.10, there is a NULL Pointer Dereference. Crafted communication requests may cause a Null pointer dereference in the affected CODESYS products and may result in a denial-of-service condition.

πŸ“– Read

via "National Vulnerability Database".
14:24
β€Ό CVE-2021-36168 β€Ό

A Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Fortinet FortiPortal 6.x before 6.0.5, FortiPortal 5.3.x before 5.3.6 and any FortiPortal before 6.2.5 allows authenticated attacker to disclosure information via crafted GET request with malicious parameter values.

πŸ“– Read

via "National Vulnerability Database".
14:24
β€Ό CVE-2021-36765 β€Ό

In CODESYS EtherNetIP before 4.1.0.0, specific EtherNet/IP requests may cause a null pointer dereference in the downloaded vulnerable EtherNet/IP stack that is executed by the CODESYS Control runtime system.

πŸ“– Read

via "National Vulnerability Database".
14:24
β€Ό CVE-2021-24018 β€Ό

A buffer underwrite vulnerability in the firmware verification routine of FortiOS before 7.0.1 may allow an attacker located in the adjacent network to potentially execute arbitrary code via a specifically crafted firmware image.

πŸ“– Read

via "National Vulnerability Database".
14:24
β€Ό CVE-2021-33338 β€Ό

The Layout module in Liferay Portal 7.1.0 through 7.3.2, and Liferay DXP 7.1 before fix pack 19, and 7.2 before fix pack 6, exposes the CSRF token in URLs, which allows man-in-the-middle attackers to obtain the token and conduct Cross-Site Request Forgery (CSRF) attacks via the p_auth parameter.

πŸ“– Read

via "National Vulnerability Database".
14:24
β€Ό CVE-2021-3678 β€Ό

showdoc is vulnerable to Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)

πŸ“– Read

via "National Vulnerability Database".
14:24
🦿 Cybersecurity pros wanted: Tips for hiring IT and security talent right now 🦿

Companies are pulling out all of the stops to attract top talent in a tight labor market. These tips could help companies attract and retain cybersecurity pros in the months ahead.

πŸ“– Read

via "Tech Republic".
?
15:23
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
πŸ” How Much Does a Data Breach Cost in 2021? πŸ”

The cost of data breaches continues to rise; according to this annual report, the global shift to remote work is partly to blame.

πŸ“– Read

via "".
?
16:23
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-34845 β€Ό

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14034.

πŸ“– Read

via "National Vulnerability Database".
16:23
β€Ό CVE-2021-34835 β€Ό

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14015.

πŸ“– Read

via "National Vulnerability Database".
16:23
β€Ό CVE-2021-34851 β€Ό

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14016.

πŸ“– Read

via "National Vulnerability Database".
16:23
β€Ό CVE-2021-34834 β€Ό

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14014.

πŸ“– Read

via "National Vulnerability Database".
16:23
β€Ό CVE-2021-32596 β€Ό

A use of one-way hash with a predictable salt vulnerability in the password storing mechanism of FortiPortal 6.0.0 through 6.04 may allow an attacker already in possession of the password store to decrypt the passwords by means of precomputed tables.

πŸ“– Read

via "National Vulnerability Database".
16:23
β€Ό CVE-2021-34850 β€Ό

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14529.

πŸ“– Read

via "National Vulnerability Database".
16:23
β€Ό CVE-2021-34852 β€Ό

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-13929.

πŸ“– Read

via "National Vulnerability Database".
16:23
β€Ό CVE-2021-34838 β€Ό

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14019.

πŸ“– Read

via "National Vulnerability Database".
16:23
β€Ό CVE-2021-34831 β€Ό

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit Reader 10.1.4.37651. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Document objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-13741.

πŸ“– Read

via "National Vulnerability Database".
16:23
β€Ό CVE-2021-34836 β€Ό

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14017.

πŸ“– Read

via "National Vulnerability Database".
16:23
β€Ό CVE-2021-34853 β€Ό

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14013.

πŸ“– Read

via "National Vulnerability Database".
16:23
β€Ό CVE-2021-34846 β€Ό

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14120.

πŸ“– Read

via "National Vulnerability Database".
16:23
β€Ό CVE-2021-34833 β€Ό

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14023.

πŸ“– Read

via "National Vulnerability Database".
16:23
β€Ό CVE-2021-34842 β€Ό

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14024.

πŸ“– Read

via "National Vulnerability Database".
16:23
β€Ό CVE-2021-34847 β€Ό

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14270.

πŸ“– Read

via "National Vulnerability Database".
16:23
β€Ό CVE-2021-34849 β€Ό

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14531.

πŸ“– Read

via "National Vulnerability Database".
16:23
β€Ό CVE-2020-29011 β€Ό

Instances of SQL Injection vulnerabilities in the checksum search and MTA-quarantine modules of FortiSandbox 3.2.0 through 3.2.2, and 3.1.0 through 3.1.4 may allow an authenticated attacker to execute unauthorized code on the underlying SQL interpreter via specifically crafted HTTP requests.

πŸ“– Read

via "National Vulnerability Database".
16:23
β€Ό CVE-2021-34848 β€Ό

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14532.

πŸ“– Read

via "National Vulnerability Database".
16:23
β€Ό CVE-2021-34841 β€Ό

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14022.

πŸ“– Read

via "National Vulnerability Database".
16:23
β€Ό CVE-2021-34837 β€Ό

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Foxit PDF Reader 11.0.0.49893. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of Annotation objects. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. Was ZDI-CAN-14018.

πŸ“– Read

via "National Vulnerability Database".
?
17:23
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ Black Hat: Let’s All Help Cyber-Immunize Each Other ❌

We're selfish if we're only mitigating our own stuff, said Black Hat USA 2021 keynoter Jeff Moss. Let's be like doctors battling COVID and work for herd immunity.

πŸ“– Read

via "Threat Post".
?
18:23
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-34707 β€Ό

A vulnerability in the REST API of Cisco Evolved Programmable Network Manager (EPNM) could allow an authenticated, remote attacker to access sensitive data on an affected system. This vulnerability exists because the application does not sufficiently protect sensitive data when responding to an API request. An attacker could exploit the vulnerability by sending a specific API request to the affected application. A successful exploit could allow the attacker to obtain sensitive information about the application.

πŸ“– Read

via "National Vulnerability Database".
18:23
β€Ό CVE-2021-20028 β€Ό

** UNSUPPORTED WHEN ASSIGNED ** Improper neutralization of a SQL Command leading to SQL Injection vulnerability impacting end-of-life Secure Remote Access (SRA) products, specifically the SRA appliances running all 8.x firmware and 9.0.0.9-26sv or earlier.

πŸ“– Read

via "National Vulnerability Database".
18:23
β€Ό CVE-2021-1602 β€Ό

A vulnerability in the web-based management interface of Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient user input validation. An attacker could exploit this vulnerability by sending a crafted request to the web-based management interface. A successful exploit could allow the attacker to execute arbitrary commands on an affected device using root-level privileges. Due to the nature of the vulnerability, only commands without parameters can be executed.

πŸ“– Read

via "National Vulnerability Database".
18:23
β€Ό CVE-2021-1610 β€Ό

Multiple vulnerabilities in the web-based management interface of the Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an attacker to do the following: Execute arbitrary code Cause a denial of service (DoS) condition Execute arbitrary commands For more information about these vulnerabilities, see the Details section of this advisory.

πŸ“– Read

via "National Vulnerability Database".
18:23
β€Ό CVE-2021-1593 β€Ό

A vulnerability in Cisco Packet Tracer for Windows could allow an authenticated, local attacker to perform a DLL injection attack on an affected device. To exploit this vulnerability, the attacker must have valid credentials on the Windows system. This vulnerability is due to incorrect handling of directory paths at run time. An attacker could exploit this vulnerability by inserting a configuration file in a specific path on the system, which can cause a malicious DLL file to be loaded when the application starts. A successful exploit could allow an attacker with normal user privileges to execute arbitrary code on the affected system with the privileges of another user&rsquo;s account.

πŸ“– Read

via "National Vulnerability Database".
18:23
β€Ό CVE-2021-32706 β€Ό

Pi-hole's Web interface provides a central location to manage a Pi-hole instance and review performance statistics. Prior to Pi-hole Web interface version 5.5.1, the `validDomainWildcard` preg_match filter allows a malicious character through that can be used to execute code, list directories, and overwrite sensitive files. The issue lies in the fact that one of the periods is not escaped, allowing any character to be used in its place. A patch for this vulnerability was released in version 5.5.1.

πŸ“– Read

via "National Vulnerability Database".
18:23
β€Ό CVE-2021-32465 β€Ό

An incorrect permission preservation vulnerability in Trend Micro Apex One, Apex One as a Service and OfficeScan XG SP1 could allow a remote user to perform an attack and bypass authentication on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

πŸ“– Read

via "National Vulnerability Database".
18:23
β€Ό CVE-2021-24014 β€Ό

Multiple instances of improper neutralization of input during web page generation vulnerabilities in FortiSandbox before 4.0.0 may allow an unauthenticated attacker to perform an XSS attack via specifically crafted request parameters.

πŸ“– Read

via "National Vulnerability Database".
18:23
β€Ό CVE-2021-1522 β€Ό

A vulnerability in the change password API of Cisco Connected Mobile Experiences (CMX) could allow an authenticated, remote attacker to alter their own password to a value that does not comply with the strong authentication requirements that are configured on an affected device. This vulnerability exists because a password policy check is incomplete at the time a password is changed at server side using the API. An attacker could exploit this vulnerability by sending a specially crafted API request to the affected device. A successful exploit could allow the attacker to change their own password to a value that does not comply with the configured strong authentication requirements.

πŸ“– Read

via "National Vulnerability Database".
18:23
β€Ό CVE-2021-22124 β€Ό

An uncontrolled resource consumption (denial of service) vulnerability in the login modules of FortiSandbox 3.2.0 through 3.2.2, 3.1.0 through 3.1.4, and 3.0.0 through 3.0.6; and FortiAuthenticator before 6.0.6 may allow an unauthenticated attacker to bring the device into an unresponsive state via specifically-crafted long request parameters.

πŸ“– Read

via "National Vulnerability Database".
18:23
β€Ό CVE-2021-38111 β€Ό

The DEF CON 27 badge allows remote attackers to exploit a buffer overflow by sending an oversized packet via the NFMI (Near Field Magnetic Induction) protocol.

πŸ“– Read

via "National Vulnerability Database".
18:23
β€Ό CVE-2021-32464 β€Ό

An incorrect permission assignment privilege escalation vulnerability in Trend Micro Apex One, Apex One as a Service and Worry-Free Business Security Services could allow an attacker to modify a specific script before it is executed. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

πŸ“– Read

via "National Vulnerability Database".
18:23
β€Ό CVE-2021-32793 β€Ό

Pi-hole's Web interface provides a central location to manage a Pi-hole instance and review performance statistics. Prior to Pi-hole Web interface version 5.5.1, the function to add domains to blocklists or allowlists is vulnerable to a stored cross-site-scripting vulnerability. User input added as a wildcard domain to a blocklist or allowlist is unfiltered in the web interface. Since the payload is stored permanently as a wildcard domain, this is a persistent XSS vulnerability. A remote attacker can therefore attack administrative user accounts through client-side attacks. Pi-hole Web Interface version 5.5.1 contains a patch for this vulnerability.

