βΌ CVE-2021-3122 βΌ
π Read
via "National Vulnerability Database".
CMCAgent in NCR Command Center Agent 16.3 on Aloha POS/BOH servers permits the submission of a runCommand parameter (within an XML document sent to port 8089) that enables the remote, unauthenticated execution of an arbitrary command as SYSTEM, as exploited in the wild in 2020 and/or 2021. NOTE: the vendor's position is that exploitation occurs only on devices with a certain "misconfiguration."π Read
via "National Vulnerability Database".
βΌ CVE-2020-36243 βΌ
π Read
via "National Vulnerability Database".
The Patient Portal of OpenEMR 5.0.2.1 is affected by a Command Injection vulnerability in /interface/main/backup.php. To exploit the vulnerability, an authenticated attacker can send a POST request that executes arbitrary OS commands via shell metacharacters.π Read
via "National Vulnerability Database".
β Perl.com gets its domain back β normal service restored! β
π Read
via "Naked Security".
All's well that ends well.π Read
via "Naked Security".
Naked Security
Perl.com gets its domain back β normal service restored!
Allβs well that ends well.
βΌ CVE-2020-11920 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in Svakom Siime Eye 14.1.00000001.3.330.0.0.3.14. A command injection vulnerability resides in the HOST/IP section of the NFS settings menu in the webserver running on the device. By injecting Bash commands via shell metacharacters here, the device executes arbitrary code with root privileges (all of the device's services are running as root).π Read
via "National Vulnerability Database".
βΌ CVE-2020-11915 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in Svakom Siime Eye 14.1.00000001.3.330.0.0.3.14. By sending a set_params.cgi?telnetd=1&save=1&reboot=1 request to the webserver, it is possible to enable the telnet interface on the device. The telnet interface can then be used to obtain access to the device with root privileges via a reecam4debug default password. This default telnet password is the same across all Siime Eye devices. In order for the attack to be exploited, an attacker must be physically close in order to connect to the device's Wi-Fi access point.π Read
via "National Vulnerability Database".
π¦Ώ World Economic Forum calls cybersecurity one of the "key threats of the next decade" π¦Ώ
π Read
via "Tech Republic".
The Global Risks Report highlights the onslaught of cyberattacks and a failure of governments to stop them.π Read
via "Tech Republic".
TechRepublic
World Economic Forum calls cybersecurity one of the "key threats of the next decade"
The Global Risks Report highlights the onslaught of cyberattacks and a failure of governments to stop them.
π΄ Hidden Dangers of Microsoft 365's Power Automate and eDiscovery Tools π΄
π Read
via "Dark Reading".
Attackers are using legitimate enterprise tools to execute attacks and carry out malicious actions. Security teams must take action now.π Read
via "Dark Reading".
Darkreading
Hidden Dangers of Microsoft 365's Power Automate and eDiscovery Tools
Attackers are using legitimate enterprise tools to execute attacks and carry out malicious actions. Security teams must take action now.
βΌ CVE-2020-26052 βΌ
π Read
via "National Vulnerability Database".
Online Marriage Registration System 1.0 is affected by stored cross-site scripting (XSS) vulnerabilities in multiple parameters.π Read
via "National Vulnerability Database".
βΌ CVE-2020-26051 βΌ
π Read
via "National Vulnerability Database".
College Management System Php 1.0 suffers from SQL injection vulnerabilities in the index.php page from POST parameters 'unametxt' and 'pwdtxt', which are not filtered before passing a SQL query.π Read
via "National Vulnerability Database".
β WestRock Ransomware Attack Hinders Packaging Production β
π Read
via "Threat Post".
The ransomware attack, affecting OT systems, resulted in some of WestRock's facilities lagging in production levels.π Read
via "Threat Post".
Threat Post
WestRock Ransomware Attack Hinders Packaging Production
The ransomware attack, affecting OT systems, resulted in some of WestRock's facilities lagging in production levels.
π¦Ώ How much is your info worth on the Dark Web? For Americans, it's just $8 π¦Ώ
π Read
via "Tech Republic".
