βΌ CVE-2021-20199 βΌ
π Read
via "National Vulnerability Database".
Rootless containers run with Podman, receive all traffic with a source IP address of 127.0.0.1 (including from remote hosts). This impacts containerized applications that trust localhost (127.0.01) connections by default and do not require authentication. This issue affects Podman 1.8.0 onwards.π Read
via "National Vulnerability Database".
π΄ Average Ransom Payments Declined Last Quarter π΄
π Read
via "Dark Reading".
More victims appear to be realizing that paying a ransom doesn't guarantee stolen data will be purged.π Read
via "Dark Reading".
Dark Reading
Average Ransom Payments Declined Last Quarter
More victims appear to be realizing that paying a ransom doesn't guarantee stolen data will be purged.
β TrickBot Continues Resurgence with Port-Scanning Module β
π Read
via "Threat Post".
The infamous malware has incorporated the legitimate Masscan tool, which looks for open TCP/IP ports with lightning-fast results.π Read
via "Threat Post".
Threat Post
TrickBot Continues Resurgence with Port-Scanning Module
The infamous malware has incorporated the legitimate Masscan tool, which looks for open TCP/IP ports with lightning-fast results.
βΌ CVE-2020-29662 βΌ
π Read
via "National Vulnerability Database".
In Harbor 2.0 before 2.0.5 and 2.1.x before 2.1.2 the catalogΓ’β¬β’s registry API is exposed on an unauthenticated path.π Read
via "National Vulnerability Database".
βΌ CVE-2020-8734 βΌ
π Read
via "National Vulnerability Database".
Improper input validation in the firmware for Intel(R) Server Board M10JNP2SB before version 7.210 may allow a privileged user to potentially enable escalation of privilege via local access.π Read
via "National Vulnerability Database".
βΌ CVE-2021-21294 βΌ
π Read
via "National Vulnerability Database".
Http4s (http4s-blaze-server) is a minimal, idiomatic Scala interface for HTTP services. Http4s before versions 0.21.17, 0.22.0-M2, and 1.0.0-M14 have a vulnerability which can lead to a denial-of-service. Blaze-core, a library underlying http4s-blaze-server, accepts connections unboundedly on its selector pool. This has the net effect of amplifying degradation in services that are unable to handle their current request load, since incoming connections are still accepted and added to an unbounded queue. Each connection allocates a socket handle, which drains a scarce OS resource. This can also confound higher level circuit breakers which work based on detecting failed connections. http4s provides a general "MaxActiveRequests" middleware mechanism for limiting open connections, but it is enforced inside the Blaze accept loop, after the connection is accepted and the socket opened. Thus, the limit only prevents the number of connections which can be simultaneously processed, not the number of connections which can be held open. In 0.21.17, 0.22.0-M2, and 1.0.0-M14, a new "maxConnections" property, with a default value of 1024, has been added to the `BlazeServerBuilder`. Setting the value to a negative number restores unbounded behavior, but is strongly disrecommended. The NIO2 backend does not respect `maxConnections`. Its use is now deprecated in http4s-0.21, and the option is removed altogether starting in http4s-0.22. There are several possible workarounds described in the refrenced GitHub Advisory GHSA-xhv5-w9c5-2r2w.π Read
via "National Vulnerability Database".
βΌ CVE-2020-8672 βΌ
π Read
via "National Vulnerability Database".
Out of bound read in BIOS firmware for 8th, 9th Generation Intel(R) Core(TM), Intel(R) Celeron(R) Processor 4000 Series Processors may allow an unauthenticated user to potentially enable elevation of privilege or denial of service via local access.π Read
via "National Vulnerability Database".
βΌ CVE-2020-24490 βΌ
π Read
via "National Vulnerability Database".
Improper buffer restrictions in BlueZ may allow an unauthenticated user to potentially enable denial of service via adjacent access. This affects all Linux kernel versions that support BlueZ.π Read
via "National Vulnerability Database".
βΌ CVE-2021-3395 βΌ
π Read
via "National Vulnerability Database".
A cross-site scripting (XSS) vulnerability in Pryaniki 6.44.3 allows remote authenticated users to upload an arbitrary file. The JavaScript code will execute when someone visits the attachment.π Read
via "National Vulnerability Database".