πŸ“– Read

via "National Vulnerability Database".
18:23
β€Ό CVE-2021-26096 β€Ό

Multiple instances of heap-based buffer overflow in the command shell of FortiSandbox before 4.0.0 may allow an authenticated attacker to manipulate memory and alter its content by means of specifically crafted command line arguments.

πŸ“– Read

via "National Vulnerability Database".
18:23
β€Ό CVE-2021-1609 β€Ό

Multiple vulnerabilities in the web-based management interface of the Cisco Small Business RV340, RV340W, RV345, and RV345P Dual WAN Gigabit VPN Routers could allow an attacker to do the following: Execute arbitrary code Cause a denial of service (DoS) condition Execute arbitrary commands For more information about these vulnerabilities, see the Details section of this advisory.

πŸ“– Read

via "National Vulnerability Database".
18:23
β€Ό CVE-2021-38113 β€Ό

In addBouquet in js/bqe.js in OpenWebif (aka e2openplugin-OpenWebif) through 1.4.7, inserting JavaScript into the Add Bouquet feature of the Bouquet Editor (i.e., bouqueteditor/api/addbouquet?name=) leads to Stored XSS.

πŸ“– Read

via "National Vulnerability Database".
18:23
β€Ό CVE-2021-1572 β€Ό

A vulnerability in ConfD could allow an authenticated, local attacker to execute arbitrary commands at the level of the account under which ConfD is running, which is commonly root. To exploit this vulnerability, an attacker must have a valid account on an affected device. The vulnerability exists because the affected software incorrectly runs the SFTP user service at the privilege level of the account that was running when the ConfD built-in Secure Shell (SSH) server for CLI was enabled. If the ConfD built-in SSH server was not enabled, the device is not affected by this vulnerability. An attacker with low-level privileges could exploit this vulnerability by authenticating to an affected device and issuing a series of commands at the SFTP interface. A successful exploit could allow the attacker to elevate privileges to the level of the account under which ConfD is running, which is commonly root. Note: Any user who can authenticate to the built-in SSH server may exploit this vulnerability. By default, all ConfD users have this access if the server is enabled. Software updates that address this vulnerability have been released.

πŸ“– Read

via "National Vulnerability Database".
?
19:23
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ Black Hat: Security Bugs Allow Takeover of Capsule Hotel Rooms ❌

A researcher was able to remotely control the lights, bed and ventilation in "smart" hotel rooms via Nasnos vulnerabilities.

πŸ“– Read

via "Threat Post".
19:23
❌ β€˜I’m Calling About Your Car Warranty’, aka PII Hijinx ❌

Black Hat: Researchers created 300 fake identities, signed them up on 185 legit sites, then tracked how much the sites used signup PII to pester the accounts.

πŸ“– Read

via "Threat Post".
?
20:23
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2020-22352 β€Ό

The gf_dash_segmenter_probe_input function in GPAC v0.8 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.

πŸ“– Read

via "National Vulnerability Database".
20:23
β€Ό CVE-2021-38114 β€Ό

libavcodec/dnxhddec.c in FFmpeg 4.4 does not check the return value of the init_vlc function, a similar issue to CVE-2013-0868.

πŸ“– Read

via "National Vulnerability Database".
20:23
β€Ό CVE-2021-38115 β€Ό

read_header_tga in gd_tga.c in the GD Graphics Library (aka LibGD) through 2.3.2 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted TGA file.

πŸ“– Read

via "National Vulnerability Database".
20:23
β€Ό CVE-2020-24829 β€Ό

An issue was discovered in GPAC v0.8.0, as demonstrated by MP4Box. It contains a heap-based buffer overflow in gf_m2ts_section_complete in media_tools/mpegts.c that can cause a denial of service (DOS) via a crafted MP4 file.

πŸ“– Read

via "National Vulnerability Database".
?
22:23
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-3539 β€Ό

EspoCRM 6.1.6 and prior suffers from a persistent (type II) cross-site scripting (XSS) vulnerability in processing user-supplied avatar images. This issue was fixed in version 6.1.7 of the product.

πŸ“– Read

via "National Vulnerability Database".
22:23
β€Ό CVE-2021-36800 β€Ό

Akaunting version 2.1.12 and earlier suffers from a code injection issue in the Money.php component of the application. A POST sent to /{company_id}/sales/invoices/{invoice_id} with an items[0][price] that includes a PHP callable function is executed directly. This issue was fixed in version 2.1.13 of the product.

πŸ“– Read

via "National Vulnerability Database".
22:23
β€Ό CVE-2021-36803 β€Ό

Akaunting version 2.1.12 and earlier suffers from a persistent (type II) cross-site scripting (XSS) vulnerability in processing user-supplied avatar images. This issue was fixed in version 2.1.13 of the product.

πŸ“– Read

via "National Vulnerability Database".
22:23
β€Ό CVE-2021-36801 β€Ό

Akaunting version 2.1.12 and earlier suffers from an authentication bypass issue in the user-controllable field, companies[0]. This issue was fixed in version 2.1.13 of the product.

πŸ“– Read

via "National Vulnerability Database".
22:23
β€Ό CVE-2021-31867 β€Ό

Pimcore Customer Data Framework version 3.0.0 and earlier suffers from a Boolean-based blind SQL injection issue in the $id parameter of the SegmentAssignmentController.php component of the application. This issue was fixed in version 3.0.2 of the product.

πŸ“– Read

via "National Vulnerability Database".
22:23
β€Ό CVE-2021-36802 β€Ό

Akaunting version 2.1.12 and earlier suffers from a denial-of-service issue that is triggered by setting a malformed 'locale' variable and sending it in an otherwise normal HTTP POST request. This issue was fixed in version 2.1.13 of the product.

πŸ“– Read

via "National Vulnerability Database".
22:23
β€Ό CVE-2021-31869 β€Ό

Pimcore AdminBundle version 6.8.0 and earlier suffers from a SQL injection issue in the specificID variable used by the application. This issue was fixed in version 6.9.4 of the product.

πŸ“– Read

via "National Vulnerability Database".
22:23
β€Ό CVE-2021-36804 β€Ό

Akaunting version 2.1.12 and earlier suffers from a password reset spoofing vulnerability, wherein an attacker can proxy password reset requests through a running Akaunting instance, if that attacker knows the target's e-mail address. This issue was fixed in version 2.1.13 of the product. Please note that this issue is ultimately caused by the defaults provided by the Laravel framework, specifically how proxy headers are handled with respect to multi-tenant implementations. In other words, while this is not technically a vulnerability in Laravel, this default configuration is very likely to lead to practically identical identical vulnerabilities in Laravel projects that implement multi-tenant applications.

πŸ“– Read

via "National Vulnerability Database".
22:23
β€Ό CVE-2021-36805 β€Ό

Akaunting version 2.1.12 and earlier suffers from a persistent (type II) cross-site scripting (XSS) vulnerability in the sales invoice processing component of the application. This issue was fixed in version 2.1.13 of the product.

πŸ“– Read

via "National Vulnerability Database".
5 August 2021
?
09:39
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-32603 β€Ό

A server-side request forgery (SSRF) (CWE-918) vulnerability in FortiManager and FortiAnalyser GUI 7.0.0, 6.4.5 and below, 6.2.7 and below, 6.0.11 and below, 5.6.11 and below may allow a remote and authenticated attacker to access unauthorized files and services on the system via specifically crafted web requests.

πŸ“– Read

via "National Vulnerability Database".
09:39
β€Ό CVE-2021-32598 β€Ό

An improper neutralization of CRLF sequences in HTTP headers ('HTTP Response Splitting') vulnerability In FortiManager and FortiAnalyzer GUI 7.0.0, 6.4.6 and below, 6.2.8 and below, 6.0.11 and below, 5.6.11 and below may allow an authenticated and remote attacker to perform an HTTP request splitting attack which gives attackers control of the remaining headers and body of the response.

πŸ“– Read

via "National Vulnerability Database".
?
11:31
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-38095 β€Ό

The REST API in Planview Spigit 4.5.3 allows remote unauthenticated attackers to query sensitive user accounts data, as demonstrated by an api/v1/users/1 request.

πŸ“– Read

via "National Vulnerability Database".
11:31
❌ Black Hat: Charming Kitten Leaves More Paw Prints ❌

IBM X-Force detailed the custom-made "LittleLooter" data stealer and 4+ hours of ITG18 operator training videos revealed by an opsec goof.

πŸ“– Read

via "Threat Post".
?
12:06
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ Black Hat: Microsoft’s Patch for Windows Hello Bypass Bug is Faulty, Researchers Say ❌

Researchers show how to circumvent Microsoft’s Windows Hello biometric authentication using a spoofed USB camera.

πŸ“– Read

via "Threat Post".
?
12:27
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
πŸ•΄ Why Supply Chain Attacks Are Destined to Escalate πŸ•΄

In his keynote address at Black Hat USA on Wednesday, Matt Tait, chief operating officer at Corellium, called for software platform vendors and security researchers to do their part to thwart the fallout of software supply chain compromises.

πŸ“– Read

via "Dark Reading".
12:27
πŸ•΄ Organizations Still Struggle to Hire & Retain Infosec Employees: Report πŸ•΄

Security leaders are challenged to fill application security and cloud computing jobs in particular, survey data shows.

πŸ“– Read

via "Dark Reading".
12:36
❌ MacOS Flaw in Telegram Retrieves Deleted Messages ❌

Telegram declined to fix a scenario in which the flaw can be exploited, spurring a Trustwave researcher to decline a bug bounty and to disclose his findings instead.

πŸ“– Read

via "Threat Post".
?
12:57
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
πŸ•΄ A New Approach to Securing Authentication Systems' Core Secrets πŸ•΄

Researchers at Black Hat USA explain issues around defending "Golden Secrets" and present an approach to solving the problem.

πŸ“– Read

via "Dark Reading".
?
13:27
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
πŸ•΄ Researchers Find Significant Vulnerabilities in macOS Privacy Protections πŸ•΄

Attacks require executing code on a system but foil Apple's approach to protecting private data and systems files.

πŸ“– Read

via "Dark Reading".
?
14:02
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
⚠ β€œCobalt Strike” network attack tool patches crashtastic server bug ⚠

Ahhhh, the irony! Red-team network attack tool has its very own bug for a Blue Team to counterexploit.

πŸ“– Read

via "Naked Security".
?
15:31
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-37604 β€Ό

In the Microchip MiWi v6.5 software stack, there is a possibility of frame counters being validated/updated prior to message authentication.

