‼ CVE-2020-16110 ‼
📖 Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-16115 ‼
📖 Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-25312 ‼
📖 Read
via "National Vulnerability Database".
HTCondor before 8.9.11 allows a user to submit a job as another user on the system, because of a flaw in the IDTOKENS authentication method.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-16113 ‼
📖 Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-23355 ‼
📖 Read
via "National Vulnerability Database".
** PRODUCT NOT SUPPORTED WHEN ASSIGNED ** Codiad 2.8.4 /componetns/user/class.user.php:Authenticate() is vulnerable in magic hash authentication bypass. If encrypted or hash value for the passwords form certain formats of magic hash, e.g, 0e123, another hash value 0e234 something can successfully authenticate.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-16112 ‼
📖 Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-16109 ‼
📖 Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-25311 ‼
📖 Read
via "National Vulnerability Database".
condor_credd in HTCondor before 8.9.11 allows Directory Traversal outside the SEC_CREDENTIAL_DIRECTORY_OAUTH directory, as demonstrated by creating a file under /etc that will later be executed by root.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-23361 ‼
📖 Read
via "National Vulnerability Database".
phpList 3.5.3 allows type juggling for login bypass because == is used instead of === for password hashes, which mishandles hashes that begin with 0e followed by exclusively numerical characters.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-16111 ‼
📖 Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2020. Notes: none.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-23360 ‼
📖 Read
via "National Vulnerability Database".
oscommerce v2.3.4.1 has a functional problem in user registration and password rechecking, where a non-identical password can bypass the checks in /catalog/admin/administrators.php and /catalog/password_reset.php📖 Read
via "National Vulnerability Database".
‼ CVE-2020-23359 ‼
📖 Read
via "National Vulnerability Database".
WeBid 1.2.2 admin/newuser.php has an issue with password rechecking during registration because it uses a loose comparison to check the identicalness of two passwords. Two non-identical passwords can still bypass the check.📖 Read
via "National Vulnerability Database".
❌ Emotet Takedown Disrupts Vast Criminal Infrastructure; NetWalker Site Offline ❌
📖 Read
via "Threat Post".
Hundreds of servers and 1 million Emotet infections have been dismantled globally, while tales have emerged on Twitter that NetWalker's Dark Web leaks site is offline.📖 Read
via "Threat Post".
Threat Post
Emotet Takedown Disrupts Vast Criminal Infrastructure; NetWalker Site Offline
Hundreds of servers and 1 million Emotet infections have been dismantled globally, while authorities have taken NetWalker's Dark Web leaks site offline and charged a suspect.
❌ ADT Security Camera Flaw Opened Homes, Stores to Eavesdropping ❌
📖 Read
via "Threat Post".
Researchers publicly disclosed flaws in ADT's LifeShield DIY HD Video Doorbell, which could have allowed local attackers to access credentials, video feeds and more.📖 Read
via "Threat Post".
Threat Post
ADT Security Camera Flaws Open Homes to Eavesdropping
Researchers publicly disclosed flaws in ADT's LifeShield DIY HD Video Doorbell, which could have allowed local attackers to access credentials, video feeds and more.
🕴 4 Clues to Spot a Bot Network 🕴
📖 Read
via "Dark Reading".
Protect against misinformation and disinformation campaigns by learning how to identify the bot networks spreading falsehoods.📖 Read
via "Dark Reading".
Dark Reading
4 Clues to Spot a Bot Network
Protect against misinformation and disinformation campaigns by learning how to identify the bot networks spreading falsehoods.
🕴 Many Cybersecurity Job Candidates Are Subpar, While On-the-Job Training Falls Short 🕴
📖 Read
via "Dark Reading".
With demand for skilled cybersecurity workers so high, is it really surprising that most companies are seeing fewer qualified applicants?📖 Read
via "Dark Reading".
Dark Reading
Many Cybersecurity Job Candidates Are Subpar, While On-the-Job Training Falls Short
With demand for skilled cybersecurity workers so high, is it really surprising that most companies are seeing fewer qualified applicants?
🔏 Digital Guardian's Most Popular Resources of 2020 🔏
📖 Read
via "Digital Guardian".
What worked for us in 2020? We look back at the most popular eBooks, webinars, and reports from the past 12 months.📖 Read
via "Digital Guardian".
Digital Guardian
Digital Guardian's Most Popular Resources of 2020
What worked for us in 2020? We look back at the most popular eBooks, webinars, and reports from the past 12 months.
🕴 Microsoft Security Business Exceeds $10B in Revenue 🕴
📖 Read
via "Dark Reading".
Microsoft's security division has grown more than 40% year-over-year, the company reports alongside security product updates.📖 Read
via "Dark Reading".
Darkreading
Microsoft Security Business Exceeds $10B in Revenue
Microsoft's security division has grown more than 40% year-over-year, the company reports alongside security product updates.
‼ CVE-2020-4189 ‼
📖 Read
via "National Vulnerability Database".
IBM Security Guardium 11.2 discloses sensitive information in the response headers that could be used in further attacks against the system. IBM X-Force ID: 174850.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-5427 ‼
📖 Read
via "National Vulnerability Database".
In Spring Cloud Data Flow, versions 2.6.x prior to 2.6.5, versions 2.5.x prior 2.5.4, an application is vulnerable to SQL injection when requesting task execution.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-4865 ‼
📖 Read
via "National Vulnerability Database".
IBM Jazz Foundation products is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 190741.📖 Read
via "National Vulnerability Database".