βΌ CVE-2021-20255 βΌ
π Read
via "National Vulnerability Database".
A stack overflow via an infinite recursion vulnerability was found in the eepro100 i8255x device emulator of QEMU. This issue occurs while processing controller commands due to a DMA reentry issue. This flaw allows a guest user or process to consume CPU cycles or crash the QEMU process on the host, resulting in a denial of service. The highest threat from this vulnerability is to system availability.π Read
via "National Vulnerability Database".
βΌ CVE-2021-20245 βΌ
π Read
via "National Vulnerability Database".
A flaw was found in ImageMagick in coders/webp.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability.π Read
via "National Vulnerability Database".
βΌ CVE-2021-21295 βΌ
π Read
via "National Vulnerability Database".
Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In Netty (io.netty:netty-codec-http2) before version 4.1.60.Final there is a vulnerability that enables request smuggling. If a Content-Length header is present in the original HTTP/2 request, the field is not validated by `Http2MultiplexHandler` as it is propagated up. This is fine as long as the request is not proxied through as HTTP/1.1. If the request comes in as an HTTP/2 stream, gets converted into the HTTP/1.1 domain objects (`HttpRequest`, `HttpContent`, etc.) via `Http2StreamFrameToHttpObjectCodec `and then sent up to the child channel's pipeline and proxied through a remote peer as HTTP/1.1 this may result in request smuggling. In a proxy case, users may assume the content-length is validated somehow, which is not the case. If the request is forwarded to a backend channel that is a HTTP/1.1 connection, the Content-Length now has meaning and needs to be checked. An attacker can smuggle requests inside the body as it gets downgraded from HTTP/2 to HTTP/1.1. For an example attack refer to the linked GitHub Advisory. Users are only affected if all of this is true: `HTTP2MultiplexCodec` or `Http2FrameCodec` is used, `Http2StreamFrameToHttpObjectCodec` is used to convert to HTTP/1.1 objects, and these HTTP/1.1 objects are forwarded to another remote peer. This has been patched in 4.1.60.Final As a workaround, the user can do the validation by themselves by implementing a custom `ChannelInboundHandler` that is put in the `ChannelPipeline` behind `Http2StreamFrameToHttpObjectCodec`.π Read
via "National Vulnerability Database".
βΌ CVE-2021-3411 βΌ
π Read
via "National Vulnerability Database".
A flaw was found in the Linux kernel in versions prior to 5.10. A violation of memory access was found while detecting a padding of int3 in the linking state. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.π Read
via "National Vulnerability Database".
βΌ CVE-2021-23352 βΌ
π Read
via "National Vulnerability Database".
This affects the package madge before 4.0.1. It is possible to specify a custom Graphviz path via the graphVizPath option parameter which when the .image(), .svg() or .dot() functions are called, is executed by the childprocess.exec function.π Read
via "National Vulnerability Database".
βΌ CVE-2020-35521 βΌ
π Read
via "National Vulnerability Database".
A flaw was found in libtiff. Due to a memory allocation failure in tif_read.c, a crafted TIFF file can lead to an abort, resulting in denial of service.π Read
via "National Vulnerability Database".
βΌ CVE-2021-20244 βΌ
π Read
via "National Vulnerability Database".
A flaw was found in ImageMagick in MagickCore/visual-effects.c. An attacker who submits a crafted file that is processed by ImageMagick could trigger undefined behavior in the form of math division by zero. The highest threat from this vulnerability is to system availability.π Read
via "National Vulnerability Database".
π΄ Microsoft Patch Tuesday Fixes 82 CVEs, Internet Explorer Zero-Day π΄
π Read
via "Dark Reading".
The monthly rollout follows last week's emergency Microsoft Exchange Server patch covering seven CVEs, four of which are under attack.π Read
via "Dark Reading".
Dark Reading
Vulnerabilities & Threats recent news | Dark Reading
Explore the latest news and expert commentary on Vulnerabilities & Threats, brought to you by the editors of Dark Reading
β Microsoft Patch Tuesday Updates Fix 14 Critical Bugs β
π Read
via "Threat Post".
Microsoft's regularly scheduled March Patch Tuesday updates address 89 CVEs overall.π Read
via "Threat Post".
Threat Post
Microsoft Patch Tuesday Updates Fix 14 Critical Bugs
Microsoft's regularly scheduled March Patch Tuesday updates address 89 CVEs overall.
β Dark Web Markets for Stolen Data See Banner Sales β
π Read
via "Threat Post".
Despite an explosion in the sheer amount of stolen data available on the Dark Web, the value of personal information is holding steady, according to the 2021 Dark Web price index from Privacy Affairs. That leaves these thriving dirty data dealers in a familiar predicament β they need to lock down their growing businesses for [β¦]π Read
via "Threat Post".
