βΌ CVE-2021-3144 βΌ
π Read
via "National Vulnerability Database".
In SaltStack Salt before 3002.5, eauth tokens can be used once after expiration. (They might be used to run command against the salt master or minions.)π Read
via "National Vulnerability Database".
βΌ CVE-2020-28972 βΌ
π Read
via "National Vulnerability Database".
In SaltStack Salt before 3002.5, authentication to VMware vcenter, vsphere, and esxi servers (in the vmware.py files) does not always validate the SSL/TLS certificate.π Read
via "National Vulnerability Database".
βΌ CVE-2021-25284 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in through SaltStack Salt before 3002.5. salt.modules.cmdmod can log credentials to the info or error log level.π Read
via "National Vulnerability Database".
βΌ CVE-2021-27225 βΌ
π Read
via "National Vulnerability Database".
In Dataiku DSS before 8.0.6, insufficient access control in the Jupyter notebooks integration allows users (who have coding permissions) to read and overwrite notebooks in projects that they are not authorized to access.π Read
via "National Vulnerability Database".
βΌ CVE-2021-25329 βΌ
π Read
via "National Vulnerability Database".
The fix for CVE-2020-9484 was incomplete. When using Apache Tomcat 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41, 8.5.0 to 8.5.61 or 7.0.0. to 7.0.107 with a configuration edge case that was highly unlikely to be used, the Tomcat instance was still vulnerable to CVE-2020-9494. Note that both the previously published prerequisites for CVE-2020-9484 and the previously published mitigations for CVE-2020-9484 also apply to this issue.π Read
via "National Vulnerability Database".
βΌ CVE-2021-25122 βΌ
π Read
via "National Vulnerability Database".
When responding to new h2c connection requests, Apache Tomcat versions 10.0.0-M1 to 10.0.0, 9.0.0.M1 to 9.0.41 and 8.5.0 to 8.5.61 could duplicate request headers and a limited amount of request body from one request to another meaning user A and user B could both see the results of user A's request.π Read
via "National Vulnerability Database".
π΄ How Criminals Job Hunt on the Dark Web π΄
π Read
via "Dark Reading".
How's your 'Probiv'? How about customer service? Here's how Dark Web forums connect cybercriminals looking for talent with those looking for work -- and which skills are hot right now.π Read
via "Dark Reading".
Dark Reading
Cybercrime 'Help Wanted': Job Hunting on the Dark Web
How's your 'Probiv'? How about customer service? Here's how Dark Web forums connect cybercriminals looking for talent with those looking for work -- and which skills are hot right now.
π΄ Building a Next-Generation SOC Starts With Holistic Operations π΄
π Read
via "Dark Reading".
The proper template for a modernized SOC team is one that operates seamlessly across domains with a singular, end-to-end view.π Read
via "Dark Reading".
Dark Reading
Building a Next-Generation SOC Starts With Holistic Operations
The proper template for a modernized SOC team is one that operates seamlessly across domains with a singular, end-to-end view.
β Naked Security Live β Beware copyright scams β
π Read
via "Naked Security".
Here's the latest Naked Security Live talk - watch now!π Read
via "Naked Security".
Naked Security
Naked Security Live β Beware copyright scams
Hereβs the latest Naked Security Live talk β watch now!
β Firewall Vendor Patches Critical Auth Bypass Flaw β
π Read
via "Threat Post".
Cybersecurity firm Genua fixes a critical flaw in its GenuGate High Resistance Firewall, allowing attackers to log in as root users.π Read
via "Threat Post".
Threat Post
Firewall Vendor Patches Critical Auth Bypass Flaw
Cybersecurity firm Genua fixes a critical flaw in its GenuGate High Resistance Firewall, allowing attackers to log in as root users.
π American Fuzzy Lop plus plus 3.10c π
π Read
via "Packet Storm Security".
