βΌ CVE-2020-13582 βΌ
π Read
via "National Vulnerability Database".
A denial-of-service vulnerability exists in the HTTP Server functionality of Micrium uC-HTTP 3.01.00. A specially crafted HTTP request can lead to denial of service. An attacker can send an HTTP request to trigger this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2021-22159 βΌ
π Read
via "National Vulnerability Database".
Insider Threat Management Windows Agent Local Privilege Escalation Vulnerability The Proofpoint Insider Threat Management (formerly ObserveIT) Agent for Windows before 7.4.3, 7.5.4, 7.6.5, 7.7.5, 7.8.4, 7.9.3, 7.10.2, and 7.11.0.25 as well as versions 7.3 and earlier is missing authentication for a critical function, which allows a local authenticated Windows user to run arbitrary commands with the privileges of the Windows SYSTEM user. Agents for MacOS, Linux, and ITM Cloud are not affected.π Read
via "National Vulnerability Database".
βΌ CVE-2021-3308 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in Xen 4.12.3 through 4.12.4 and 4.13.1 through 4.14.x. An x86 HVM guest with PCI pass through devices can force the allocation of all IDT vectors on the system by rebooting itself with MSI or MSI-X capabilities enabled and entries setup. Such reboots will leak any vectors used by the MSI(-X) entries that the guest might had enabled, and hence will lead to vector exhaustion on the system, not allowing further PCI pass through devices to work properly. HVM guests with PCI pass through devices can mount a Denial of Service (DoS) attack affecting the pass through of PCI devices to other guests or the hardware domain. In the latter case, this would affect the entire host.π Read
via "National Vulnerability Database".
βΌ CVE-2021-23272 βΌ
π Read
via "National Vulnerability Database".
The Application Development Clients component of TIBCO Software Inc.'s TIBCO BPM Enterprise and TIBCO BPM Enterprise Distribution for TIBCO Silver Fabric contains a vulnerability that theoretically allows a low privileged attacker with network access to execute a Cross Site Scripting (XSS) attack on the affected system. Affected releases are TIBCO Software Inc.'s TIBCO BPM Enterprise: versions 4.3.0 and below and TIBCO BPM Enterprise Distribution for TIBCO Silver Fabric: versions 4.3.0 and below.π Read
via "National Vulnerability Database".
β DanaBot Malware Roars Back into Relevancy β
π Read
via "Threat Post".
Sophisticated and dangerous, DanaBot has resurfaced after laying dormant for seven months.π Read
via "Threat Post".
Threat Post
DanaBot Malware Roars Back into Relevancy
Sophisticated and dangerous, DanaBot has resurfaced after laying dormant for seven months.
β Nvidia Squashes High-Severity Jetson DoS Flaw β
π Read
via "Threat Post".
If exploited, the most serious of these flaws could lead to a denial-of-service condition for Jetson products.π Read
via "Threat Post".
Threat Post
Nvidia Squashes High-Severity Jetson DoS Flaw
If exploited, the most serious of these flaws could lead to a denial-of-service condition for Jetson products like drones.
π¦Ώ Google releases alarming report about North Korean hackers posing as security analysts π¦Ώ
π Read
via "Tech Republic".
Google said the attackers were targeting security researchers by using fake LinkedIn and Twitter profiles and asking to collaborate.π Read
via "Tech Republic".
TechRepublic
Google releases alarming report about North Korean hackers posing as security analysts
Google said the attackers were targeting security researchers by using fake LinkedIn and Twitter profiles and asking to collaborate.
π΄ North Korean Attackers Target Security Researchers via Social Media: Google π΄
π Read
via "Dark Reading".
Google TAG warns the infosec community of unsolicited requests from individuals seeking collaboration on vulnerability research.π Read
via "Dark Reading".
Dark Reading
North Korean Attackers Target Security Researchers via Social Media: Google
Google TAG warns the infosec community of unsolicited requests from individuals seeking collaboration on vulnerability research.
π΄ Pay-Or-Get-Breached Ransomware Schemes Take Off π΄
π Read
via "Dark Reading".
In 2020, ransomware attackers moved quickly to adopt so-called "double extortion" schemes, with more than 550 incidents in the fourth quarter alone.π Read
via "Dark Reading".
Dark Reading
Pay-Or-Get-Breached Ransomware Schemes Take Off
In 2020, ransomware attackers moved quickly to adopt so-called double extortion schemes, with more than 550 incidents in the fourth quarter alone.
βΌ CVE-2021-1071 βΌ
π Read
via "National Vulnerability Database".
NVIDIA Tegra kernel in Jetson AGX Xavier Series, Jetson Xavier NX, TX1, TX2, Nano and Nano 2GB, all L4T versions prior to r32.5, contains a vulnerability in the INA3221 driver in which improper access control may lead to unauthorized users gaining access to system power usage data, which may lead to information disclosure.π Read
via "National Vulnerability Database".
βΌ CVE-2020-23774 βΌ
π Read
via "National Vulnerability Database".
A reflected XSS vulnerability exists in tohtml/convert.php of Winmail 6.5, which can cause JavaScript code to be executed.π Read
via "National Vulnerability Database".
βΌ CVE-2021-26272 βΌ
π Read
via "National Vulnerability Database".
It was possible to execute a ReDoS-type attack inside CKEditor 4 before 4.16 by persuading a victim to paste crafted URL-like text into the editor, and then press Enter or Space (in the Autolink plugin).π Read
via "National Vulnerability Database".
βΌ CVE-2021-21278 βΌ
π Read
via "National Vulnerability Database".
