βΌ CVE-2019-25001 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in the serde_cbor crate before 0.10.2 for Rust. The CBOR deserializer can cause stack consumption via nested semantic tags.π Read
via "National Vulnerability Database".
βΌ CVE-2020-35886 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in the arr crate through 2020-08-25 for Rust. An attacker can smuggle non-Sync/Send types across a thread boundary to cause a data race.π Read
via "National Vulnerability Database".
βΌ CVE-2019-25007 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in the streebog crate before 0.8.0 for Rust. The Streebog hash function can cause a panic.π Read
via "National Vulnerability Database".
βΌ CVE-2019-25002 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in the sodiumoxide crate before 0.2.5 for Rust. generichash::Digest::eq compares itself to itself and thus has degenerate security properties.π Read
via "National Vulnerability Database".
βΌ CVE-2020-35851 βΌ
π Read
via "National Vulnerability Database".
HGiga MailSherlock does not validate specific parameters properly. Attackers can use the vulnerability to launch Command inject attacks remotely and execute arbitrary commands of the system.π Read
via "National Vulnerability Database".
βΌ CVE-2020-35862 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in the bitvec crate before 0.17.4 for Rust. BitVec to BitBox conversion leads to a use-after-free or double free.π Read
via "National Vulnerability Database".
βΌ CVE-2020-35922 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in the mio crate before 0.7.6 for Rust. It has false expectations about the std::net::SocketAddr memory representation.π Read
via "National Vulnerability Database".
βΌ CVE-2020-35896 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in the ws crate through 2020-09-25 for Rust. The outgoing buffer is not properly limited, leading to a remote memory-consumption attack.π Read
via "National Vulnerability Database".
βΌ CVE-2020-35897 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in the atom crate before 0.3.6 for Rust. An unsafe Send implementation allows a cross-thread data race.π Read
via "National Vulnerability Database".
βΌ CVE-2020-35876 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in the rio crate through 2020-05-11 for Rust. A struct can be leaked, allowing attackers to obtain sensitive information, cause a use-after-free, or cause a data race.π Read
via "National Vulnerability Database".
βΌ CVE-2020-35880 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in the bigint crate through 2020-05-07 for Rust. It allows a soundness violation.π Read
via "National Vulnerability Database".
βΌ CVE-2020-35882 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in the rocket crate before 0.4.5 for Rust. LocalRequest::clone creates more than one mutable references to the same object, possibly causing a data race.π Read
via "National Vulnerability Database".
π΄ 20 for 2020: The Edge's Top Articles of the Year π΄
π Read
via "Dark Reading".
Variety is the spice of life, and it's also the perfect analogy for the article topics that resonated most with Edge readers this past year.π Read
via "Dark Reading".
Dark Reading
The Edge
Variety is the spice of life, and it's also the perfect analogy for the article topics that resonated most with Edge readers this past year.
β Get back into the cybersecurity groove for 2021 β
π Read
via "Naked Security".
5 articles that help you become an expert, without needing you to be an expert to read them in the first placeπ Read
via "Naked Security".
Naked Security
Get back into the cybersecurity groove for 2021
5 articles that help you become an expert, without needing you to be an expert to read them in the first place
π΄ The Coolest Hacks of 2020 π΄
π Read
via "Dark Reading".
Despite a pandemic and possibly the worst cyberattack campaign ever waged against the US, the year still had some bright spots when it came to "good" and creative hacks.π Read
via "Dark Reading".
Dark Reading
The Coolest Hacks of 2020
Despite a pandemic and possibly the worst cyberattack campaign ever waged against the US, the year still had some bright spots when it came to good and creative hacks.
β Whatβs Next for Ransomware in 2021? β
π Read
via "Threat Post".
Ransomware response demands a whole-of-business plan before the next attack, according to our roundtable of experts.π Read
via "Threat Post".
Threat Post
Whatβs Next for Ransomware in 2021?
Ransomware response demands a whole-of-business plan before the next attack, according to our roundtable of experts.
π΄ How to Build Cyber Resilience in a Dangerous Atmosphere π΄
π Read
via "Dark Reading".
Our polarized climate and COVID-19 are putting the nation's cybersecurity in imminent danger, and it's past time to act.π Read
via "Dark Reading".
Dark Reading
How to Build Cyber Resilience in a Dangerous Atmosphere
Our polarized climate and COVID-19 are putting the nation's cybersecurity in imminent danger, and it's past time to act.
π 50 Threat Intelligence Tools for Valuable Threat Insights π
π Read
via "Digital Guardian".
Threat analysis tools with updated intelligence feeds have become an essential part of defenders' toolkits. In this blog, we look at 50 threat intelligence tools that can help teams better protect their business.π Read
via "Digital Guardian".
Digital Guardian
50 Threat Intelligence Tools for Valuable Threat Insights
Threat analysis tools with updated intelligence feeds have become an essential part of defenders' toolkits. In this blog, we look at 50 threat intelligence tools that can help teams better protect their business.
β S3 Ep13: A chat with hacker Keren Elazari [Podcast] β
π Read
via "Naked Security".
Latest episode - listen now!π Read
via "Naked Security".
Naked Security
S3 Ep13: A chat with hacker Keren Elazari [Podcast]
Latest episode β listen now!
π΄ Microsoft Reveals That Russian Attackers Accessed Some of Its Source Code π΄
π Read
via "Dark Reading".
Malicious SolarWinds Orion backdoor installed in Microsoft's network led to the attackers viewing some of its source code.π Read
via "Dark Reading".
Dark Reading
Cyberattacks & Data Breaches recent news | Dark Reading
Explore the latest news and expert commentary on Cyberattacks & Data Breaches, brought to you by the editors of Dark Reading
βΌ CVE-2019-25011 βΌ
π Read
via "National Vulnerability Database".
NetBox through 2.6.2 allows an Authenticated User to conduct an XSS attack against an admin via a GFM-rendered field, as demonstrated by /dcim/sites/add/ comments.π Read
via "National Vulnerability Database".