πŸ“– Read

via "National Vulnerability Database".
15:31
β€Ό CVE-2020-22732 β€Ό

CMS Made Simple (CMSMS) 2.2.14 allows stored XSS via the Extensions > Fie Picker..

πŸ“– Read

via "National Vulnerability Database".
15:31
β€Ό CVE-2021-38138 β€Ό

OneNav beta 0.9.12 allows XSS via the Add Link feature. NOTE: the vendor's position is that there intentionally is not any XSS protection at present, because the attack risk is largely limited to a compromised account; however, XSS protection is planned for a future release.

πŸ“– Read

via "National Vulnerability Database".
15:31
β€Ό CVE-2021-37605 β€Ό

In the Microchip MiWi v6.5 software stack, there is a possibility of frame counters being being validated / updated prior to message authentication.

πŸ“– Read

via "National Vulnerability Database".
?
16:04
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
πŸ” Enterprise Security Migration Done Right: Tips from Our CISO πŸ”

Is your company planning on migrating to a new security solution? Do it the right way and avoid these pitfalls.

πŸ“– Read

via "".
?
17:36
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-37625 β€Ό

Skytable is an open source NoSQL database. In versions prior to 0.6.4 an incorrect check of return value of the accept function in the run-loop for a TCP socket/TLS socket/TCP+TLS multi-socket causes an early exit from the run loop that should continue infinitely unless terminated by a local user, effectively causing the whole database server to shut down. This has severe impact and can be used to easily cause DoS attacks without the need to use much bandwidth. The attack vectors include using an incomplete TLS connection for example by not providing the certificate for the connection and using a specially crafted TCP packet that triggers the application layer backoff algorithm.

πŸ“– Read

via "National Vulnerability Database".
?
18:58
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
🦿 The most secure browser for transmitting sensitive data is definitely not Chrome 🦿

Jack Wallen addresses the challenging question of which browser is best to use for transmitting encrypted data.

πŸ“– Read

via "Tech Republic".
18:58
🦿 Where to find the best-paying cybersecurity jobs 🦿

New analysis includes salary data, cost of living and how easy it is to find a job and identifies cities with the best pay and the most open positions.

πŸ“– Read

via "Tech Republic".
19:01
❌ Auditors: Feds’ Cybersecurity Gets the Dunce Cap ❌

Out of eight agencies, four were given D grades in a report for the Senate, while the Feds overall got a C-.Β 

πŸ“– Read

via "Threat Post".
?
19:27
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
πŸ•΄ Incident Responders Explore Microsoft 365 Attacks in the Wild πŸ•΄

Mandiant experts discuss the novel techniques used to evade detection, automate data theft, and achieve persistent access.

πŸ“– Read

via "Dark Reading".
19:31
β€Ό CVE-2021-29971 β€Ό

If a user had granted a permission to a webpage and saved that grant, any webpage running on the same host - irrespective of scheme or port - would be granted that permission. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 90.

πŸ“– Read

via "National Vulnerability Database".
19:31
β€Ό CVE-2021-34638 β€Ό

Authenticated Directory Traversal in WordPress Download Manager <= 3.1.24 allows authenticated (Contributor+) users to obtain sensitive configuration file information, as well as allowing Author+ users to perform XSS attacks, by setting Download template to a file containing configuration information or an uploaded JavaScript with an image extension This issue affects: WordPress Download Manager version 3.1.24 and prior versions.

πŸ“– Read

via "National Vulnerability Database".
19:31
β€Ό CVE-2021-34631 β€Ό

The NewsPlugin WordPress plugin is vulnerable to Cross-Site Request Forgery via the handle_save_style function found in the ~/news-plugin.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.0.18.

πŸ“– Read

via "National Vulnerability Database".
19:31
β€Ό CVE-2021-29972 β€Ό

A use-after-free vulnerability was found via testing, and traced to an out-of-date Cairo library. Updating the library resolved the issue, and may have remediated other, unknown security vulnerabilities as well. This vulnerability affects Firefox < 90.

πŸ“– Read

via "National Vulnerability Database".
19:31
β€Ό CVE-2021-3566 β€Ό

Prior to ffmpeg version 4.3, the tty demuxer did not have a 'read_probe' function assigned to it. By crafting a legitimate "ffconcat" file that references an image, followed by a file the triggers the tty demuxer, the contents of the second file will be copied into the output file verbatim (as long as the `-vcodec copy` option is passed to ffmpeg).

πŸ“– Read

via "National Vulnerability Database".
19:31
β€Ό CVE-2021-3591 β€Ό

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.

πŸ“– Read

via "National Vulnerability Database".
19:31
β€Ό CVE-2021-3580 β€Ό

A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service.

πŸ“– Read

via "National Vulnerability Database".
19:31
β€Ό CVE-2021-3679 β€Ό

A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.

πŸ“– Read

via "National Vulnerability Database".
19:31
β€Ό CVE-2021-29976 β€Ό

Mozilla developers reported memory safety bugs present in code shared between Firefox and Thunderbird. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 78.12, Firefox ESR < 78.12, and Firefox < 90.

πŸ“– Read

via "National Vulnerability Database".
19:31
β€Ό CVE-2021-3642 β€Ό

A flaw was found in Wildfly Elytron where ScramServer may be susceptible to Timing Attack if enabled. The highest threat of this vulnerability is confidentiality. This flaw affectes Wildfly Elytron versions prior to 1.10.14.Final, prior to 1.15.5.Final and prior to 1.16.1.Final.

πŸ“– Read

via "National Vulnerability Database".
19:31
β€Ό CVE-2021-29970 β€Ό

A malicious webpage could have triggered a use-after-free, memory corruption, and a potentially exploitable crash. *This bug could only be triggered when accessibility was enabled.*. This vulnerability affects Thunderbird < 78.12, Firefox ESR < 78.12, and Firefox < 90.

πŸ“– Read

via "National Vulnerability Database".
19:31
β€Ό CVE-2021-35307 β€Ό

An issue was discovered in Bento4 through v1.6.0-636. A NULL pointer dereference exists in the AP4_DescriptorFinder::Test component located in /Core/Ap4Descriptor.h. It allows an attacker to cause a denial of service (DOS).

πŸ“– Read

via "National Vulnerability Database".
19:31
β€Ό CVE-2021-35325 β€Ό

A stack overflow in the checkLoginUser function of TOTOLINK A720R A720R_Firmware v4.1.5cu.470_B20200911 allows attackers to cause a denial of service (DOS).

πŸ“– Read

via "National Vulnerability Database".
19:31
β€Ό CVE-2021-3682 β€Ό

A flaw was found in the USB redirector device emulation of QEMU in versions prior to 6.1.0-rc2. It occurs when dropping packets during a bulk transfer from a SPICE client due to the packet queue being full. A malicious SPICE client could use this flaw to make QEMU call free() with faked heap chunk metadata, resulting in a crash of QEMU or potential code execution with the privileges of the QEMU process on the host.

πŸ“– Read

via "National Vulnerability Database".
19:31
β€Ό CVE-2021-35324 β€Ό

A vulnerability in the Form_Login function of TOTOLINK A720R A720R_Firmware V4.1.5cu.470_B20200911 allows attackers to bypass authentication.

πŸ“– Read

via "National Vulnerability Database".
19:31
β€Ό CVE-2021-34639 β€Ό

Authenticated File Upload in WordPress Download Manager <= 3.1.24 allows authenticated (Author+) users to upload files with a double extension, e.g. "payload.php.png" which is executable in some configurations. This issue affects: WordPress Download Manager version 3.1.24 and prior versions.

πŸ“– Read

via "National Vulnerability Database".
19:31
β€Ό CVE-2021-32577 β€Ό

Acronis True Image prior to 2021 Update 5 for Windows allowed local privilege escalation due to insecure folder permissions.

πŸ“– Read

via "National Vulnerability Database".
19:31
β€Ό CVE-2021-36584 β€Ό

An issue was discovered in GPAC 1.0.1. There is a heap-based buffer overflow in the function gp_rtp_builder_do_tx3g function in ietf/rtp_pck_3gpp.c, as demonstrated by MP4Box. This can cause a denial of service (DOS).

πŸ“– Read

via "National Vulnerability Database".
19:31
β€Ό CVE-2021-37156 β€Ό

Redmine 4.2.0 and 4.2.1 allow existing user sessions to continue upon enabling two-factor authentication for the user's account, but the intended behavior is for those sessions to be terminated.

πŸ“– Read

via "National Vulnerability Database".
19:31
β€Ό CVE-2021-32581 β€Ό

Acronis True Image prior to 2021 Update 4 for Windows, Acronis True Image prior to 2021 Update 5 for Mac, Acronis Agent prior to build 26653, Acronis Cyber Protect prior to build 27009 did not implement SSL certificate validation.

πŸ“– Read

via "National Vulnerability Database".
?
21:01
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ Black Hat: New CISA Head Woos Crowd With Public-Private Task Force ❌

Day two Black Hat keynote by CISA Director Jen Easterly includes launch of private-public partnership with Amazon, Google and Microsoft to fight cybercrime.

πŸ“– Read

via "Threat Post".
?
21:42
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2020-22392 β€Ό

Cross Site Scripting (XSS) vulnerability exists in Subrion CMS 4.2.2 when adding a blog and then editing an image file.

πŸ“– Read

via "National Vulnerability Database".
?
22:27
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
πŸ•΄ CISA Launches JCDC, the Joint Cyber Defense Collaborative πŸ•΄

"We can't do this alone," the new CISA director told attendees in a keynote at Black Hat USA today.

πŸ“– Read

via "Dark Reading".
6 August 2021
?
08:59
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
🦿 FTC warns of phishing scams over unemployment benefits 🦿

The scam messages try to convince you to enter your Social Security number and other personal info at a website masquerading as your state's workforce agency.

πŸ“– Read

via "Tech Republic".
?
09:32
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-32587 β€Ό

An improper access control vulnerability in FortiManager and FortiAnalyzer GUI interface 7.0.0, 6.4.5 and below, 6.2.8 and below, 6.0.11and below, 5.6.11and below may allow a remote and authenticated attacker with restricted user profile to retrieve the list of administrative users of other ADOMs and their related configuration.

πŸ“– Read

via "National Vulnerability Database".
09:32
β€Ό CVE-2021-32597 β€Ό

Multiple improper neutralization of input during web page generation (CWE-79) in FortiManager and FortiAnalyzer versions 7.0.0, 6.4.5 and below, 6.2.7 and below user interface, may allow a remote authenticated attacker to perform a Stored Cross Site Scripting attack (XSS) by injecting malicious payload in GET parameters.

πŸ“– Read

via "National Vulnerability Database".
09:35
πŸ” Friday Five 8/6 πŸ”

An increase in supply chain attacks, RDP brute force attacks explained, and a hacked hotel room - catch up on the infosec news of the week with the Friday Five!