RSSHub is an open source, easy to use, and extensible RSS feed generator. In RSSHub before version 7f1c430 (non-semantic versioning) there is a risk of code injection. Some routes use `eval` or `Function constructor`, which may be injected by the target site with unsafe code, causing server-side security issues The fix in version 7f1c430 is to temporarily remove the problematic route and added a `no-new-func` rule to eslint.π Read
via "National Vulnerability Database".
βΌ CVE-2021-1070 βΌ
π Read
via "National Vulnerability Database".
NVIDIA Jetson AGX Xavier Series, Jetson Xavier NX, TX1, TX2, Nano and Nano 2GB, L4T versions prior to 32.5, contains a vulnerability in the apply_binaries.sh script used to install NVIDIA components into the root file system image, in which improper access control is applied, which may lead to an unprivileged user being able to modify system device tree files, leading to denial of service.π Read
via "National Vulnerability Database".
βΌ CVE-2021-21283 βΌ
π Read
via "National Vulnerability Database".
Flarum is an open source discussion platform for websites. The "Flarum Sticky" extension versions 0.1.0-beta.14 and 0.1.0-beta.15 has a cross-site scripting vulnerability. A change in release beta 14 of the Sticky extension caused the plain text content of the first post of a pinned discussion to be injected as HTML on the discussion list. The issue was discovered following an internal audit. Any HTML would be injected through the m.trust() helper. This resulted in an HTML injection where <script> tags would not be executed. However it was possible to run javascript from other HTML attributes, enabling a cross-site scripting (XSS) attack to be performed. Since the exploit only happens with the first post of a pinned discussion, an attacker would need the ability to pin their own discussion, or be able to edit a discussion that was previously pinned. On forums where all pinned posts are authored by your staff, you can be relatively certain the vulnerability has not been exploited. Forums where some user-created discussions were pinned can look at the first post edit date to find whether the vulnerability might have been exploited. Because Flarum doesn't store the post content history, you cannot be certain if a malicious edit was reverted. The fix will be available in version v0.1.0-beta.16 with Flarum beta 16. The fix has already been back-ported to Flarum beta 15 as version v0.1.0-beta.15.1 of the Sticky extension. Forum administrators can disable the Sticky extension until they are able to apply the update. The vulnerability cannot be exploited while the extension is disabled.π Read
via "National Vulnerability Database".
βΌ CVE-2020-23776 βΌ
π Read
via "National Vulnerability Database".
A SSRF vulnerability exists in Winmail 6.5 in app.php in the key parameter when HTTPS is on. An attacker can use this vulnerability to cause the server to send a request to a specific URL. An attacker can modify the request header 'HOST' value to cause the server to send the request.π Read
via "National Vulnerability Database".
βΌ CVE-2021-3309 βΌ
π Read
via "National Vulnerability Database".
packages/wekan-ldap/server/ldap.js in Wekan before 4.87 can process connections even though they are not authorized by the Certification Authority trust store,π Read
via "National Vulnerability Database".
βΌ CVE-2021-26271 βΌ
π Read
via "National Vulnerability Database".
It was possible to execute a ReDoS-type attack inside CKEditor 4 before 4.16 by persuading a victim to paste crafted text into the Styles input of specific dialogs (in the Advanced Tab for Dialogs plugin).π Read
via "National Vulnerability Database".
βΌ CVE-2021-21271 βΌ
π Read
via "National Vulnerability Database".
Tendermint Core is an open source Byzantine Fault Tolerant (BFT) middleware that takes a state transition machine - written in any programming language - and securely replicates it on many machines. Tendermint Core v0.34.0 introduced a new way of handling evidence of misbehavior. As part of this, we added a new Timestamp field to Evidence structs. This timestamp would be calculated using the same algorithm that is used when a block is created and proposed. (This algorithm relies on the timestamp of the last commit from this specific block.) In Tendermint Core v0.34.0-v0.34.2, the consensus reactor is responsible for forming DuplicateVoteEvidence whenever double signs are observed. However, the current block is still Γ’β¬œin flightΓ’β¬οΏ½ when it is being formed by the consensus reactor. It hasnΓ’β¬β’t been finalized through network consensus yet. This means that different nodes in the network may observe different Γ’β¬œlast commitsΓ’β¬οΏ½ when assigning a timestamp to DuplicateVoteEvidence. In turn, different nodes could form DuplicateVoteEvidence objects at the same height but with different timestamps. One DuplicateVoteEvidence object (with one timestamp) will then eventually get finalized in the block, but this means that any DuplicateVoteEvidence with a different timestamp is considered invalid. Any node that formed invalid DuplicateVoteEvidence will continue to propose invalid evidence; its peers may see this, and choose to disconnect from this node. This bug means that double signs are DoS vectors in Tendermint Core v0.34.0-v0.34.2. Tendermint Core v0.34.3 is a security release which fixes this bug. As of v0.34.3, DuplicateVoteEvidence is no longer formed by the consensus reactor; rather, the consensus reactor passes the Votes themselves into the EvidencePool, which is now responsible for forming DuplicateVoteEvidence. The EvidencePool has timestamp info that should be consistent across the network, which means that DuplicateVoteEvidence formed in this reactor should have consistent timestamps. This release changes the API between the consensus and evidence reactors.π Read
via "National Vulnerability Database".
βΌ CVE-2021-3156 βΌ
π Read
via "National Vulnerability Database".
Sudo before 1.9.5p2 has a Heap-based Buffer Overflow, allowing privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character:π Read
via "National Vulnerability Database".
βΌ CVE-2013-2512 βΌ
π Read
via "National Vulnerability Database".
The ftpd gem 0.2.1 for Ruby allows remote attackers to execute arbitrary OS commands via shell metacharacters in a LIST or NLST command argument within FTP protocol traffic.π Read
via "National Vulnerability Database".