βΌ CVE-2021-21293 βΌ
π Read
via "National Vulnerability Database".
blaze is a Scala library for building asynchronous pipelines, with a focus on network IO. All servers running blaze-core before version 0.14.15 are affected by a vulnerability in which unbounded connection acceptance leads to file handle exhaustion. Blaze, accepts connections unconditionally on a dedicated thread pool. This has the net effect of amplifying degradation in services that are unable to handle their current request load, since incoming connections are still accepted and added to an unbounded queue. Each connection allocates a socket handle, which drains a scarce OS resource. This can also confound higher level circuit breakers which work based on detecting failed connections. The vast majority of affected users are using it as part of http4s-blaze-server <= 0.21.16. http4s provides a mechanism for limiting open connections, but is enforced inside the Blaze accept loop, after the connection is accepted and the socket opened. Thus, the limit only prevents the number of connections which can be simultaneously processed, not the number of connections which can be held open. The issue is fixed in version 0.14.15 for "NIO1SocketServerGroup". A "maxConnections" parameter is added, with a default value of 512. Concurrent connections beyond this limit are rejected. To run unbounded, which is not recommended, set a negative number. The "NIO2SocketServerGroup" has no such setting and is now deprecated. There are several possible workarounds described in the refrenced GitHub Advisory GHSA-xmw9-q7x9-j5qc.π Read
via "National Vulnerability Database".
βΌ CVE-2020-4081 βΌ
π Read
via "National Vulnerability Database".
In Digital Experience 8.5, 9.0, and 9.5, WSRP consumer is vulnerable to cross-site scripting (XSS).π Read
via "National Vulnerability Database".
π΄ Agent Tesla Upgrades with New Delivery & Evasion Tactics π΄
π Read
via "Dark Reading".
A new version of the remote access Trojan targets Microsoft Anti-Malware Software Interface to bypass endpoint detection.π Read
via "Dark Reading".
Darkreading
Agent Tesla Upgrades with New Delivery & Evasion Tactics
A new version of the remote access Trojan targets Microsoft Anti-Malware Software Interface to bypass endpoint detection.
βΌ CVE-2021-0356 βΌ
π Read
via "National Vulnerability Database".
In netdiag, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID: ALPS05442014.π Read
via "National Vulnerability Database".
βΌ CVE-2021-0361 βΌ
π Read
via "National Vulnerability Database".
In kisd, there is a possible out of bounds read due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID: ALPS05449968.π Read
via "National Vulnerability Database".
βΌ CVE-2021-0357 βΌ
π Read
via "National Vulnerability Database".
In netdiag, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID: ALPS05442002.π Read
via "National Vulnerability Database".
βΌ CVE-2021-0352 βΌ
π Read
via "National Vulnerability Database".
In RT regmap driver, there is a possible memory corruption due to type confusion. This could lead to local denial of service with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID: ALPS05453809.π Read
via "National Vulnerability Database".
βΌ CVE-2021-0364 βΌ
π Read
via "National Vulnerability Database".
In mobile_log_d, there is a possible command injection due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID: ALPS05458478; Issue ID: ALPS05458503.π Read
via "National Vulnerability Database".
βΌ CVE-2021-0365 βΌ
π Read
via "National Vulnerability Database".
In display driver, there is a possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID: ALPS05454782.π Read
via "National Vulnerability Database".
βΌ CVE-2021-0359 βΌ
π Read
via "National Vulnerability Database".
In netdiag, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID: ALPS05442011.π Read
via "National Vulnerability Database".
βΌ CVE-2020-35152 βΌ
π Read
via "National Vulnerability Database".
Cloudflare WARP for Windows allows privilege escalation due to an unquoted service path. A malicious user or process running with non-administrative privileges can become an administrator by abusing the unquoted service path issue. Since version 1.2.2695.1, the vulnerability was fixed by adding quotes around the service's binary path. This issue affects Cloudflare WARP for Windows, versions prior to 1.2.2695.1.π Read
via "National Vulnerability Database".
βΌ CVE-2021-0354 βΌ
π Read
via "National Vulnerability Database".
In ged, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android; Versions: Android-11; Patch ID: ALPS05431161.π Read
via "National Vulnerability Database".