🦿 6 enterprise security software options to keep your organization safe 🦿
📖 Read
via "Tech Republic".
Enterprise security software is essential to protecting company data, personnel, and customers. Learn about some of the popular options available for your organization.📖 Read
via "Tech Republic".
TechRepublic
6 enterprise security software options to keep your organization safe
Enterprise security software is essential to protecting company data, personnel, and customers. Learn about some of the popular options available for your organization.
🛠Mandos Encrypted File System Unattended Reboot Utility 1.8.14 ðŸ›
📖 Read
via "Packet Storm Security".
The Mandos system allows computers to have encrypted root file systems and at the same time be capable of remote or unattended reboots. The computers run a small client program in the initial RAM disk environment which will communicate with a server over a network. All network communication is encrypted using TLS. The clients are identified by the server using an OpenPGP key that is unique to each client. The server sends the clients an encrypted password. The encrypted password is decrypted by the clients using the same OpenPGP key, and the password is then used to unlock the root file system.📖 Read
via "Packet Storm Security".
Packetstormsecurity
Mandos Encrypted File System Unattended Reboot Utility 1.8.14 ≈ Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
‼ CVE-2020-35481 ‼
📖 Read
via "National Vulnerability Database".
SolarWinds Serv-U before 15.2.2 allows Unauthenticated Macro Injection.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-25760 ‼
📖 Read
via "National Vulnerability Database".
In JetBrains Hub before 2020.1.12669, information disclosure via the public API was possible.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-2507 ‼
📖 Read
via "National Vulnerability Database".
The vulnerability have been reported to affect earlier versions of QTS. If exploited, this improper access control vulnerability could allow attackers to obtain control of a QNAP device. This issue affects: QNAP Systems Inc. Helpdesk versions prior to 3.0.3.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-25778 ‼
📖 Read
via "National Vulnerability Database".
In JetBrains TeamCity before 2020.2.1, permissions during user deletion were checked improperly.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-25756 ‼
📖 Read
via "National Vulnerability Database".
In JetBrains IntelliJ IDEA before 2020.2, HTTP links were used for several remote repositories instead of HTTPS.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-25769 ‼
📖 Read
via "National Vulnerability Database".
In JetBrains YouTrack before 2020.4.6808, the YouTrack administrator wasn't able to access attachments.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-25772 ‼
📖 Read
via "National Vulnerability Database".
In JetBrains TeamCity before 2020.2.2, TeamCity server DoS was possible via server integration.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-25758 ‼
📖 Read
via "National Vulnerability Database".
In JetBrains IntelliJ IDEA before 2020.3, potentially insecure deserialization of the workspace model could lead to code execution.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-25757 ‼
📖 Read
via "National Vulnerability Database".
In JetBrains Hub before 2020.1.12629, an open redirect was possible.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-25768 ‼
📖 Read
via "National Vulnerability Database".
In JetBrains YouTrack before 2020.4.4701, permissions for attachments actions were checked improperly.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-27994 ‼
📖 Read
via "National Vulnerability Database".
SolarWinds Serv-U before 15.2.2 allows Authenticated Directory Traversal.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-35482 ‼
📖 Read
via "National Vulnerability Database".
SolarWinds Serv-U before 15.2.2 allows authenticated reflected XSS.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-25765 ‼
📖 Read
via "National Vulnerability Database".
In JetBrains YouTrack before 2020.4.4701, CSRF via attachment upload was possible.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-27222 ‼
📖 Read
via "National Vulnerability Database".
In Eclipse Californium version 2.3.0 to 2.6.0, the certificate based (x509 and RPK) DTLS handshakes accidentally fails, because it sticks to a wrong internal state. That wrong internal state is set by a previous certificate based DTLS handshakes failure with TLS parameter mismatch. The server must be restarted to recover this. This allow clients to force a DoS.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-25763 ‼
📖 Read
via "National Vulnerability Database".
In JetBrains Ktor before 1.4.2, weak cipher suites were enabled by default.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-25761 ‼
📖 Read
via "National Vulnerability Database".
In JetBrains Ktor before 1.5.0, a birthday attack on SessionStorage key was possible.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-25208 ‼
📖 Read
via "National Vulnerability Database".
In JetBrains YouTrack before 2020.4.4701, an attacker could enumerate users via the REST API without appropriate permissions.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-28653 ‼
📖 Read
via "National Vulnerability Database".
Zoho ManageEngine OpManager Stable build before 125203 (and Released build before 125233) allows Remote Code Execution via the Smart Update Manager (SUM) servlet.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-2506 ‼
📖 Read
via "National Vulnerability Database".
The vulnerability have been reported to affect earlier versions of QTS. If exploited, this improper access control vulnerability could allow attackers to obtain control of a QNAP device. This issue affects: QNAP Systems Inc. Helpdesk versions prior to 3.0.3.📖 Read
via "National Vulnerability Database".