πŸ“– Read

via "".
?
10:57
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
πŸ•΄ HTTP/2 Implementation Errors Exposing Websites to Serious Risks πŸ•΄

Organizations that don't implement end-to-end HTTP/2 are vulnerable to attacks that redirect users to malicious sites and other threats, security researcher reveals at Black Hat USA.

πŸ“– Read

via "Dark Reading".
11:04
⚠ Conti ransomware affiliate goes rogue, leaks β€œgang data” ⚠

Once more unto the breach, dear friends, once more...

πŸ“– Read

via "Naked Security".
?
11:32
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-38149 β€Ό

index.php/admin/add_user in Chikitsa Patient Management System 2.0.0 allows XSS.

πŸ“– Read

via "National Vulnerability Database".
11:32
β€Ό CVE-2021-38151 β€Ό

index.php/appointment/todos in Chikitsa Patient Management System 2.0.0 allows XSS.

πŸ“– Read

via "National Vulnerability Database".
11:32
β€Ό CVE-2021-37388 β€Ό

A buffer overflow in D-Link DIR-615 C2 3.03WW. The ping_ipaddr parameter in ping_response.cgi POST request allows an attacker to crash the webserver and might even gain remote code execution.

πŸ“– Read

via "National Vulnerability Database".
11:32
β€Ό CVE-2021-37381 β€Ό

Southsoft GMIS 5.0 is vulnerable to CSRF attacks. Attackers can access other users' private information such as photos through CSRF. For example: any student's photo information can be accessed through /gmis/(S([1]))/student/grgl/PotoImageShow/?bh=[2]. Among them, the code in [1] is a random string generated according to the user's login related information. It can protect the user's identity, but it can not effectively prevent unauthorized access. The code in [2] is the student number of any student. The attacker can carry out CSRF attack on the system by modifying [2] without modifying [1].

πŸ“– Read

via "National Vulnerability Database".
11:32
β€Ό CVE-2021-38152 β€Ό

index.php/appointment/insert_patient_add_appointment in Chikitsa Patient Management System 2.0.0 allows XSS.

πŸ“– Read

via "National Vulnerability Database".
11:32
β€Ό CVE-2021-22295 β€Ό

A component of the HarmonyOS has a permission bypass vulnerability. Local attackers may exploit this vulnerability to cause the device to hang due to the page error OsVmPageFaultHandler.

πŸ“– Read

via "National Vulnerability Database".
?
11:59
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
🦿 Phishing continues to target big businesses and exploit COVID-19 fears in Q2 2021 🦿

Spam as a share of global mail traffic rose, and attackers have started to adapt their scams to other languages to reach wider audiences.

πŸ“– Read

via "Tech Republic".
11:59
🦿 Amazon Kindle flaws could have allowed attackers to control the device 🦿

Now patched by Amazon, security vulnerabilities found by Check Point would have given attackers access to a Kindle device and its stored data.

πŸ“– Read

via "Tech Republic".
11:59
🦿 The most secure browser for transmitting sensitive data is definitely not Chrome 🦿

Jack Wallen addresses the challenging question of which browser is best to use for transmitting encrypted data.

πŸ“– Read

via "Tech Republic".
12:02
❌ Angry Affiliate Leaks Conti Ransomware Gang Playbook ❌

The data includes IP addresses for Cobalt Strike C2 servers as well as an archive including numerous tools and training materials for the group, revealing how it performs attacks.

πŸ“– Read

via "Threat Post".
?
12:32
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ Zoom Settlement: An $85M Business Case for Security Investment   ❌

Zoom’s security lesson over end-to-end encryption shows the costs of playing cybersecurity catchup.

πŸ“– Read

via "Threat Post".
?
12:57
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
πŸ•΄ Researchers Call for 'CVE' Approach for Cloud Vulnerabilities πŸ•΄

New research suggests isolation among cloud customer accounts may not be a given -- and the researchers behind the findings issue a call to action for cloud security.

πŸ“– Read

via "Dark Reading".
?
13:32
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-38137 β€Ό

Corero SecureWatch Managed Services 9.7.2.0020 does not correctly check swa-monitor and cns-monitor userÒ€ℒs privileges, allowing a user to perform actions not belonging to his role.

πŸ“– Read

via "National Vulnerability Database".
13:32
β€Ό CVE-2021-37552 β€Ό

In JetBrains YouTrack before 2021.2.17925, stored XSS was possible.

πŸ“– Read

via "National Vulnerability Database".
13:32
β€Ό CVE-2021-36707 β€Ό

In ProLink PRC2402M V1.0.18 and older, the set_ledonoff function in the adm.cgi binary, accessible with a page parameter value of ledonoff contains a trivial command injection where the value of the led_cmd parameter is passed directly to do_system.

πŸ“– Read

via "National Vulnerability Database".
13:32
β€Ό CVE-2021-37541 β€Ό

In JetBrains Hub before 2021.1.13402, HTML injection in the password reset email was possible.

πŸ“– Read

via "National Vulnerability Database".
13:32
β€Ό CVE-2021-38136 β€Ό

Corero SecureWatch Managed Services 9.7.2.0020 is affected by a Path Traversal vulnerability via the snap_file parameter in the /it-IT/splunkd/__raw/services/get_snapshot HTTP API endpoint. A Γ’β‚¬Λœlow privilegedÒ€ℒ attacker can read any file on the target host.

πŸ“– Read

via "National Vulnerability Database".
13:32
β€Ό CVE-2021-37547 β€Ό

In JetBrains TeamCity before 2020.2.4, insufficient checks during file uploading were made.

πŸ“– Read

via "National Vulnerability Database".
13:32
β€Ό CVE-2021-37550 β€Ό

In JetBrains YouTrack before 2021.2.16363, time-unsafe comparisons were used.

πŸ“– Read

via "National Vulnerability Database".
13:32
β€Ό CVE-2021-37551 β€Ό

In JetBrains YouTrack before 2021.2.16363, system user passwords were hashed with SHA-256.

πŸ“– Read

via "National Vulnerability Database".
13:32
β€Ό CVE-2021-37553 β€Ό

In JetBrains YouTrack before 2021.2.16363, an insecure PRNG was used.

πŸ“– Read

via "National Vulnerability Database".
13:32
β€Ό CVE-2021-37542 β€Ό

In JetBrains TeamCity before 2020.2.3, XSS was possible.

πŸ“– Read

via "National Vulnerability Database".
13:32
β€Ό CVE-2021-37540 β€Ό

In JetBrains Hub before 2021.1.13262, a potentially insufficient CSP for the Widget deployment feature was used.

πŸ“– Read

via "National Vulnerability Database".
13:32
β€Ό CVE-2021-37554 β€Ό

In JetBrains YouTrack before 2021.3.21051, a user could see boards without having corresponding permissions.

πŸ“– Read

via "National Vulnerability Database".
13:32
β€Ό CVE-2021-37549 β€Ό

In JetBrains YouTrack before 2021.1.11111, sandboxing in workflows was insufficient.

πŸ“– Read

via "National Vulnerability Database".
13:32
β€Ό CVE-2021-36708 β€Ό

In ProLink PRC2402M V1.0.18 and older, the set_sys_init function in the login.cgi binary allows an attacker to reset the password to the administrative interface of the router.

πŸ“– Read

via "National Vulnerability Database".
13:32
β€Ό CVE-2021-37544 β€Ό

In JetBrains TeamCity before 2020.2.4, there was an insecure deserialization.

πŸ“– Read

via "National Vulnerability Database".
13:32
β€Ό CVE-2021-26998 β€Ό

NetApp Cloud Manager versions prior to 3.9.9 log sensitive information that is available only to authenticated users. Customers with auto-upgrade enabled should already be on a fixed version while customers using on-prem connectors with auto-upgrade disabled are advised to upgrade to a fixed version.

πŸ“– Read

via "National Vulnerability Database".
13:32
β€Ό CVE-2021-36209 β€Ό

In JetBrains Hub before 2021.1.13389, account takeover was possible during password reset.

πŸ“– Read

via "National Vulnerability Database".
13:32
β€Ό CVE-2021-36706 β€Ό

In ProLink PRC2402M V1.0.18 and older, the set_sys_cmd function in the adm.cgi binary, accessible with a page parameter value of sysCMD contains a trivial command injection where the value of the command parameter is passed directly to system.

πŸ“– Read

via "National Vulnerability Database".
13:32
β€Ό CVE-2021-37546 β€Ό

In JetBrains TeamCity before 2021.1, an insecure key generation mechanism for encrypted properties was used.

πŸ“– Read

via "National Vulnerability Database".
13:32
β€Ό CVE-2021-37543 β€Ό

In JetBrains RubyMine before 2021.1.1, code execution without user confirmation was possible for untrusted projects.

πŸ“– Read

via "National Vulnerability Database".
?
16:02
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ Amazon Kindle Vulnerable to Malicious EBooks ❌

Prior to a patch, a serious bug could have allowed attackers to take over Kindles and steal personal data.

πŸ“– Read

via "Threat Post".
?
17:33
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-35312 β€Ό

A vulnerability was found in CIR 2000 / Gestionale Amica Prodigy v1.7. The Amica Prodigy's executable "RemoteBackup.Service.exe" has incorrect permissions, allowing a local unprivileged user to replace it with a malicious file that will be executed with "LocalSystem" privileges.

πŸ“– Read

via "National Vulnerability Database".
17:33
β€Ό CVE-2020-18693 β€Ό

Cross Site Scripting (XSS) in MineWebCMS v1.7.0 allows remote attackers to execute arbitrary code by injecting malicious code into the 'Title' field of the component '/admin/news'.

πŸ“– Read

via "National Vulnerability Database".
17:33
β€Ό CVE-2020-18694 β€Ό

Cross Site Request Forgery (CSRF) in IgnitedCMS v1.0 allows remote attackers to obtain sensitive information and gain privilege via the component "/admin/profile/save_profile".

πŸ“– Read

via "National Vulnerability Database".
?
18:02
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ Golang Cryptomining Worm Offers 15% Speed Boost ❌

The latest variants of the Monero-mining malware exploit known web server bugs and add efficiency to the mining process.

πŸ“– Read

via "Threat Post".
?
18:58
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
πŸ•΄ FragAttacks Foil 2 Decades of Wireless Security πŸ•΄

Wireless security protocols have improved, but product vendors continue to make implementation errors that allow a variety of attacks.

πŸ“– Read

via "Dark Reading".
?
19:33
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-38155 β€Ό

OpenStack Keystone 10.x through 16.x before 16.0.2, 17.x before 17.0.1, 18.x before 18.0.1, and 19.x before 19.0.1 allows information disclosure during account locking (related to PCI DSS features). By guessing the name of an account and failing to authenticate multiple times, any unauthenticated actor could both confirm the account exists and obtain that account's corresponding UUID, which might be leveraged for other unrelated attacks. All deployments enabling security_compliance.lockout_failure_attempts are affected.