A Comparitech report found that Japan and the UAE have the most expensive identities available on illicit marketplaces at an average price of $25.π Read
via "Tech Republic".
TechRepublic
How much is your info worth on the Dark Web? For Americans, it's just $8
A Comparitech report found that Japan and the UAE have the most expensive identities available on illicit marketplaces at an average price of $25.
β Fake Forcepoint Google Chrome Extension Hacks Windows Users β
π Read
via "Threat Post".
In a unique attack, cybercriminals locally install an extension to manipulate data in internal web applications that the victims have access to.π Read
via "Threat Post".
Threat Post
Fake Forcepoint Google Chrome Extension Hacks Windows Users
In a unique attack, cybercriminals locally install an extension to manipulate data in internal web applications that the victims have access to.
π AIDE 0.17.2 π
π Read
via "Packet Storm Security".
AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire(tm). It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determining which files get added to the database. You can use several message digest algorithms to ensure that the files have not been tampered with.π Read
via "Packet Storm Security".
Packetstormsecurity
AIDE 0.17.2 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
βΌ CVE-2021-26825 βΌ
π Read
via "National Vulnerability Database".
An integer overflow issue exists in Godot Engine up to v3.2 that can be triggered when loading specially crafted.TGA image files. The vulnerability exists in ImageLoaderTGA::load_image() function at line: const size_t buffer_size = (tga_header.image_width * tga_header.image_height) * pixel_size; The bug leads to Dynamic stack buffer overflow. Depending on the context of the application, attack vector can be local or remote, and can lead to code execution and/or system crash.π Read
via "National Vulnerability Database".
βΌ CVE-2021-22122 βΌ
π Read
via "National Vulnerability Database".
An improper neutralization of input during web page generation in FortiWeb GUI interface 6.3.0 through 6.3.7 and version before 6.2.4 may allow an unauthenticated, remote attacker to perform a reflected cross site scripting attack (XSS) by injecting malicious payload in different vulnerable API end-points.π Read
via "National Vulnerability Database".
βΌ CVE-2020-6649 βΌ
π Read
via "National Vulnerability Database".
An insufficient session expiration vulnerability in FortiNet's FortiIsolator version 2.0.1 and below may allow an attacker to reuse the unexpired admin user session IDs to gain admin privileges, should the attacker be able to obtain that session ID (via other, hypothetical attacks)π Read
via "National Vulnerability Database".
βΌ CVE-2021-3293 βΌ
π Read
via "National Vulnerability Database".
emlog v5.3.1 has full path disclosure vulnerability in t/index.php, which allows an attacker to see the path to the webroot/file.π Read
via "National Vulnerability Database".
βΌ CVE-2021-20359 βΌ
π Read
via "National Vulnerability Database".
IBM Cloud Pak for Automation 20.0.3, 20.0.2-IF002 - Business Automation Application Designer Component stores potentially sensitive information in log files that could be obtained by an unauthorized user. IBM X-Force ID: 194966.π Read
via "National Vulnerability Database".
βΌ CVE-2020-16629 βΌ
π Read
via "National Vulnerability Database".
PhpOK 5.4.137 contains a SQL injection vulnerability that can inject an attachment data through SQL, and then call the attachment replacement function through api.php to write a PHP file to the target path.π Read
via "National Vulnerability Database".
βΌ CVE-2021-20358 βΌ
π Read
via "National Vulnerability Database".
IBM Cloud Pak for Automation 20.0.3, 20.0.2-IF002 stores potentially sensitive information in clear text in API connection log files. This information could be obtained by a user with permissions to read log files. IBM X-Force ID: 194965.π Read
via "National Vulnerability Database".
βΌ CVE-2021-26826 βΌ
π Read
via "National Vulnerability Database".
A stack overflow issue exists in Godot Engine up to v3.2 and is caused by improper boundary checks when loading .TGA image files. Depending on the context of the application, attack vector can be local or remote, and can lead to code execution and/or system crash.π Read
via "National Vulnerability Database".