β Feds Pinpoint Russia as βLikelyβ Culprit Behind SolarWinds Attack β
π Read
via "Threat Post".
The widespread compromise affecting key government agencies is ongoing, according to the U.S. government.π Read
via "Threat Post".
Threat Post
Feds Pinpoint Russia as βLikelyβ Culprit Behind SolarWinds Attack
The widespread compromise affecting key government agencies is ongoing, according to the U.S. government.
βΌ CVE-2020-4336 βΌ
π Read
via "National Vulnerability Database".
IBM WebSphere eXtreme Scale 8.6.1 stores sensitive information in URL parameters. This may lead to information disclosure if unauthorized parties have access to the URLs via server logs, referrer header or browser history. IBM X-Force ID: 177932.π Read
via "National Vulnerability Database".
βΌ CVE-2020-8884 βΌ
π Read
via "National Vulnerability Database".
rcdsvc in the Proofpoint Insider Threat Management Windows Agent (formerly ObserveIT Windows Agent) before 7.9 allows remote authenticated users to execute arbitrary code as SYSTEM because of improper deserialization over named pipes.π Read
via "National Vulnerability Database".
βΌ CVE-2020-10657 βΌ
π Read
via "National Vulnerability Database".
The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains a vulnerability in the ITM web console's ImportAlertRules feature. The vulnerability allows a remote attacker (with admin or config-admin privileges in the console) to execute arbitrary code with local administrator privileges. The vulnerability is caused by improper deserialization.π Read
via "National Vulnerability Database".
βΌ CVE-2020-10658 βΌ
π Read
via "National Vulnerability Database".
The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains a vulnerability in the ITM application server's WriteImage API. The vulnerability allows an anonymous remote attacker to execute arbitrary code with local administrator privileges. The vulnerability is caused by improper deserialization.π Read
via "National Vulnerability Database".
βΌ CVE-2020-10655 βΌ
π Read
via "National Vulnerability Database".
The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains a vulnerability in the ITM application server's WriteWindowMouse API. The vulnerability allows an anonymous remote attacker to execute arbitrary code with local administrator privileges. The vulnerability is caused by improper deserialization.π Read
via "National Vulnerability Database".
βΌ CVE-2020-10656 βΌ
π Read
via "National Vulnerability Database".
The Proofpoint Insider Threat Management Server (formerly ObserveIT Server) before 7.9.1 contains a vulnerability in the ITM application server's WriteWindowMouseWithChunksV2 API. The vulnerability allows an anonymous remote attacker to execute arbitrary code with local administrator privileges. The vulnerability is caused by improper deserialization.π Read
via "National Vulnerability Database".
βΌ CVE-2020-36170 βΌ
π Read
via "National Vulnerability Database".
The Ultimate Member plugin before 2.1.13 for WordPress mishandles hidden name="timestamp" fields in forms.π Read
via "National Vulnerability Database".
βΌ CVE-2020-26759 βΌ
π Read
via "National Vulnerability Database".
clickhouse-driver before 0.1.5 allows a malicious clickhouse server to trigger a crash or execute arbitrary code (on a database client) via a crafted server response, due to a buffer overflow.π Read
via "National Vulnerability Database".
π¦Ώ US government fingers Russia for SolarWinds-based cyberattack π¦Ώ
π Read
via "Tech Republic".
A joint statement from the FBI, NSA, and other federal agencies says the cyber incident was likely Russian in origin.π Read
via "Tech Republic".
TechRepublic
US government fingers Russia for SolarWinds-based cyberattack
A joint statement from the FBI, NSA, and other federal agencies says the cyber incident was likely Russian in origin.
βΌ CVE-2020-27283 βΌ
π Read
via "National Vulnerability Database".
An attacker could send a specially crafted message to Crimson 3.1 (Build versions prior to 3119.001) that could leak arbitrary memory locations.π Read
via "National Vulnerability Database".
βΌ CVE-2020-13544 βΌ
π Read
via "National Vulnerability Database".
An exploitable sign extension vulnerability exists in the TextMaker document parsing functionality of SoftMaker Office 2021Γ’β¬β’s TextMaker application. A specially crafted document can cause the document parser to sign-extend a length used to terminate a loop, which can later result in the loopΓ’β¬β’s index being used to write outside the bounds of a heap buffer during the reading of file data. An attacker can entice the victim to open a document to trigger this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2020-13545 βΌ
π Read
via "National Vulnerability Database".
An exploitable signed conversion vulnerability exists in the TextMaker document parsing functionality of SoftMaker Office 2021Γ’β¬β’s TextMaker application. A specially crafted document can cause the document parser to miscalculate a length used to allocate a buffer, later upon usage of this buffer the application will write outside its bounds resulting in a heap-based memory corruption. An attacker can entice the victim to open a document to trigger this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2020-36174 βΌ
π Read
via "National Vulnerability Database".
The Ninja Forms plugin before 3.4.27.1 for WordPress allows CSRF via services integration.π Read
via "National Vulnerability Database".
βΌ CVE-2020-27285 βΌ
π Read
via "National Vulnerability Database".
The default configuration of Crimson 3.1 (Build versions prior to 3119.001) allows a user to be able to read and modify the database without authentication.π Read
via "National Vulnerability Database".
βΌ CVE-2020-36172 βΌ
π Read
via "National Vulnerability Database".
The Advanced Custom Fields plugin before 5.8.12 for WordPress mishandles the escaping of strings in Select2 dropdowns, potentially leading to XSS.π Read
via "National Vulnerability Database".
βΌ CVE-2020-36175 βΌ
π Read
via "National Vulnerability Database".
The Ninja Forms plugin before 3.4.27.1 for WordPress allows attackers to bypass validation via the email field.π Read
via "National Vulnerability Database".
βΌ CVE-2020-36173 βΌ
π Read
via "National Vulnerability Database".
The Ninja Forms plugin before 3.4.28 for WordPress lacks escaping for submissions-table fields.π Read
via "National Vulnerability Database".
βΌ CVE-2020-8160 βΌ
π Read
via "National Vulnerability Database".
MendixSSO <= 2.1.1 contains endpoints that make use of the openid handler, which is suffering from a Cross-Site Scripting vulnerability via the URL path. This is caused by the reflection of user-supplied data without appropriate HTML escaping or output encoding. As a result, a JavaScript payload may be injected into the above endpoint causing it to be executed within the context of the victim's browser.π Read
via "National Vulnerability Database".
βΌ CVE-2020-36176 βΌ
π Read
via "National Vulnerability Database".
The iThemes Security (formerly Better WP Security) plugin before 7.7.0 for WordPress does not enforce a new-password requirement for an existing account until the second login occurs.π Read
via "National Vulnerability Database".
βΌ CVE-2020-36177 βΌ
π Read
via "National Vulnerability Database".
RsaPad_PSS in wolfcrypt/src/rsa.c in wolfSSL before 4.6.0 has an out-of-bounds write for certain relationships between key size and digest size.π Read
via "National Vulnerability Database".