‼ CVE-2020-13451 ‼
📖 Read
via "National Vulnerability Database".
An incomplete-cleanup vulnerability in the Office rendering engine of Gotenberg through 6.2.1 allows an attacker to overwrite LibreOffice configuration files and execute arbitrary code via macros.📖 Read
via "National Vulnerability Database".
‼ CVE-2019-18643 ‼
📖 Read
via "National Vulnerability Database".
Rock RMS versions before 8.10 and versions 9.0 through 9.3 fails to properly validate files uploaded in the application. The only protection mechanism is a file-extension blacklist that can be bypassed by adding multiple spaces and periods after the file name. This could allow an attacker to upload ASPX code and gain remote code execution on the application. The application typically runs as LocalSystem as mandated in the installation guide. Patched in versions 8.10 and 9.4.📖 Read
via "National Vulnerability Database".
🕴 Cobalt Strike & Metasploit Tools Were Attacker Favorites in 2020 🕴
📖 Read
via "Dark Reading".
Research reveals APT groups and cybercriminals employ these offensive security tools as often as red teams.📖 Read
via "Dark Reading".
Dark Reading
Cobalt Strike & Metasploit Tools Were Attacker Favorites in 2020
Research reveals APT groups and cybercriminals employ these offensive security tools as often as red teams.
‼ CVE-2020-36048 ‼
📖 Read
via "National Vulnerability Database".
Engine.IO before 4.0.0 allows attackers to cause a denial of service (resource consumption) via a POST request to the long polling transport.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-36049 ‼
📖 Read
via "National Vulnerability Database".
socket.io-parser before 3.4.1 allows attackers to cause a denial of service (memory consumption) via a large packet because a concatenation approach is used.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-1055 ‼
📖 Read
via "National Vulnerability Database".
NVIDIA GPU Display Driver for Windows, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which improper access control may lead to denial of service and information disclosure.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-1051 ‼
📖 Read
via "National Vulnerability Database".
NVIDIA GPU Display Driver for Windows, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which an operation is performed which may lead to denial of service or escalation of privileges.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-1054 ‼
📖 Read
via "National Vulnerability Database".
NVIDIA GPU Display Driver for Windows, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape in which the software does not perform or incorrectly performs an authorization check when an actor attempts to access a resource or perform an action, which may lead to denial of service.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-1056 ‼
📖 Read
via "National Vulnerability Database".
NVIDIA GPU Display Driver for Linux, all versions, contains a vulnerability in the kernel mode layer (nvidia.ko) in which it does not completely honor operating system file system permissions to provide GPU device-level isolation, which may lead to denial of service or information disclosure.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-1053 ‼
📖 Read
via "National Vulnerability Database".
NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which improper validation of a user pointer may lead to denial of service.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-1052 ‼
📖 Read
via "National Vulnerability Database".
NVIDIA GPU Display Driver for Windows and Linux, all versions, contains a vulnerability in the kernel mode layer (nvlddmkm.sys) handler for DxgkDdiEscape or IOCTL in which user-mode clients can access legacy privileged APIs, which may lead to denial of service, escalation of privileges, and information disclosure.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-28468 ‼
📖 Read
via "National Vulnerability Database".
This affects the package pwntools before 4.3.1. The shellcraft generator for affected versions of this module are vulnerable to Server-Side Template Injection (SSTI), which can lead to remote code execution.📖 Read
via "National Vulnerability Database".
❌ FBI Warns of Egregor Attacks on Businesses Worldwide ❌
📖 Read
via "Threat Post".
The agency said the malware has already compromised more than 150 organizations and provided insight into its ransomware-as-a-service behavior.📖 Read
via "Threat Post".
Threat Post
FBI Warns of Egregor Attacks on Businesses Worldwide
The agency said the malware has already compromised more than 150 organizations and provided insight into its ransomware-as-a-service behavior.
🕴 Top 5 'Need to Know' Coding Defects for DevSecOps 🕴
📖 Read
via "Dark Reading".
Integrating static analysis into the development cycle can prevent coding defects and deliver secure software faster.📖 Read
via "Dark Reading".
Dark Reading
Top 5 'Need to Know' Coding Defects for DevSecOps
Integrating static analysis into the development cycle can prevent coding defects and deliver secure software faster.
‼ CVE-2020-7794 ‼
📖 Read
via "National Vulnerability Database".
This affects all versions of package buns. The injection point is located in line 678 in index file lib/index.js in the exported function install(requestedModule).📖 Read
via "National Vulnerability Database".
‼ CVE-2020-7784 ‼
📖 Read
via "National Vulnerability Database".
This affects all versions of package ts-process-promises. The injection point is located in line 45 in main entry of package in lib/process-promises.js. The vulnerability is demonstrated with the following PoC:📖 Read
via "National Vulnerability Database".
🔏 Friday Five 1/8 🔏
📖 Read
via "Digital Guardian".
Anti-secrecy activists, insider threats, and exhaustive asset inventories - catch up on all of the week's infosec news with the Friday Five!📖 Read
via "Digital Guardian".
Digital Guardian
Friday Five 1/8
Anti-secrecy activists, insider threats, and exhaustive asset inventories - catch up on all of the week's infosec news with the Friday Five!
🦿 How to review App Privacy data on your iPhone, iPad, or Mac 🦿
📖 Read
via "Tech Republic".
In organizations, Apple's App Privacy data can start a conversation about privacy-respecting apps as well as help IT leaders stop the use of apps that collect more data than necessary.📖 Read
via "Tech Republic".
TechRepublic
How to review App Privacy data on your iPhone, iPad, or Mac
In organizations, Apple's App Privacy data can start a conversation about privacy-respecting apps as well as help IT leaders stop the use of apps that collect more data than necessary.
❌ SolarWinds Hires Chris Krebs, Alex Stamos in Wake of Hack ❌
📖 Read
via "Threat Post".
Former CISA director Chris Krebs and former Facebook security exec Alex Stamos have teamed up to create a new consulting group - and have been hired by SolarWinds.📖 Read
via "Threat Post".
Threat Post
SolarWinds Hires Chris Krebs, Alex Stamos in Wake of Hack
Former CISA director Chris Krebs and former Facebook security exec Alex Stamos have teamed up to create a new consulting group - and have been hired by SolarWinds.
‼ CVE-2021-1059 ‼
📖 Read
via "National Vulnerability Database".
NVIDIA vGPU manager contains a vulnerability in the vGPU plugin, in which an input index is not validated, which may lead to integer overflow, which in turn may cause tampering of data, information disclosure, or denial of service. This affects vGPU version 8.x (prior to 8.6) and version 11.0 (prior to 11.3).📖 Read
via "National Vulnerability Database".
‼ CVE-2020-5804 ‼
📖 Read
via "National Vulnerability Database".
Marvell QConvergeConsole GUI <= 5.5.0.74 is affected by a path traversal vulnerability. The deleteEventLogFile method of the GWTTestServiceImpl class lacks proper validation of a user-supplied path prior to using it in file deletion operations. An authenticated, remote attacker can leverage this vulnerability to delete arbitrary remote files as SYSTEM or root.📖 Read
via "National Vulnerability Database".