πŸ“– Read

via "National Vulnerability Database".
19:33
β€Ό CVE-2021-38157 β€Ό

** UNSUPPORTED WHEN ASSIGNED ** LeoStream Connection Broker 9.x before 9.0.34.3 allows Unauthenticated Reflected XSS via the /index.pl user parameter. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.

πŸ“– Read

via "National Vulnerability Database".
7 August 2021
?
02:33
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-38160 β€Ό

In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size.

πŸ“– Read

via "National Vulnerability Database".
02:33
β€Ό CVE-2021-38148 β€Ό

Obsidian before 0.12.12 does not require user confirmation for non-http/https URLs.

πŸ“– Read

via "National Vulnerability Database".
?
15:34
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-29923 β€Ό

Go before 1.17 does not properly consider extraneous zero characters at the beginning of an IP address octet, which (in some situations) allows attackers to bypass access control that is based on IP addresses, because of unexpected octal interpretation. This affects net.ParseIP and net.ParseCIDR.

πŸ“– Read

via "National Vulnerability Database".
15:34
β€Ό CVE-2021-38159 β€Ό

In certain Progress MOVEit Transfer versions before 2021.0.4 (aka 13.0.4), SQL injection in the MOVEit Transfer web application could allow an unauthenticated remote attacker to gain access to the database. Depending on the database engine being used (MySQL, Microsoft SQL Server, or Azure SQL), an attacker may be able to infer information about the structure and contents of the database, or execute SQL statements that alter or delete database elements, via crafted strings sent to unique MOVEit Transfer transaction types. The fixed versions are 2019.0.8 (11.0.8), 2019.1.7 (11.1.7), 2019.2.4 (11.2.4), 2020.0.7 (12.0.7), 2020.1.6 (12.1.6), and 2021.0.4 (13.0.4).

πŸ“– Read

via "National Vulnerability Database".
15:34
β€Ό CVE-2021-29922 β€Ό

library/std/src/net/parser.rs in Rust before 1.53.0 does not properly consider extraneous zero characters at the beginning of an IP address string, which (in some situations) allows attackers to bypass access control that is based on IP addresses, because of unexpected octal interpretation.

πŸ“– Read

via "National Vulnerability Database".
8 August 2021
?
02:35
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-38185 β€Ό

GNU cpio through 2.13 allows attackers to execute arbitrary code via a crafted pattern file, because of a dstring.c ds_fgetstr integer overflow that triggers an out-of-bounds heap write. NOTE: it is unclear whether there are common cases where the pattern file, associated with the -E option, is untrusted data.

πŸ“– Read

via "National Vulnerability Database".
?
07:35
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2020-36438 β€Ό

An issue was discovered in the tiny_future crate before 0.4.0 for Rust. Future<T> does not have bounds on its Send and Sync traits.

πŸ“– Read

via "National Vulnerability Database".
07:35
β€Ό CVE-2020-36449 β€Ό

An issue was discovered in the kekbit crate before 0.3.4 for Rust. For ShmWriter<H>, Send is implemented without requiring H: Send.

πŸ“– Read

via "National Vulnerability Database".
07:35
β€Ό CVE-2020-36466 β€Ό

An issue was discovered in the cgc crate through 2020-12-10 for Rust. Ptr implements Send and Sync for all types.

πŸ“– Read

via "National Vulnerability Database".
07:35
β€Ό CVE-2021-38188 β€Ό

An issue was discovered in the iced-x86 crate through 1.10.3 for Rust. In Decoder::new(), slice.get_unchecked(slice.length()) is used unsafely.

πŸ“– Read

via "National Vulnerability Database".
07:35
β€Ό CVE-2020-36470 β€Ό

An issue was discovered in the disrustor crate through 2020-12-17 for Rust. RingBuffer doe not properly limit the number of mutable references.

πŸ“– Read

via "National Vulnerability Database".
07:35
β€Ό CVE-2020-36446 β€Ό

An issue was discovered in the signal-simple crate through 2020-11-15 for Rust. There are unconditional implementations of Send and Sync for SyncChannel<T>.

πŸ“– Read

via "National Vulnerability Database".
07:35
β€Ό CVE-2020-36452 β€Ό

An issue was discovered in the array-tools crate before 0.3.2 for Rust. FixedCapacityDequeLike::clone() has a drop of uninitialized memory.

πŸ“– Read

via "National Vulnerability Database".
07:35
β€Ό CVE-2021-38186 β€Ό

An issue was discovered in the comrak crate before 0.10.1 for Rust. It mishandles & characters, leading to XSS via &# HTML entities.

πŸ“– Read

via "National Vulnerability Database".
07:35
β€Ό CVE-2020-36450 β€Ό

An issue was discovered in the bunch crate through 2020-11-12 for Rust. There are unconditional implementations of Send and Sync for Bunch<T>.

πŸ“– Read

via "National Vulnerability Database".
07:35
β€Ό CVE-2020-36465 β€Ό

An issue was discovered in the generic-array crate before 0.13.3 for Rust. It violates soundness by using the arr! macro to extend lifetimes.

πŸ“– Read

via "National Vulnerability Database".
07:35
β€Ό CVE-2020-36467 β€Ό

An issue was discovered in the cgc crate through 2020-12-10 for Rust. Ptr::get returns more than one mutable reference to the same object.

πŸ“– Read

via "National Vulnerability Database".
07:35
β€Ό CVE-2021-38194 β€Ό

An issue was discovered in the ark-r1cs-std crate before 0.3.1 for Rust. It does not enforce any constraints in the FieldVar::mul_by_inverse method. Thus, a prover can produce a proof that is unsound but is nonetheless verified.

πŸ“– Read

via "National Vulnerability Database".
07:35
β€Ό CVE-2020-36436 β€Ό

An issue was discovered in the unicycle crate before 0.7.1 for Rust. PinSlab<T> and Unordered<T, S> do not have bounds on their Send and Sync traits.

πŸ“– Read

via "National Vulnerability Database".
07:35
β€Ό CVE-2020-36464 β€Ό

An issue was discovered in the heapless crate before 0.6.1 for Rust. The IntoIter Clone implementation clones an entire underlying Vec without considering whether it has already been partially consumed.

πŸ“– Read

via "National Vulnerability Database".
07:35
β€Ό CVE-2020-36442 β€Ό

An issue was discovered in the beef crate before 0.5.0 for Rust. beef::Cow has no Sync bound on its Send trait.

πŸ“– Read

via "National Vulnerability Database".
07:35
β€Ό CVE-2020-36439 β€Ό

An issue was discovered in the ticketed_lock crate before 0.3.0 for Rust. There are unconditional implementations of Send for ReadTicket<T> and WriteTicket<T>.

πŸ“– Read

via "National Vulnerability Database".
07:35
β€Ό CVE-2020-36469 β€Ό

An issue was discovered in the appendix crate through 2020-11-15 for Rust. For the generic K and V type parameters, Send and Sync are implemented unconditionally.

πŸ“– Read

via "National Vulnerability Database".
07:35
β€Ό CVE-2020-36468 β€Ό

An issue was discovered in the cgc crate through 2020-12-10 for Rust. Ptr::write performs non-atomic write operations on an underlying pointer.

πŸ“– Read

via "National Vulnerability Database".
07:35
β€Ό CVE-2020-36434 β€Ό

An issue was discovered in the sys-info crate before 0.8.0 for Rust. sys_info::disk_info calls can trigger a double free.

πŸ“– Read

via "National Vulnerability Database".
07:35
β€Ό CVE-2020-36454 β€Ό

An issue was discovered in the parc crate through 2020-11-14 for Rust. LockWeak<T> has an unconditional implementation of Send without trait bounds on T.

πŸ“– Read

via "National Vulnerability Database".
07:41
β€Ό CVE-2020-36463 β€Ό

An issue was discovered in the multiqueue crate through 2020-12-25 for Rust. There are unconditional implementations of Send for InnerSend<RW, T>, InnerRecv<RW, T>, FutInnerSend<RW, T>, and FutInnerRecv<RW, T>.

πŸ“– Read

via "National Vulnerability Database".
07:41
β€Ό CVE-2020-36460 β€Ό

An issue was discovered in the model crate through 2020-11-10 for Rust. The Shared data structure has an implementation of the Send and Sync traits without regard for the inner type.

πŸ“– Read

via "National Vulnerability Database".
07:41
β€Ό CVE-2020-36443 β€Ό

An issue was discovered in the libp2p-deflate crate before 0.27.1 for Rust. An uninitialized buffer is passed to AsyncRead::poll_read(), which is a user-provided trait function.

πŸ“– Read

via "National Vulnerability Database".
07:41
β€Ό CVE-2020-36444 β€Ό

An issue was discovered in the async-coap crate through 2020-12-08 for Rust. Send and Sync are implemented for ArcGuard<RC, T> without trait bounds on RC.

πŸ“– Read

via "National Vulnerability Database".
07:41
β€Ό CVE-2020-36432 β€Ό

An issue was discovered in the alg_ds crate through 2020-08-25 for Rust. There is a drop of uninitialized memory in Matrix::new().

πŸ“– Read

via "National Vulnerability Database".
?
13:03
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
⚠ S3 Ep44: Unreported holes, retro computing, and tech support for malware [Podcast] ⚠

Latest episode - listen now!

πŸ“– Read

via "Naked Security".
?
19:36
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-38199 β€Ό

fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection.

πŸ“– Read

via "National Vulnerability Database".
19:36
β€Ό CVE-2021-38205 β€Ό

drivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before 5.13.3 makes it easier for attackers to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real IOMEM pointer).

πŸ“– Read

via "National Vulnerability Database".
19:36
β€Ό CVE-2021-38207 β€Ό

drivers/net/ethernet/xilinx/ll_temac_main.c in the Linux kernel before 5.12.13 allows remote attackers to cause a denial of service (buffer overflow and lockup) by sending heavy network traffic for about ten minutes.

πŸ“– Read

via "National Vulnerability Database".
19:36
β€Ό CVE-2021-38198 β€Ό

arch/x86/kvm/mmu/paging_tmpl.h in the Linux kernel before 5.12.11 incorrectly computes the access permissions of a shadow page, leading to a missing guest protection page fault.

πŸ“– Read

via "National Vulnerability Database".
19:36
β€Ό CVE-2021-38206 β€Ό

The mac80211 subsystem in the Linux kernel before 5.12.13, when a device supporting only 5 GHz is used, allows attackers to cause a denial of service (NULL pointer dereference in the radiotap parser) by injecting a frame with 802.11a rates.

πŸ“– Read

via "National Vulnerability Database".
19:36
β€Ό CVE-2021-38201 β€Ό

net/sunrpc/xdr.c in the Linux kernel before 5.13.4 allows remote attackers to cause a denial of service (xdr_set_page_base slab-out-of-bounds access) by performing many NFS 4.2 READ_PLUS operations.