Threat Post
Dark Web Markets for Stolen Data See Banner Sales
Despite an explosion in the sheer amount of stolen data available on the Dark Web, the value of personal information is holding steady, according to the 2021 Dark Web price index from Privacy Affairs. That leaves these thriving dirty data dealers in a familiarβ¦
π¦Ώ How to enable Android's Password Checkup feature π¦Ώ
π Read
via "Tech Republic".
Google has released a new password checker for Android. Find out how to enable and use this security feature on your Android device.π Read
via "Tech Republic".
TechRepublic
How to enable Android's Password Checkup feature
Google has released a new password checker for Android. Find out how to enable and use this security feature on your Android device.
βΌ CVE-2021-23273 βΌ
π Read
via "National Vulnerability Database".
The Spotfire client component of TIBCO Software Inc.'s TIBCO Spotfire Analyst, TIBCO Spotfire Analytics Platform for AWS Marketplace, TIBCO Spotfire Desktop, and TIBCO Spotfire Server contains a vulnerability that theoretically allows a low privileged attacker with network access to execute a stored Cross Site Scripting (XSS) attack on the affected system. A successful attack using this vulnerability requires human interaction from a person other than the attacker. Affected releases are TIBCO Software Inc.'s TIBCO Spotfire Analyst: versions 10.3.3 and below, versions 10.10.0, 10.10.1, and 10.10.2, versions 10.7.0, 10.8.0, 10.9.0, 11.0.0, and 11.1.0, TIBCO Spotfire Analytics Platform for AWS Marketplace: versions 11.1.0 and below, TIBCO Spotfire Desktop: versions 10.3.3 and below, versions 10.10.0, 10.10.1, and 10.10.2, versions 10.7.0, 10.8.0, 10.9.0, 11.0.0, and 11.1.0, and TIBCO Spotfire Server: versions 10.3.11 and below, versions 10.10.0, 10.10.1, 10.10.2, and 10.10.3, versions 10.7.0, 10.8.0, 10.8.1, 10.9.0, 11.0.0, and 11.1.0.π Read
via "National Vulnerability Database".
βΌ CVE-2021-28115 βΌ
π Read
via "National Vulnerability Database".
The OUGC Feedback plugin before 1.8.23 for MyBB allows XSS via the comment field of feedback during an edit operation.π Read
via "National Vulnerability Database".
βΌ CVE-2021-28116 βΌ
π Read
via "National Vulnerability Database".
Squid through 4.14 and 5.x through 5.0.5, in some configurations, allows information disclosure because of an out-of-bounds read in WCCP protocol data. This can be leveraged as part of a chain for remote code execution as nobody.π Read
via "National Vulnerability Database".
β Appleβs Device Location-Tracking System Could Expose User Identities β
π Read
via "Threat Post".
Researchers have identified two vulnerabilities in the companyβs crowd-sourced Offline Finding technology that could jeopardize its promise of privacy.π Read
via "Threat Post".
Threat Post
Appleβs Device Location-Tracking System Could Expose User Identities
Researchers have identified two vulnerabilities in the companyβs crowd-sourced Offline Finding technology that could jeopardize its promise of privacy.
βΌ CVE-2021-28119 βΌ
π Read
via "National Vulnerability Database".
Twinkle Tray (aka twinkle-tray) through 1.13.3 allows remote command execution. A remote attacker may send a crafted IPC message to the exposed vulnerable ipcRenderer IPC interface, which invokes the dangerous openExternal API.π Read
via "National Vulnerability Database".
βΌ CVE-2021-3310 βΌ
π Read
via "National Vulnerability Database".
Western Digital My Cloud OS 5 devices before 5.10.122 mishandle Symbolic Link Following on SMB and AFP shares. This can lead to code execution and information disclosure (by reading local files).π Read
via "National Vulnerability Database".
βΌ CVE-2020-29238 βΌ
π Read
via "National Vulnerability Database".
An integer buffer overflow in the Nginx webserver of ExpressVPN Router version 1 allows remote attackers to obtain sensitive information when the server running as reverse proxy via specially crafted request.π Read
via "National Vulnerability Database".
β Serious Security: Webshells explained in the aftermath of HAFNIUM attacks β
π Read
via "Naked Security".
Webshells explained, with some (safe) examples you can try at home if you want to learn more.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
π¦Ώ How your remote employees may be sharing sensitive data π¦Ώ
π Read
via "Tech Republic".
A majority of employees said they share sensitive information through messaging and collaboration tools, says Veritas.π Read
via "Tech Republic".
TechRepublic
How your remote employees may be sharing sensitive data
A majority of employees said they share sensitive information through messaging and collaboration tools, says Veritas.
β Breach Exposes Verkada Security Camera Footage at Tesla, Cloudflare β
π Read
via "Threat Post".
Surveillance footage from companies such as Tesla as well as hospitals, prisons, police departments and schools was accessed in the hack.π Read
via "Threat Post".
Threat Post
Breach Exposes Verkada Security Camera Footage at Tesla, Cloudflare
Surveillance footage from companies such as Tesla as well as hospitals, prisons, police departments and schools was accessed in the hack.