‼ CVE-2020-26239 ‼
📖 Read
via "National Vulnerability Database".
Scratch Addons is a WebExtension that supports both Chrome and Firefox. Scratch Addons before version 1.3.2 is vulnerable to DOM-based XSS. If the victim visited a specific website, the More Links addon of the Scratch Addons extension used incorrect regular expression which caused the HTML-escaped values to be unescaped, leading to XSS. Scratch Addons version 1.3.2 fixes the bug. The extension will be automatically updated by the browser. More Links addon can be disabled via the option of the extension.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-15249 ‼
📖 Read
via "National Vulnerability Database".
October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. In October CMS from version 1.0.319 and before version 1.0.469, backend users with access to upload files were permitted to upload SVG files without any sanitization applied to the uploaded files. Since SVG files support being parsed as HTML by browsers, this means that they could theoretically upload Javascript that would be executed on a path under the website's domain (i.e. /storage/app/media/evil.svg), but they would have to convince their target to visit that location directly in the target's browser as the backend does not display SVGs inline anywhere, SVGs are only displayed as image resources in the backend and are thus unable to be executed. Issue has been patched in Build 469 (v1.0.469) & v1.1.0.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-7927 ‼
📖 Read
via "National Vulnerability Database".
Specially crafted API calls may allow an authenticated user who holds Organization Owner privilege to obtain an API key with Global Role privilege. This issue affects MongoDB Ops Manager v4.2 versions 4.2.0-4.2.17, v4.3 versions 4.3.0-4.3.9 and v4.4 versions 4.4.0-4.4.2.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-15246 ‼
📖 Read
via "National Vulnerability Database".
October is a free, open-source, self-hosted CMS platform based on the Laravel PHP Framework. In October CMS from version 1.0.421 and before version 1.0.469, an attacker can read local files on an October CMS server via a specially crafted request. Issue has been patched in Build 469 (v1.0.469) and v1.1.0.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-28896 ‼
📖 Read
via "National Vulnerability Database".
Mutt before 2.0.2 and NeoMutt before 2020-11-20 did not ensure that $ssl_force_tls was processed if an IMAP server's initial server response was invalid. The connection was not properly closed, and the code could continue attempting to authenticate. This could result in authentication credentials being exposed on an unencrypted connection, or to a machine-in-the-middle.📖 Read
via "National Vulnerability Database".
❌ Critical VMware Zero-Day Bug Allows Command Injection; Patch Pending ❌
📖 Read
via "Threat Post".
VMware explained it has no patch for a critical escalation-of-privileges bug that impacts both Windows and Linux operating systems and its Workspace One.📖 Read
via "Threat Post".
Threat Post
Critical VMware Zero-Day Bug Allows Command Injection; Patch Pending
VMware explained it has no patch for a critical escalation-of-privileges bug that impacts both Windows and Linux operating systems and its Workspace One.
🦿 Malicious Google Play apps caught masquerading as Minecraft mods 🦿
📖 Read
via "Tech Republic".
The Android apps promised Minecraft modifications but instead delivered intrusive ads aimed at kids and teenagers, says Kaspersky.📖 Read
via "Tech Republic".
TechRepublic
Malicious Google Play apps caught masquerading as Minecraft mods
The Android apps promised Minecraft modifications but instead delivered intrusive ads aimed at kids and teenagers, says Kaspersky.
🕴 Evidence-Based Trust Gets Black Hat Europe Spotlight 🕴
📖 Read
via "Dark Reading".
An FPGA-based system could change the balance of power between hardware attackers and defenders within IT security.📖 Read
via "Dark Reading".
Dark Reading
Evidence-Based Trust Gets Black Hat Europe Spotlight
An FPGA-based system could change the balance of power between hardware attackers and defenders within IT security.
🕴 Ransomware Grows Easier to Spread, Harder to Block 🕴
📖 Read
via "Dark Reading".
Researchers illustrate the evolution toward more complete and effective ransomware attacks designed to cripple target organizations.📖 Read
via "Dark Reading".
Dark Reading
Ransomware Grows Easier to Spread, Harder to Block
Researchers illustrate the evolution toward more complete and effective ransomware attacks designed to cripple target organizations.
🕴 As 'Anywhere Work' Evolves, Security Will Be Key Challenge 🕴
📖 Read
via "Dark Reading".
Companies should plan their future workforce model now, so they have time to implement the necessary tools, including cybersecurity and seamless remote access, a Forrester report says.📖 Read
via "Dark Reading".