πŸ“– Read

via "National Vulnerability Database".
19:36
β€Ό CVE-2021-38209 β€Ό

net/netfilter/nf_conntrack_standalone.c in the Linux kernel before 5.12.2 allows observation of changes in any net namespace because these changes are leaked into all other net namespaces. This is related to the NF_SYSCTL_CT_MAX, NF_SYSCTL_CT_EXPECT_MAX, and NF_SYSCTL_CT_BUCKETS sysctls.

πŸ“– Read

via "National Vulnerability Database".
19:36
β€Ό CVE-2021-38208 β€Ό

net/nfc/llcp_sock.c in the Linux kernel before 5.12.10 allows local unprivileged users to cause a denial of service (NULL pointer dereference and BUG) by making a getsockname call after a certain type of failure of a bind call.

πŸ“– Read

via "National Vulnerability Database".
19:36
β€Ό CVE-2021-38204 β€Ό

drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain situations.

πŸ“– Read

via "National Vulnerability Database".
19:36
β€Ό CVE-2021-38200 β€Ό

arch/powerpc/perf/core-book3s.c in the Linux kernel before 5.12.13, on systems with perf_event_paranoid=-1 and no specific PMU driver support registered, allows local users to cause a denial of service (perf_instruction_pointer NULL pointer dereference and OOPS) via a "perf record" command.

πŸ“– Read

via "National Vulnerability Database".
19:36
β€Ό CVE-2021-38202 β€Ό

fs/nfsd/trace.h in the Linux kernel before 5.13.4 might allow remote attackers to cause a denial of service (out-of-bounds read in strlen) by sending NFS traffic when the trace event framework is being used for nfsd.

πŸ“– Read

via "National Vulnerability Database".
19:36
β€Ό CVE-2021-38203 β€Ό

btrfs in the Linux kernel before 5.13.4 allows attackers to cause a denial of service (deadlock) via processes that trigger allocation of new system chunks during times when there is a shortage of free space in the system space_info.

πŸ“– Read

via "National Vulnerability Database".
9 August 2021
?
11:04
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ Cutting Through the Noise from Daily Alerts ❌

The biggest challenge for security teams today is the quality of the threat intelligence platforms and feeds. How much of the intel is garbage and unusable? Threat intelligence process itself spans and feeds into many external and internal systems and applications. Without actionable data, it is impossible to understand the relevance and potential impact of a threat. Learn how Threat Intelligence management plays a role to help prioritize and act fast.

πŸ“– Read

via "Threat Post".
?
11:36
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-34660 β€Ό

The WP Fusion Lite WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the startdate parameter found in the ~/includes/admin/logging/class-log-table-list.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 3.37.18.

πŸ“– Read

via "National Vulnerability Database".
11:36
β€Ό CVE-2021-37788 β€Ό

A vulnerability in the web UI of Gurock TestRail v5.3.0.3603 could allow an unauthenticated, remote attacker to affect the integrity of a device via a clickjacking attack. The vulnerability is due to insufficient input validation of iFrame data in HTTP requests that are sent to an affected device. An attacker could exploit this vulnerability by sending crafted HTTP packets with malicious iFrame data. A successful exploit could allow the attacker to perform a clickjacking attack where the user is tricked into clicking a malicious link.

πŸ“– Read

via "National Vulnerability Database".
11:36
β€Ό CVE-2021-34661 β€Ό

The WP Fusion Lite WordPress plugin is vulnerable to Cross-Site Request Forgery via the `show_logs_section` function found in the ~/includes/admin/logging/class-log-handler.php file which allows attackers to drop all logs for the plugin, in versions up to and including 3.37.18.

πŸ“– Read

via "National Vulnerability Database".
11:36
β€Ό CVE-2021-36798 β€Ό

A Denial-of-Service (DoS) vulnerability was discovered in Team Server in HelpSystems Cobalt Strike 4.2 and 4.3. It allows remote attackers to crash the C2 server thread and block beacons' communication with it.

πŸ“– Read

via "National Vulnerability Database".
11:36
β€Ό CVE-2021-22910 β€Ό

A sanitization vulnerability exists in Rocket.Chat server versions <3.13.2, <3.12.4, <3.11.4 that allowed queries to an endpoint which could result in a NoSQL injection, potentially leading to RCE.

πŸ“– Read

via "National Vulnerability Database".
11:37
β€Ό CVE-2021-37573 β€Ό

A reflected cross-site scripting (XSS) vulnerability in the web server TTiny Java Web Server and Servlet Container (TJWS) <=1.115 allows an adversary to inject malicious code on the server's "404 Page not Found" error page

πŸ“– Read

via "National Vulnerability Database".
11:37
πŸ›  Nmap Port Scanner 7.92 πŸ› 

Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.

πŸ“– Read

via "Packet Storm Security".
?
13:34
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ Android Malware β€˜FlyTrap’ Hijacks Facebook Accounts ❌

Coupon codes for Netlifx or Google AdWords? Voting for the best football team? Beware: Malicious apps offering such come-ons could inflict a new trojan.

πŸ“– Read

via "Threat Post".
13:37
β€Ό CVE-2021-33256 β€Ό

A CSV injection vulnerability on the login panel of ManageEngine ADSelfService Plus Version: 6.1 Build No: 6101 can be exploited by an unauthenticated user. The j_username parameter seems to be vulnerable and a reverse shell could be obtained if a privileged user exports "User Attempts Audit Report" as CSV file.

πŸ“– Read

via "National Vulnerability Database".
?
15:37
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-21740 β€Ό

There is an information leak vulnerability in the digital media player (DMS) of ZTE's residential gateway product. The attacker could insert the USB disk with the symbolic link into the residential gateway, and access unauthorized directory information through the symbolic link, causing information leak.

πŸ“– Read

via "National Vulnerability Database".
15:37
β€Ό CVE-2021-25954 β€Ό

In ΓƒΒ’Γ’β€šΒ¬Γ…β€œDolibarrΓƒΒ’Γ’β€šΒ¬? application, 2.8.1 to 13.0.4 donΓƒΒ’Γ’β€šΒ¬Γ’β€žΒ’t restrict or incorrectly restricts access to a resource from an unauthorized actor. A low privileged attacker can modify the Private Note which only an administrator has rights to do, the affected field is at ΓƒΒ’Γ’β€šΒ¬Γ…β€œ/adherents/note.php?id=1ΓƒΒ’Γ’β€šΒ¬? endpoint.

πŸ“– Read

via "National Vulnerability Database".
15:37
β€Ό CVE-2021-29714 β€Ό

IBM Content Navigator 3.0.CD could allow a malicious user to cause a denial of service due to improper input validation. IBM X-Force ID: 200968.

πŸ“– Read

via "National Vulnerability Database".
15:37
β€Ό CVE-2021-20349 β€Ό

IBM Tivoli Workload Scheduler 9.4 and 9.5 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and gain lower level privileges. IBM X-Force ID: 194599.

πŸ“– Read

via "National Vulnerability Database".
?
16:00
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
🦿 Ransomware demands and payments reach new highs 🦿

As cybercriminals have become more aggressive, the average ransom payment in the first half of 2021 jumped to $570,000, up 82% from 2020, says Palo Alto Networks' Unit 42.

πŸ“– Read

via "Tech Republic".
16:07
πŸ” Router Firmware Vulnerability Bypasses Authentication πŸ”

A vulnerability found in some routers and modems could make the devices vulnerable to authentication bypass and in turn, allow attackers access to sensitive information.

πŸ“– Read

via "".
?
17:04
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ Auth Bypass Bug Exploited, Affecting Millions of Routers ❌

A mere three days after disclosure, cyberattackers are hijacking home routers from 20 vendors & ISPs to add them to a Mirai-variant botnet used for carrying out DDoS attacks.

πŸ“– Read

via "Threat Post".
17:04
❌ Black Hat: Scaling Automated Disinformation for Misery and Profit ❌

Researchers demonstrated the power deep neural networks enlisted to create a bot army with the firepower to shape public opinion and spark QAnon 2.0.

πŸ“– Read

via "Threat Post".
?
19:36
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-36276 β€Ό

Dell DBUtilDrv2.sys driver (versions 2.5 and 2.6) contains an insufficient access control vulnerability which may lead to escalation of privileges, denial of service, or information disclosure. Local authenticated user access is required.

πŸ“– Read

via "National Vulnerability Database".
19:36
β€Ό CVE-2021-38305 β€Ό

23andMe Yamale before 3.0.8 allows remote attackers to execute arbitrary code via a crafted schema file. The schema parser uses eval as part of its processing, and tries to protect from malicious expressions by limiting the builtins that are passed to the eval. When processing the schema, each line is run through Python's eval function to make the validator available. A well-constructed string within the schema rules can execute system commands; thus, by exploiting the vulnerability, an attacker can run arbitrary code on the image that invokes Yamale.

πŸ“– Read

via "National Vulnerability Database".
19:36
β€Ό CVE-2021-32798 β€Ό

The Jupyter notebook is a web-based notebook environment for interactive computing. In affected versions untrusted notebook can execute code on load. Jupyter Notebook uses a deprecated version of Google Caja to sanitize user inputs. A public Caja bypass can be used to trigger an XSS when a victim opens a malicious ipynb document in Jupyter Notebook. The XSS allows an attacker to execute arbitrary code on the victim computer using Jupyter APIs.

πŸ“– Read

via "National Vulnerability Database".
19:36
β€Ό CVE-2021-37633 β€Ό

Discourse is an open source discussion platform. In versions prior to 2.7.8 rendering of d-popover tooltips can be susceptible to XSS attacks. This vulnerability only affects sites which have modified or disabled Discourse's default Content Security Policy. This issue is patched in the latest `stable` 2.7.8 version of Discourse. As a workaround users may ensure that the Content Security Policy is enabled, and has not been modified in a way which would make it more vulnerable to XSS attacks.

πŸ“– Read

via "National Vulnerability Database".
19:36
β€Ό CVE-2021-21564 β€Ό

Dell OpenManage Enterprise versions prior to 3.6.1 contain an improper authentication vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to hijack an elevated session or perform unauthorized actions by sending malformed data.

πŸ“– Read

via "National Vulnerability Database".
19:36
β€Ό CVE-2021-21585 β€Ό

Dell OpenManage Enterprise versions prior to 3.6.1 contain an OS command injection vulnerability in RACADM and IPMI tools. A remote authenticated malicious user with high privileges may potentially exploit this vulnerability to execute arbitrary OS commands.

πŸ“– Read

via "National Vulnerability Database".
19:36
β€Ό CVE-2021-34335 β€Ό

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A floating point exception (FPE) due to an integer divide by zero was found in Exiv2 versions v0.27.4 and earlier. The FPE is triggered when Exiv2 is used to print the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service, if they can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered when printing the interpreted (translated) data, which is a less frequently used Exiv2 operation that requires an extra command line option (`-p t` or `-P t`). The bug is fixed in version v0.27.5.

