‼ CVE-2021-25310 ‼
📖 Read
via "National Vulnerability Database".
** UNSUPPORTED WHEN ASSIGNED ** The administration web interface on Belkin Linksys WRT160NL 1.0.04.002_US_20130619 devices allows remote authenticated attackers to execute system commands with root privileges via shell metacharacters in the ui_language POST parameter to the apply.cgi form endpoint. This occurs in do_upgrade_post in mini_httpd. NOTE: This vulnerability only affects products that are no longer supported by the maintainer📖 Read
via "National Vulnerability Database".
🕴 SonicWall Confirms Zero-Day Vulnerability 🕴
📖 Read
via "Dark Reading".
The confirmation arrives as researchers with NCC Group detect a SonicWall zero-day flaw under active attack.📖 Read
via "Dark Reading".
Darkreading
SonicWall Confirms Zero-Day Vulnerability
The confirmation arrives as researchers with NCC Group detect a SonicWall zero-day flaw under active attack.
🕴 Attackers Continue to Nibble at Apple's iOS Security 🕴
📖 Read
via "Dark Reading".
For the second time in less than three months, Apple has patched vulnerabilities in the software for iPhone and iPad, warning that the issues are already being targeted by attackers.📖 Read
via "Dark Reading".
Dark Reading
Attackers Continue to Nibble at Apple's iOS Security
For the second time in less than three months, Apple has patched vulnerabilities in the software for iPhone and iPad, warning that the issues are already being targeted by attackers.
❌ Magento Web Skimmers Piggyback in Ongoing Costway Website Compromise ❌
📖 Read
via "Threat Post".
An e-commerce credit-card skimmer is being used by a second skimmer to steal payment data - and both are on Costway's website.📖 Read
via "Threat Post".
Threat Post
Magento Web Skimmers Piggyback in Ongoing Costway Website Compromise
An e-commerce credit-card skimmer is being used by a second skimmer to steal payment data - and both are on Costway's website.
❌ Tiny Kobalos Malware Bedevils Supercomputers to Steal Logins ❌
📖 Read
via "Threat Post".
The sophisticated backdoor steals SSH credentials for servers in academic and scientific high-performance computing clusters.📖 Read
via "Threat Post".
Threat Post
Tiny Kobalos Malware Bedevils Supercomputers to Steal Logins
The sophisticated backdoor steals SSH credentials for servers in academic and scientific high-performance computing clusters.
🕴 RF Enables Takeover of Hostile Drones 🕴
📖 Read
via "Dark Reading".
Tempting as it may be to blast drones out of the sky, a less aggressive approach may yield better data about attackers - and keep bystanders safe.📖 Read
via "Dark Reading".
Dark Reading
RF Enables Takeover of Hostile Drones
Tempting as it may be to blast drones out of the sky, a less aggressive approach may yield better data about attackers - and keep bystanders safe.
❌ Crypto Crook Hired Steven Seagal to Promote Scam, Now Faces Charges ❌
📖 Read
via "Threat Post".
Feds charged California-based private detective for stealing $11M from investors, with help from actor Steven Seagal.📖 Read
via "Threat Post".
Threat Post
Crypto Crook Hired Steven Seagal to Promote Scam, Now Faces Charges
Feds charged California-based private detective for stealing $11M from investors, with help from actor Steven Seagal.
‼ CVE-2019-25018 ‼
📖 Read
via "National Vulnerability Database".
In the rcp client in MIT krb5-appl through 1.0.3, malicious servers could bypass intended access restrictions via the filename of . or an empty filename, similar to CVE-2018-20685 and CVE-2019-7282. The impact is modifying the permissions of the target directory on the client side. NOTE: MIT krb5-appl is not supported upstream but is shipped by a few Linux distributions. The affected code was removed from the supported MIT Kerberos 5 (aka krb5) product many years ago, at version 1.8.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-21285 ‼
📖 Read
via "National Vulnerability Database".
In Docker before versions 9.03.15, 20.10.3 there is a vulnerability in which pulling an intentionally malformed Docker image manifest crashes the dockerd daemon. Versions 20.10.3 and 19.03.15 contain patches that prevent the daemon from crashing.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-15097 ‼
📖 Read
via "National Vulnerability Database".
loklak is an open-source server application which is able to collect messages from various sources, including twitter. The server contains a search index and a peer-to-peer index sharing interface. All messages are stored in an elasticsearch index. In loklak less than or equal to commit 5f48476, a path traversal vulnerability exists. Insufficient input validation in the APIs exposed by the loklak server allowed a directory traversal vulnerability. Any admin configuration and files readable by the app available on the hosted file system can be retrieved by the attacker. Furthermore, user-controlled content could be written to any admin config and files readable by the application. This has been patched in commit 50dd692. Users will need to upgrade their hosted instances of loklak to not be vulnerable to this exploit.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-21284 ‼
📖 Read
via "National Vulnerability Database".