Dark Reading
As 'Anywhere Work' Evolves, Security Will be Key Challenge
Companies should plan their future workforce model now, so they have time to implement the necessary tools, including cybersecurity and seamless remote access, a Forrester report says.
🕴 Security Researchers Sound Alarm on Smart Doorbells 🕴
📖 Read
via "Dark Reading".
A new analysis of 11 relatively inexpensive video doorbells uncovered high-risk vulnerabilities in all of them.📖 Read
via "Dark Reading".
Dark Reading
Security Researchers Sound Alarm on Smart Doorbells
A new analysis of 11 relatively inexpensive video doorbells uncovered high-risk vulnerabilities in all of them.
‼ CVE-2018-16722 ‼
📖 Read
via "National Vulnerability Database".
In Jingyun Antivirus v2.4.2.39, the driver file (ZySandbox.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x12360094, a related issue to CVE-2018-16305.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-15436 ‼
📖 Read
via "National Vulnerability Database".
Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field.📖 Read
via "National Vulnerability Database".
‼ CVE-2018-16721 ‼
📖 Read
via "National Vulnerability Database".
In Jingyun Antivirus v2.4.2.39, the driver file (ZySandbox.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x12360090, a related issue to CVE-2018-16306.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-15437 ‼
📖 Read
via "National Vulnerability Database".
The Linux kernel before version 5.8 is vulnerable to a NULL pointer dereference in drivers/tty/serial/8250/8250_core.c:serial8250_isa_init_ports() that allows local users to cause a denial of service by using the p->serial_in pointer which uninitialized.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-26227 ‼
📖 Read
via "National Vulnerability Database".
TYPO3 is an open source PHP based web content management system. In TYPO3 before versions 9.5.23 and 10.4.10 the system extension Fluid (typo3/cms-fluid) of the TYPO3 core is vulnerable to cross-site scripting passing user-controlled data as argument to Fluid view helpers. Update to TYPO3 versions 9.5.23 or 10.4.10 that fix the problem described.📖 Read
via "National Vulnerability Database".
‼ CVE-2018-16719 ‼
📖 Read
via "National Vulnerability Database".
In Jingyun Antivirus v2.4.2.39, the driver file (hookbody.sys) allows local users to cause a denial of service (BSOD) or possibly have unspecified other impact because of not validating input values from IOCtl 0x00221482.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-25696 ‼
📖 Read
via "National Vulnerability Database".
A flaw was found in the psql interactive terminal of PostgreSQL in versions before 13.1, before 12.5, before 11.10, before 10.15, before 9.6.20 and before 9.5.24. If an interactive psql session uses \gset when querying a compromised server, the attacker can execute arbitrary code as the operating system account running psql. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-26229 ‼
📖 Read
via "National Vulnerability Database".
TYPO3 is an open source PHP based web content management system. In TYPO3 from version 10.4.0, and before version 10.4.10, RSS widgets are susceptible to XML external entity processing. This vulnerability is reasonable, but is theoretical - it was not possible to actually reproduce the vulnerability with current PHP versions of supported and maintained system distributions. At least with libxml2 version 2.9, the processing of XML external entities is disabled per default - and cannot be exploited. Besides that, a valid backend user account is needed. Update to TYPO3 version 10.4.10 to fix the problem described.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-25688 ‼
📖 Read
via "National Vulnerability Database".
A flaw was found in rhacm versions before 2.0.5 and before 2.1.0. Two internal service APIs were incorrectly provisioned using a test certificate from the source repository. This would result in all installations using the same certificates. If an attacker could observe network traffic internal to a cluster, they could use the private key to decode API requests that should be protected by TLS sessions, potentially obtaining information they would not otherwise be able to. These certificates are not used for service authentication, so no opportunity for impersonation or active MITM attacks were made possible.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-25660 ‼
📖 Read
via "National Vulnerability Database".
A flaw was found in the Cephx authentication protocol in versions before 15.2.6 and before 14.2.14, where it does not verify Ceph clients correctly and is then vulnerable to replay attacks in Nautilus. This flaw allows an attacker with access to the Ceph cluster network to authenticate with the Ceph service via a packet sniffer and perform actions allowed by the Ceph service. This issue is a reintroduction of CVE-2018-1128, affecting the msgr2 protocol. The msgr 2 protocol is used for all communication except older clients that do not support the msgr2 protocol. The msgr1 protocol is not affected. The highest threat from this vulnerability is to confidentiality, integrity, and system availability.📖 Read
via "National Vulnerability Database".