πŸ“– Read

via "National Vulnerability Database".
19:36
β€Ό CVE-2021-21584 β€Ό

Dell OpenManage Enterprise version 3.5 and OpenManage Enterprise-Modular version 1.30.00 contain an information disclosure vulnerability. An authenticated low privileged attacker may potentially exploit this vulnerability leading to disclosure of the OIDC server credentials.

πŸ“– Read

via "National Vulnerability Database".
19:36
β€Ό CVE-2021-37615 β€Ό

Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A null pointer dereference was found in Exiv2 versions v0.27.4 and earlier. The null pointer dereference is triggered when Exiv2 is used to print the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service, if they can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered when printing the interpreted (translated) data, which is a less frequently used Exiv2 operation that requires an extra command line option (`-p t` or `-P t`). The bug is fixed in version v0.27.5.

πŸ“– Read

via "National Vulnerability Database".
19:36
β€Ό CVE-2021-21596 β€Ό

Dell OpenManage Enterprise versions 3.4 through 3.6.1 and Dell OpenManage Enterprise Modular versions 1.20.00 through 1.30.00, contain a remote code execution vulnerability. A malicious attacker with access to the immediate subnet may potentially exploit this vulnerability leading to information disclosure and a possible elevation of privileges.

πŸ“– Read

via "National Vulnerability Database".
19:36
β€Ό CVE-2021-36277 β€Ό

Dell Command Update, Dell Update, and Alienware Update versions prior to 4.3 contains a Improper Certificate Verification vulnerability. A local authenticated malicious user could exploit this vulnerability by modifying local configuration files in order to execute arbitrary code on the system.

πŸ“– Read

via "National Vulnerability Database".
19:36
β€Ό CVE-2021-37634 β€Ό

Leafkit is a templating language with Swift-inspired syntax. Versions prior to 1.3.0 are susceptible to Cross-site Scripting (XSS) attacks. This affects anyone passing unsanitised data to Leaf's variable tags. Before this fix, Leaf would not escape any strings passed to tags as variables. If an attacker managed to find a variable that was rendered with their unsanitised data, they could inject scripts into a generated Leaf page, which could enable XSS attacks if other mitigations such as a Content Security Policy were not enabled. This has been patched in 1.3.0. As a workaround sanitize any untrusted input before passing it to Leaf and enable a CSP to block inline script and CSS data.

πŸ“– Read

via "National Vulnerability Database".
19:36
β€Ό CVE-2021-32797 β€Ό

JupyterLab is a user interface for Project Jupyter which will eventually replace the classic Jupyter Notebook. In affected versions untrusted notebook can execute code on load. In particular JupyterLab doesnÒ€ℒt sanitize the action attribute of html `<form>`. Using this it is possible to trigger the form validation outside of the form itself. This is a remote code execution, but requires user action to open a notebook.

πŸ“– Read

via "National Vulnerability Database".
?
21:50
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2020-23149 β€Ό

The dbName parameter in ajaxDbInstall.php of rConfig 3.9.5 is unsanitized, allowing attackers to perform a SQL injection and access sensitive database information.

πŸ“– Read

via "National Vulnerability Database".
21:50
β€Ό CVE-2020-24741 β€Ό

An issue has been fixed in Qt versions 5.14.1 and 5.12.7 where QLibrary attempts to load plugins relative to the working directory, allowing attackers to execute arbitrary code via crafted files.

πŸ“– Read

via "National Vulnerability Database".
21:50
β€Ό CVE-2021-38311 β€Ό

In Contiki 3.0, potential nonterminating acknowledgment loops exist in the Telnet service. When the negotiated options are already disabled, servers still respond to DONT and WONT requests with WONT or DONT commands, which may lead to infinite acknowledgment loops, denial of service, and excessive CPU consumption.

πŸ“– Read

via "National Vulnerability Database".
21:50
β€Ό CVE-2020-23151 β€Ό

rConfig 3.9.5 allows command injection by sending a crafted GET request to lib/ajaxHandlers/ajaxArchiveFiles.php since the path parameter is passed directly to the exec function without being escaped.

πŸ“– Read

via "National Vulnerability Database".
10 August 2021
?
09:37
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-37178 β€Ό

A vulnerability has been identified in Solid Edge SE2021 (All Versions < SE2021MP7). An XML external entity injection vulnerability in the underlying XML parser could cause the affected application to disclose arbitrary files to remote attackers by loading a specially crafted xml file.

πŸ“– Read

via "National Vulnerability Database".
09:37
β€Ό CVE-2020-28397 β€Ό

A vulnerability has been identified in SIMATIC Drive Controller family (All versions < V2.9.2), SIMATIC ET 200SP Open Controller CPU 1515SP PC2 (incl. SIPLUS variants) (All versions), SIMATIC S7 PLCSIM Advanced (All versions > V2 < V4), SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (Version V4.4), SIMATIC S7-1500 CPU family (incl. related ET200 CPUs and SIPLUS variants) (All versions > V2.5 < V2.9.2), SIMATIC S7-1500 Software Controller (All versions > V2.5), TIM 1531 IRC (incl. SIPLUS NET variants) (Version V2.1). Due to an incorrect authorization check in the affected component, an attacker could extract information about access protected PLC program variables over port 102/tcp from an affected device when reading multiple attributes at once.

πŸ“– Read

via "National Vulnerability Database".
09:37
β€Ό CVE-2021-3689 β€Ό

yii2 is vulnerable to Use of Predictable Algorithm in Random Number Generator

πŸ“– Read

via "National Vulnerability Database".
09:37
β€Ό CVE-2021-37180 β€Ό

A vulnerability has been identified in Solid Edge SE2021 (All Versions < SE2021MP7). The PSKERNEL.dll library lacks proper validation while parsing user-supplied OBJ files that could cause an out of bounds access to an uninitialized pointer. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13775)

πŸ“– Read

via "National Vulnerability Database".
09:37
β€Ό CVE-2021-33721 β€Ό

A vulnerability has been identified in SINEC NMS (All versions < V1.0 SP2). The affected application incorrectly neutralizes special elements when creating batch operations which could lead to command injection. An authenticated remote attacker with administrative privileges could exploit this vulnerability to execute arbitrary code on the system with system privileges.

πŸ“– Read

via "National Vulnerability Database".
09:37
β€Ό CVE-2021-37172 β€Ό

A vulnerability has been identified in SIMATIC S7-1200 CPU family (incl. SIPLUS variants) (V4.5.0). Affected devices fail to authenticate against configured passwords when provisioned using TIA Portal V13. This could allow an attacker using TIA Portal V17 or later versions to bypass authentication and download arbitrary programs to the PLC. The vulnerability does not occur when TIA Portal V13 SP1 or any later version was used to provision the device.

πŸ“– Read

via "National Vulnerability Database".
09:37
β€Ό CVE-2021-33717 β€Ό

A vulnerability has been identified in JT2Go (All versions < V13.2.0.1), Teamcenter Visualization (All versions < V13.2.0.1). When parsing specially crafted CGM Files, a NULL pointer deference condition could cause the application to crash. The application must be restarted to restore the service. An attacker could leverage this vulnerability to cause a Denial-of-Service condition in the application.

πŸ“– Read

via "National Vulnerability Database".
09:37
β€Ό CVE-2021-25659 β€Ό

A vulnerability has been identified in Automation License Manager 5 (All versions), Automation License Manager 6 (All versions < V6.0 SP9 Update 2). Sending specially crafted packets to port 4410/tcp of an affected system could lead to extensive memory being consumed and as such could cause a denial-of-service preventing legitimate users from using the system.

πŸ“– Read

via "National Vulnerability Database".
09:37
β€Ό CVE-2021-21501 β€Ό

Improper configuration will cause ServiceComb ServiceCenter Directory Traversal problem in ServcieCenter 1.x.x versions and fixed in 2.0.0.

πŸ“– Read

via "National Vulnerability Database".
09:37
β€Ό CVE-2021-33738 β€Ό

A vulnerability has been identified in JT2Go (All versions < V13.2.0.2), Teamcenter Visualization (All versions < V13.2.0.2). The plmxmlAdapterSE70.dll library in affected applications lacks proper validation of user-supplied data when parsing PAR files. This could result in an out of bounds read past the end of an allocated buffer. An attacker could leverage this vulnerability to leak information in the context of the current process. (ZDI-CAN-13405)

πŸ“– Read

via "National Vulnerability Database".
09:37
β€Ό CVE-2021-37179 β€Ό

A vulnerability has been identified in Solid Edge SE2021 (All Versions < SE2021MP7). The PSKERNEL.dll library in affected application lacks proper validation while parsing user-supplied OBJ files that could lead to a use-after-free condition. An attacker could leverage this vulnerability to execute code in the context of the current process. (ZDI-CAN-13777)

πŸ“– Read

via "National Vulnerability Database".
?
10:31
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
🦿 You can use wget behind a proxy: Here's how 🦿

Jack Wallen has the solution to get this setup working properly. If wget is your go-to download command on your Linux servers, and your machines are behind a proxy, learn this trick.

πŸ“– Read

via "Tech Republic".
?
11:05
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ 1M Stolen Credit Cards Hit Dark Web for Free ❌

A dump of hundreds of thousands of active accounts is aimed at promoting AllWorld.Cards, a recently launched cybercriminal site for selling payment credentials online.

πŸ“– Read

via "Threat Post".
?
11:37
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-31655 β€Ό

Cross Site Scripting (XSS) vulnerability in TRENDnet TV-IP110WN V1.2.2.64 V1.2.2.65 V1.2.2.68 via the profile parameter. in a GET request in view.cgi.

πŸ“– Read

via "National Vulnerability Database".
?
12:05
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ Fuzz Off: How to Shake Up Code to Get It Right – Podcast ❌

Is fuzzing for the cybersec elite, or should it be accessible to all software developers? FuzzCon panelists say join the party as they share fuzzing wins & fails.

πŸ“– Read

via "Threat Post".
12:08
🦿 How to get the Windows 11 security protections on your Windows 10 PC 🦿

Windows 11 will turn on hardware security by default but only on new PCs or if you re-image from scratch. But there is a workaround.

πŸ“– Read

via "Tech Republic".
?
12:35
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ Chaos Malware Walks Line Between Ransomware and Wiper ❌

The dangerous malware has been rapidly developed since June and could be released into the wild soon.

πŸ“– Read

via "Threat Post".
?
13:34
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
⚠ S3 Ep44: Unreported holes, retro computing, and tech support for malware [Podcast] ⚠

Latest episode - listen now!

πŸ“– Read

via "Naked Security".
13:34
⚠ Home and small business routers under attack – how to see if you are at risk ⚠

Practical advice for homes and small businesses, following news that a recently disclosed router bug is actively being exploited by crooks.

πŸ“– Read

via "Naked Security".
13:37
🦿 How to reduce your organization's security risk in 6 steps 🦿

It's impossible to guarantee securityβ€”but nearly all organizations should take these actions to protect organizational data and systems.

