🛡 Cybersecurity & Privacy 🛡 - News
@cibsecurity
25.8K subscribers
89.2K links
🗞 The finest daily news on cybersecurity and privacy.

🔔 Daily releases.

💻 Is your online life secure?

📩 lalilolalo.dev@gmail.com
Download Telegram
About
Blog
Apps
Platform
Join
🛡 Cybersecurity & Privacy 🛡 - News
25.8K subscribers
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2020-28292

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none.

📖 Read

via "National Vulnerability Database".
76 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2020-28303

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none.

📖 Read

via "National Vulnerability Database".
75 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2019-11305

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2019. Notes: none.

📖 Read

via "National Vulnerability Database".
72 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2020-36227

A flaw was discovered in OpenLDAP before 2.4.57 leading to an infinite loop in slapd with the cancel_extop Cancel operation, resulting in denial of service.

📖 Read

via "National Vulnerability Database".
73 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2020-27098

In checkGrantUriPermission of UriGrantsManagerService.java, there is a possible way to access contacts due to a permissions bypass. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-138791358

📖 Read

via "National Vulnerability Database".
73 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2020-5442

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none.

📖 Read

via "National Vulnerability Database".
68 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2021-22698

A CWE-434: Unrestricted Upload of File with Dangerous Type vulnerability exists in the EcoStruxure Power Build - Rapsody software (V2.1.13 and prior) that could allow a stack-based buffer overflow to occur which could result in remote code execution when a malicious SSD file is uploaded and improperly parsed.

📖 Read

via "National Vulnerability Database".
70 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2020-35576

A Command Injection issue in the traceroute feature on TP-Link TL-WR841N V13 (JP) with firmware versions prior to 201216 allows authenticated users to execute arbitrary code as root via shell metacharacters, a different vulnerability than CVE-2018-12577.

📖 Read

via "National Vulnerability Database".
73 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2020-28304

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none.

📖 Read

via "National Vulnerability Database".
72 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2020-13187

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none.

📖 Read

via "National Vulnerability Database".
73 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2020-36205

An issue was discovered in the xcb crate through 2020-12-10 for Rust. base::Error does not have soundness. Because of the public ptr field, a use-after-free or double-free can occur.

📖 Read

via "National Vulnerability Database".
72 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2020-28295

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none.

📖 Read

via "National Vulnerability Database".
70 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2020-5480

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none.

📖 Read

via "National Vulnerability Database".
72 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2020-13216

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none.

📖 Read

via "National Vulnerability Database".
80 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2019-25015

LuCI in OpenWrt 18.06.0 through 18.06.4 allows stored XSS via a crafted SSID.

📖 Read

via "National Vulnerability Database".
82 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2020-28299

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none.

📖 Read

via "National Vulnerability Database".
87 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2020-5478

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none.

📖 Read

via "National Vulnerability Database".
81 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2020-21146

Feehi CMS 2.0.8 is affected by a cross-site scripting (XSS) vulnerability. When the user name is inserted as JavaScript code, browsing the post will trigger the XSS.

📖 Read

via "National Vulnerability Database".
91 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2020-28300

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: none.

📖 Read

via "National Vulnerability Database".
92 views
🛡 Cybersecurity & Privacy 🛡 - News
🕴 BEC Scammers Find New Ways to Navigate Microsoft 365 🕴

Their techniques made use of out-of-office replies and automatic responses during the 2020 holiday season, researchers report.

📖 Read

via "Dark Reading".
Darkreading
BEC Scammers Find New Ways to Navigate Microsoft 365
Their techniques made use of out-of-office replies and automatic responses during the 2020 holiday season, researchers report.
100 views
🛡 Cybersecurity & Privacy 🛡 - News
23M Gamer Records Exposed in VIPGames Leak

The personal data of 66,000 users was left wide open on a misconfigured Elasticsearch server, joining a growing list of companies with leaky clouds.

📖 Read

via "Threat Post".
Threat Post
23M Gamer Records Exposed in VIPGames Leak
The personal data of 66,000 users was left wide open on a misconfigured Elasticsearch server, joining a growing list of companies with leaky clouds.
122 views