βΌ CVE-2020-5100 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2020-5097 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2020-5098 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2020-5095 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2020-5078 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2020-5063 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2020-5101 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.π Read
via "National Vulnerability Database".
β Cyberattacks on Healthcare Spike 45% Since November β
π Read
via "Threat Post".
The relentless rise in COVID-19 cases is battering already frayed healthcare systems β and ransomware criminals are using the opportunity to strike.π Read
via "Threat Post".
Threat Post
Cyberattacks on Healthcare Spike 45% Since November
The relentless rise in COVID-19 cases is battering already frayed healthcare systems β and ransomware criminals are using the opportunity to strike.
π΄ China's APT Groups May Be Looking to Cash In π΄
π Read
via "Dark Reading".
Two campaigns have resulted in encrypted drives and ransom notes, suggesting that some China-linked nation-state advanced persistent threat groups have added financial gain as a motive, researchers say.π Read
via "Dark Reading".
Dark Reading
China's APT Groups May Be Looking to Cash In
Two campaigns have resulted in encrypted drives and ransom notes, suggesting that some China-linked nation-state advanced persistent threat groups have added financial gain as a motive, researchers say.
β RCE βBugβ Found and Disputed in Popular PHP Scripting Framework β
π Read
via "Threat Post".
Impacted are PHP-based websites running a vulnerable version of the web-app creation tool Zend Framework and some Laminas Project releases.π Read
via "Threat Post".
Threat Post
RCE βBugβ Found and Disputed in Popular PHP Scripting Framework
Impacted are PHP-based websites running a vulnerable version of the web-app creation tool Zend Framework and some Laminas Project releases.
π΄ Dark Web Forum Activity Surged 44% in Early COVID Months π΄
π Read
via "Dark Reading".
Researchers analyzed the activity of five popular English- and Russian-speaking Dark Web forums and discovered exponential membership growth.π Read
via "Dark Reading".
Dark Reading
Dark Web Forum Activity Surged 44% in Early COVID Months
Researchers analyzed the activity of five popular English- and Russian-speaking Dark Web forums and discovered exponential membership growth.
βΌ CVE-2020-29500 βΌ
π Read
via "National Vulnerability Database".
Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a Plain-Text Password Storage Vulnerability in PowerStore T environments. A locally authenticated attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.π Read
via "National Vulnerability Database".
βΌ CVE-2020-35170 βΌ
π Read
via "National Vulnerability Database".
Dell EMC Unisphere for PowerMax versions prior to 9.1.0.9, Dell EMC Unisphere for PowerMax versions prior to 9.0.2.16, and Dell EMC PowerMax OS 5978.221.221 and 5978.479.479 contain a Cross-Site Scripting (XSS) vulnerability. An authenticated malicious user may potentially exploit this vulnerability to inject javascript code and affect other authenticated usersΓ’β¬β’ sessions.π Read
via "National Vulnerability Database".
βΌ CVE-2020-23249 βΌ
π Read
via "National Vulnerability Database".
GigaVUE-OS (GVOS) 5.4 - 5.9 stores a Redis database password in plaintext.π Read
via "National Vulnerability Database".
βΌ CVE-2020-36051 βΌ
π Read
via "National Vulnerability Database".
Directory traversal vulnerability in page_edit.php in MiniCMS V1.10 allows remote attackers to read arbitrary files via the state parameter.π Read
via "National Vulnerability Database".
βΌ CVE-2020-36066 βΌ
π Read
via "National Vulnerability Database".
GJSON <1.6.5 allows attackers to cause a denial of service (remote) via crafted JSON.π Read
via "National Vulnerability Database".
βΌ CVE-2020-36052 βΌ
π Read
via "National Vulnerability Database".
Directory traversal vulnerability in post-edit.php in MiniCMS V1.10 allows remote attackers to include and execute arbitrary files via the state parameter.π Read
via "National Vulnerability Database".
βΌ CVE-2020-29501 βΌ
π Read
via "National Vulnerability Database".
Dell EMC PowerStore versions prior to 1.0.3.0.5.007 contain a Plain-Text Password Storage Vulnerability in PowerStore X & T environments. A locally authenticated attacker could potentially exploit this vulnerability, leading to the disclosure of certain user credentials. The attacker may be able to use the exposed credentials to access the vulnerable application with privileges of the compromised account.π Read
via "National Vulnerability Database".
βΌ CVE-2020-29490 βΌ
π Read
via "National Vulnerability Database".
Dell EMC Unity, Unity XT, and UnityVSA versions prior to 5.0.4.0.5.012 contain a Denial of Service vulnerability on NAS Servers with NFS exports. A remote authenticated attacker could potentially exploit this vulnerability and cause Denial of Service (Storage Processor Panic) by sending specially crafted UDP requests.π Read
via "National Vulnerability Database".
βΌ CVE-2019-20484 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in Viki Vera 4.9.1.26180. A user without access to a project could download or upload project files by opening the Project URL directly in the browser after logging in.π Read
via "National Vulnerability Database".
βΌ CVE-2020-26181 βΌ
π Read
via "National Vulnerability Database".
Dell EMC Isilon OneFS versions 8.1 and later and Dell EMC PowerScale OneFS version 9.0.0 contain a privilege escalation vulnerability on a SmartLock Compliance mode cluster. The compadmin user connecting using ISI PRIV LOGIN SSH or ISI PRIV LOGIN CONSOLE can elevate privileges to the root user if they have ISI PRIV HARDENING privileges.π Read
via "National Vulnerability Database".