In Docker before versions 9.03.15, 20.10.3 there is a vulnerability involving the --userns-remap option in which access to remapped root allows privilege escalation to real root. When using "--userns-remap", if the root user in the remapped namespace has access to the host filesystem they can modify files under "/var/lib/docker/<remapping>" that cause writing files with extended privileges. Versions 20.10.3 and 19.03.15 contain patches that prevent privilege escalation from remapped user.📖 Read
via "National Vulnerability Database".
‼ CVE-2019-25017 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in rcp in MIT krb5-appl through 1.0.3. Due to the rcp implementation being derived from 1983 rcp, the server chooses which files/directories are sent to the client. However, the rcp client only performs cursory validation of the object name returned (only directory traversal attacks are prevented). A malicious rcp server (or Man-in-The-Middle attacker) can overwrite arbitrary files in the rcp client target directory. If recursive operation (-r) is performed, the server can manipulate subdirectories as well (for example, to overwrite the .ssh/authorized_keys file). This issue is similar to CVE-2019-6111 and CVE-2019-7283. NOTE: MIT krb5-appl is not supported upstream but is shipped by a few Linux distributions. The affected code was removed from the supported MIT Kerberos 5 (aka krb5) product many years ago, at version 1.8.📖 Read
via "National Vulnerability Database".
🔏 U.S. Intelligence Community Warns About China Collecting Healthcare Data 🔏
📖 Read
via "Digital Guardian".
China's voracious collection of U.S. healthcare data, including DNA, can pose a national security risk, not to mention harm the privacy of Americans.📖 Read
via "Digital Guardian".
Digital Guardian
U.S. Intelligence Community Warns About China Collecting Healthcare Data
China's voracious collection of U.S. healthcare data, including DNA, can pose a national security risk, not to mention harm the privacy of Americans.
‼ CVE-2020-7775 ‼
📖 Read
via "National Vulnerability Database".
This affects all versions of package freediskspace. The vulnerability arises out of improper neutralization of arguments in line 71 of freediskspace.js.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-1910 ‼
📖 Read
via "National Vulnerability Database".
A missing bounds check in WhatsApp for Android prior to v2.21.1.13 and WhatsApp Business for Android prior to v2.21.1.13 could have allowed out-of-bounds read and write if a user applied specific image filters to a specially crafted image and sent the resulting image.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-21292 ‼
📖 Read
via "National Vulnerability Database".
Traccar is an open source GPS tracking system. In Traccar before version 4.12 there is an unquoted Windows binary path vulnerability. Only Windows versions are impacted. Attacker needs write access to the filesystem on the host machine. If Java path includes a space, then attacker can lift their privilege to the same as Traccar service (system). This is fixed in version 4.12.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-14255 ‼
📖 Read
via "National Vulnerability Database".
HCL Digital Experience 9.5 containers include vulnerabilities that could expose sensitive data to unauthorized parties via crafted requests. These affect containers only. These do not affect traditional on-premise installations.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-21289 ‼
📖 Read
via "National Vulnerability Database".
Mechanize is an open-source ruby library that makes automated web interaction easy. In Mechanize from version 2.0.0 and before version 2.7.7 there is a command injection vulnerability. Affected versions of mechanize allow for OS commands to be injected using several classes' methods which implicitly use Ruby's Kernel.open method. Exploitation is possible only if untrusted input is used as a local filename and passed to any of these calls: Mechanize::CookieJar#load, Mechanize::CookieJar#save_as, Mechanize#download, Mechanize::Download#save, Mechanize::File#save, and Mechanize::FileResponse#read_body. This is fixed in version 2.7.7.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-23271 ‼
📖 Read
via "National Vulnerability Database".
The TIBCO EBX Web Server component of TIBCO Software Inc.'s TIBCO EBX contains a vulnerability that theoretically allows a low privileged attacker with network access to execute a Stored Cross Site Scripting (XSS) attack on the affected system. Affected releases are TIBCO Software Inc.'s TIBCO EBX: versions 5.9.12 and below.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-28498 ‼
📖 Read
via "National Vulnerability Database".
All versions of package elliptic are vulnerable to Cryptographic Issues via the secp256k1 implementation in elliptic/ec/key.js. There is no check to confirm that the public key point passed into the derive function actually exists on the secp256k1 curve. This results in the potential for the private key used in this implementation to be revealed after a number of ECDH operations are performed.📖 Read
via "National Vulnerability Database".