πŸ“– Read

via "Tech Republic".
13:37
β€Ό CVE-2021-22676 β€Ό

UserExcelOut.asp within WebAccess/SCADA is vulnerable to cross-site scripting (XSS), which could allow an attacker to send malicious JavaScript code. This could result in hijacking of cookie/session tokens, redirection to a malicious webpage, and unintended browser action on the WebAccess/SCADA (WebAccess/SCADA versions prior to 8.4.5, WebAccess/SCADA versions prior to 9.0.1).

πŸ“– Read

via "National Vulnerability Database".
13:37
β€Ό CVE-2021-33707 β€Ό

SAP NetWeaver Knowledge Management allows remote attackers to redirect users to arbitrary websites and conduct phishing attacks via a URL stored in a component. This could enable the attacker to compromise the user's confidentiality and integrity.

πŸ“– Read

via "National Vulnerability Database".
13:37
β€Ό CVE-2021-33703 β€Ό

Under certain conditions, NetWeaver Enterprise Portal, versions - 7.30, 7.31, 7.40, 7.50, does not sufficiently encode URL parameters. An attacker can craft a malicious link and send it to a victim. A successful attack results in Reflected Cross-Site Scripting (XSS) vulnerability.

πŸ“– Read

via "National Vulnerability Database".
13:37
β€Ό CVE-2021-38371 β€Ό

The STARTTLS feature in Exim through 4.94.2 allows response injection (buffering) during MTA SMTP sending.

πŸ“– Read

via "National Vulnerability Database".
13:37
β€Ό CVE-2021-32943 β€Ό

The affected product is vulnerable to a stack-based buffer overflow, which may allow an attacker to remotely execute arbitrary code on the WebAccess/SCADA (WebAccess/SCADA versions prior to 8.4.5, WebAccess/SCADA versions prior to 9.0.1).

πŸ“– Read

via "National Vulnerability Database".
13:37
β€Ό CVE-2021-22386 β€Ό

A component of the Huawei smartphone has a Double Free vulnerability. Local attackers may exploit this vulnerability to cause Root Elevation of Privileges.

πŸ“– Read

via "National Vulnerability Database".
13:37
β€Ό CVE-2021-33699 β€Ό

Task Hijacking is a vulnerability that affects the applications running on Android devices due to a misconfiguration in their AndroidManifest.xml with their Task Control features. This allows an unauthorized attacker or malware to takeover legitimate apps and to steal user's sensitive information.

πŸ“– Read

via "National Vulnerability Database".
13:37
β€Ό CVE-2021-38372 β€Ό

In KDE Trojita 0.7, man-in-the-middle attackers can create new folders because untagged responses from an IMAP server are accepted before STARTTLS.

πŸ“– Read

via "National Vulnerability Database".
13:37
β€Ό CVE-2021-33702 β€Ό

Under certain conditions, NetWeaver Enterprise Portal, versions - 7.10, 7.11, 7.20, 7.30, 7.31, 7.40, 7.50, does not sufficiently encode report data. An attacker can craft malicious data and print it to the report. In a successful attack, a victim opens the report, and the malicious script gets executed in the victim's browser, resulting in a Stored Cross-Site Scripting (XSS) vulnerability.

πŸ“– Read

via "National Vulnerability Database".
13:37
β€Ό CVE-2021-37152 β€Ό

Multiple XSS issues exist in Sonatype Nexus Repository Manager 3 before 3.33.0. An authenticated attacker with the ability to add HTML files to a repository could redirect users to Nexus Repository ManagerÒ€ℒs pages with code modifications.

πŸ“– Read

via "National Vulnerability Database".
13:37
β€Ό CVE-2021-33706 β€Ό

Due to improper input validation in InfraBox, logs can be modified by an authenticated user.

πŸ“– Read

via "National Vulnerability Database".
13:37
β€Ό CVE-2021-36601 β€Ό

GetSimpleCMS 3.3.16 contains a cross-site Scripting (XSS) vulnerability, where Function TSL does not filter check settings.php Website URL: "siteURL" parameter.

πŸ“– Read

via "National Vulnerability Database".
13:37
β€Ό CVE-2021-22385 β€Ό

A component of the Huawei smartphone has a External Control of System or Configuration Setting vulnerability. Local attackers may exploit this vulnerability to cause Kernel Code Execution.

πŸ“– Read

via "National Vulnerability Database".
13:37
β€Ό CVE-2021-29739 β€Ό

IBM Planning Analytics Local 2.0 could allow a remote attacker to obtain sensitive information when a stack trace is returned in the browser. X-Force ID: 198846.

πŸ“– Read

via "National Vulnerability Database".
13:37
β€Ό CVE-2021-38370 β€Ό

In Alpine through 2.24, untagged responses from an IMAP server are accepted before STARTTLS.

πŸ“– Read

via "National Vulnerability Database".
13:37
β€Ό CVE-2021-38373 β€Ό

In KDE KMail 19.12.3 (aka 5.13.3), the SMTP STARTTLS option is not honored (and cleartext messages are sent) unless "Server requires authentication" is checked.

πŸ“– Read

via "National Vulnerability Database".
13:37
β€Ό CVE-2021-22674 β€Ό

The affected product is vulnerable to a relative path traversal condition, which may allow an attacker access to unauthorized files and directories on the WebAccess/SCADA (WebAccess/SCADA versions prior to 8.4.5, WebAccess/SCADA versions prior to 9.0.1).

πŸ“– Read

via "National Vulnerability Database".
13:37
β€Ό CVE-2021-38365 β€Ό

Winner (aka ToneWinner) desktop speakers through 2021-08-09 allow remote attackers to recover speech signals from the power-indicator LED via a telescope and an electro-optical sensor, aka a "Glowworm" attack.

πŸ“– Read

via "National Vulnerability Database".
?
14:35
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
❌ eCh0raix Ransomware Variant Targets QNAP, Synology NAS Devices ❌

Some bad actors are honing tools to go after small fry: This variant was refined to target not one, but two vendors’ devices that are common in SOHO setups.

πŸ“– Read

via "Threat Post".
?
15:37
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-3692 β€Ό

yii2 is vulnerable to Use of Predictable Algorithm in Random Number Generator

πŸ“– Read

via "National Vulnerability Database".
15:37
β€Ό CVE-2021-32768 β€Ό

TYPO3 is an open source PHP based web content management system released under the GNU GPL. In affected versions failing to properly parse, sanitize and encode malicious rich-text content, the content rendering process in the website frontend is vulnerable to cross-site scripting. Corresponding rendering instructions via TypoScript functionality HTMLparser does not consider all potentially malicious HTML tag & attribute combinations per default. In default scenarios, a valid backend user account is needed to exploit this vulnerability. In case custom plugins used in the website frontend accept and reflect rich-text content submitted by users, no authentication is required. Update to TYPO3 versions 7.6.53 ELTS, 8.7.42 ELTS, 9.5.29, 10.4.19, 11.3.2 that fix the problem described.

πŸ“– Read

via "National Vulnerability Database".
15:37
β€Ό CVE-2020-23171 β€Ό

A vulnerability in all versions of Nim-lang allows unauthenticated attackers to write files to arbitrary directories via a crafted zip file with dot-slash characters included in the name of the crafted file.

πŸ“– Read

via "National Vulnerability Database".
15:37
β€Ό CVE-2021-37367 β€Ό

CTparental before 4.45.07 is affected by a code execution vulnerability in the CTparental admin panel. Because The file "bl_categories_help.php" is vulnerable to directory traversal, an attacker can create a file that contains scripts and run arbitrary commands.

πŸ“– Read

via "National Vulnerability Database".
15:37
β€Ό CVE-2020-25082 β€Ό

An attacker with physical access to Nuvoton Trusted Platform Module (NPCT75x 7.2.x before 7.2.2.0) could extract an Elliptic Curve Cryptography (ECC) private key via a side-channel attack against ECDSA, because of an Observable Timing Discrepancy.

πŸ“– Read

via "National Vulnerability Database".
15:37
β€Ό CVE-2020-23172 β€Ό

A vulnerability in all versions of Kuba allows attackers to overwrite arbitrary files in arbitrary directories with crafted Zip files due to improper validation of file paths in .zip archives.

πŸ“– Read

via "National Vulnerability Database".
15:37
β€Ό CVE-2021-37366 β€Ό

CTparental before 4.45.03 is vulnerable to cross-site request forgery (CSRF) in the CTparental admin panel. By combining CSRF with XSS, an attacker can trick the administrator into clicking a link that cancels the filtering for all standard users.

πŸ“– Read

via "National Vulnerability Database".
15:37
β€Ό CVE-2021-37365 β€Ό

CTparental before 4.45.03 is vulnerable to cross-site scripting (XSS) in the CTparental admin panel. In bl_categires_help.php, the 'categories' variable is assigned with the content of the query string param 'cat' without sanitization or encoding, enabling an attacker to inject malicious code into the output webpage.

πŸ“– Read

via "National Vulnerability Database".
?
19:37
πŸ›‘ Cybersecurity & Privacy news πŸ›‘
β€Ό CVE-2021-37391 β€Ό

A user without privileges in Chamilo LMS 1.11.14 can send an invitation message to another user, e.g., the administrator, through main/social/search.php, main/inc/lib/social.lib.php and steal cookies or execute arbitrary code on the administration side via a stored XSS vulnerability via social network the send invitation feature.

πŸ“– Read

via "National Vulnerability Database".
19:37
β€Ό CVE-2020-21680 β€Ό

A stack-based buffer overflow in the put_arrow() component in genpict2e.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into pict2e format.

πŸ“– Read

via "National Vulnerability Database".
19:37
β€Ό CVE-2021-33708 β€Ό

Due to insufficient input validation in Kyma, authenticated users can pass a Header of their choice and escalate privileges.

πŸ“– Read

via "National Vulnerability Database".
19:37
β€Ό CVE-2020-21697 β€Ό

A heap-use-after-free in the mpeg_mux_write_packet function in libavformat/mpegenc.c of FFmpeg 4.2 allows to cause a denial of service (DOS) via a crafted avi file.

πŸ“– Read

via "National Vulnerability Database".
19:37
β€Ό CVE-2020-21682 β€Ό

A global buffer overflow in the set_fill component in genge.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into ge format.

πŸ“– Read

via "National Vulnerability Database".
19:37
β€Ό CVE-2021-37390 β€Ό

A Chamilo LMS 1.11.14 reflected XSS vulnerability exists in main/social/search.php=q URI (social network search feature).

πŸ“– Read

via "National Vulnerability Database".
19:37
β€Ό CVE-2021-37389 β€Ό

Chamilo 1.11.14 allows stored XSS via main/install/index.php and main/install/ajax.php through the port parameter.

πŸ“– Read

via "National Vulnerability Database".
19:37
β€Ό CVE-2020-21684 β€Ό

A global buffer overflow in the put_font in genpict2e.c of fig2dev 3.2.7b allows attackers to cause a denial of service (DOS) via converting a xfig file into pict2e format.

πŸ“– Read

via "National Vulnerability Database".