Google's American Fuzzy Lop is a brute-force fuzzer coupled with an exceedingly simple but rock-solid instrumentation-guided genetic algorithm. afl++ is a superior fork to Google's afl. It has more speed, more and better mutations, more and better instrumentation, custom module support, etc.π Read
via "Packet Storm Security".
Packetstormsecurity
American Fuzzy Lop plus plus 3.10c β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π Faraday 3.14.2 π
π Read
via "Packet Storm Security".
Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.π Read
via "Packet Storm Security".
Packetstormsecurity
Faraday 3.14.2 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π΄ MSP Provider Builds Red Team as Attackers Target Industry π΄
π Read
via "Dark Reading".
NinjaRMM, which provides tools for managed service providers, aims to create a red team capability following years of attacks against MSPs.π Read
via "Dark Reading".
βΌ CVE-2021-25829 βΌ
π Read
via "National Vulnerability Database".
An improper binary stream data handling issue was found in the [core] module of ONLYOFFICE DocumentServer v4.0.0-9-v5.6.3. Using this bug, an attacker is able to produce a denial of service attack that can eventually shut down the target server.π Read
via "National Vulnerability Database".
βΌ CVE-2021-25833 βΌ
π Read
via "National Vulnerability Database".
A file extension handling issue was found in [server] module of ONLYOFFICE DocumentServer v4.2.0.71-v5.6.0.21. The file extension is controlled by an attacker through the request data and leads to arbitrary file overwriting. Using this vulnerability, a remote attacker can obtain remote code execution on DocumentServer.π Read
via "National Vulnerability Database".
βΌ CVE-2021-25831 βΌ
π Read
via "National Vulnerability Database".
A file extension handling issue was found in [core] module of ONLYOFFICE DocumentServer v4.0.0-9-v5.6.3. An attacker must request the conversion of the crafted file from PPTT into PPTX format. Using the chain of two other bugs related to improper string handling, a remote attacker can obtain remote code execution on DocumentServer.π Read
via "National Vulnerability Database".
βΌ CVE-2020-7929 βΌ
π Read
via "National Vulnerability Database".
A user authorized to perform database queries may trigger denial of service by issuing specially crafted query contain a type of regex. This issue affects: MongoDB Inc. MongoDB Server v3.6 versions prior to 3.6.21 and MongoDB Server v4.0 versions prior to 4.0.20.π Read
via "National Vulnerability Database".
βΌ CVE-2021-25832 βΌ
π Read
via "National Vulnerability Database".
A heap buffer overflow vulnerability inside of BMP image processing was found at [core] module of ONLYOFFICE DocumentServer v4.0.0-9-v6.0.0. Using this vulnerability, an attacker is able to gain remote code executions on DocumentServer.π Read
via "National Vulnerability Database".
βΌ CVE-2020-9479 βΌ
π Read
via "National Vulnerability Database".
When loading a UDF, a specially crafted zip file could allow files to be placed outside of the UDF deployment directory. This issue affected Apache AsterixDB unreleased builds between commits 580b81aa5e8888b8e1b0620521a1c9680e54df73 and 28c0ee84f1387ab5d0659e9e822f4e3923ddc22d. Note: this CVE may be REJECTed as the issue did not affect any released versions of Apache AsterixDBπ Read
via "National Vulnerability Database".
βΌ CVE-2021-25830 βΌ
π Read
via "National Vulnerability Database".
A file extension handling issue was found in [core] module of ONLYOFFICE DocumentServer v4.2.0.236-v5.6.4.13. An attacker must request the conversion of the crafted file from DOCT into DOCX format. Using the chain of two other bugs related to improper string handling, an attacker can achieve remote code execution on DocumentServer.π Read
via "National Vulnerability Database".
βΌ CVE-2018-25004 βΌ
π Read
via "National Vulnerability Database".
A user authorized to performing a specific type of query may trigger a denial of service by issuing a generic explain command on a find query. This issue affects: MongoDB Inc. MongoDB Server v4.0 versions prior to 4.0.6; MongoDB Server v3.6 versions prior to 3.6.11.π Read
via "National Vulnerability Database".