βΌ CVE-2021-29081 βΌ
π Read
via "National Vulnerability Database".
Certain NETGEAR devices are affected by a stack-based buffer overflow by an unauthenticated attacker. This affects RBW30 before 2.6.2.2, RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, RBK753 before 3.2.17.12, RBK753S before 3.2.17.12, RBK754 before 3.2.17.12, RBR750 before 3.2.17.12, and RBS750 before 3.2.17.12.π Read
via "National Vulnerability Database".
βΌ CVE-2021-29069 βΌ
π Read
via "National Vulnerability Database".
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects XR450 before 2.3.2.114, XR500 before 2.3.2.114, and WNR2000v5 before 1.0.0.76.π Read
via "National Vulnerability Database".
βΌ CVE-2021-29066 βΌ
π Read
via "National Vulnerability Database".
Certain NETGEAR devices are affected by authentication bypass. This affects RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.π Read
via "National Vulnerability Database".
βΌ CVE-2021-29070 βΌ
π Read
via "National Vulnerability Database".
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.π Read
via "National Vulnerability Database".
βΌ CVE-2021-29065 βΌ
π Read
via "National Vulnerability Database".
NETGEAR RBR850 devices before 3.2.10.11 are affected by authentication bypass.π Read
via "National Vulnerability Database".
βΌ CVE-2021-29073 βΌ
π Read
via "National Vulnerability Database".
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects R8000P before 1.4.1.66, MK62 before 1.0.6.110, MR60 before 1.0.6.110, MS60 before 1.0.6.110, R7960P before 1.4.1.66, R7900P before 1.4.1.66, RAX15 before 1.0.2.82, RAX20 before 1.0.2.82, RAX45 before 1.0.2.72, RAX50 before 1.0.2.72, RAX75 before 1.0.3.106, RAX80 before 1.0.3.106, and RAX200 before 1.0.3.106.π Read
via "National Vulnerability Database".
βΌ CVE-2021-29072 βΌ
π Read
via "National Vulnerability Database".
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12, RBR850 before 3.2.17.12, and RBS850 before 3.2.17.12.π Read
via "National Vulnerability Database".
βΌ CVE-2021-29074 βΌ
π Read
via "National Vulnerability Database".
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects RBW30 before 2.6.2.2, RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, RBK753 before 3.2.17.12, RBK753S before 3.2.17.12, RBK754 before 3.2.17.12, RBR750 before 3.2.17.12, and RBS750 before 3.2.17.12.π Read
via "National Vulnerability Database".
βΌ CVE-2021-29078 βΌ
π Read
via "National Vulnerability Database".
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK852 before 3.2.17.12, RBK853 before 3.2.17.12, RBK854 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, RBK753 before 3.2.17.12, RBK753S before 3.2.17.12, RBK754 before 3.2.17.12, RBR750 before 3.2.17.12, and RBS750 before 3.2.17.12.π Read
via "National Vulnerability Database".
βΌ CVE-2021-29075 βΌ
π Read
via "National Vulnerability Database".
Certain NETGEAR devices are affected by a stack-based buffer overflow by an authenticated user. This affects RBW30 before 2.6.2.2, RBK852 before 3.2.17.12, RBK852 before 3.2.17.12, RBK852 before 3.2.17.12, RBR850 before 3.2.17.12, RBS850 before 3.2.17.12, RBK752 before 3.2.17.12, RBK753 before 3.2.17.12, RBK753S before 3.2.17.12, RBK754 before 3.2.17.12, RBR750 before 3.2.17.12, and RBS750 before 3.2.17.12.π Read
via "National Vulnerability Database".
π¦Ώ Phony COVID-19 vaccine certificates are now selling on the Dark Web π¦Ώ
π Read
via "Tech Republic".
With most of the world still not vaccinated against COVID-19, criminals are hawking fake vaccine documents, says Check Point Research.π Read
via "Tech Republic".
TechRepublic
Phony COVID-19 vaccine certificates are now selling on the Dark Web
With most of the world still not vaccinated against COVID-19, criminals are hawking fake vaccine documents, says Check Point Research.
β Energy Giant Shell Is Latest Victim of Accellion Attacks β
π Read
via "Threat Post".
Attackers accessed personal and business data from the companyβs legacy file-transfer service in a recent data-security incident but core IT systems remained untouched.π Read
via "Threat Post".
Threat Post
Energy Giant Shell Is Latest Victim of Accellion Attacks
Attackers accessed personal and business data from the companyβs legacy file-transfer service in a recent data-security incident but core IT systems remained untouched.
π΄ Cartoon Caption Winner: In Hot Water π΄
π Read
via "Dark Reading".
And the winner of The Edge's March cartoon caption contest is ...π Read
via "Dark Reading".
Dark Reading
Cartoon Caption Winner: In Hot Water
And the winner of The Edge's March cartoon caption contest is ...
π¦Ώ How remote working still poses security risks for organizations π¦Ώ
π Read
via "Tech Republic".
A year after the transition to remote working, many organizations continue to grapple with security issues and weaknesses, says PC Matic.π Read
via "Tech Republic".
TechRepublic
How remote working still poses security risks for organizations
A year after the transition to remote working, many organizations continue to grapple with security issues and weaknesses, says PC Matic.
βΌ CVE-2021-27529 βΌ
π Read
via "National Vulnerability Database".
A cross-site scripting (XSS) vulnerability in DynPG version 4.9.2 allows remote attackers to inject JavaScript via the "limit" parameter.π Read
via "National Vulnerability Database".
βΌ CVE-2021-27531 βΌ
π Read
via "National Vulnerability Database".
A cross-site scripting (XSS) vulnerability in DynPG version 4.9.2 allows remote attackers to inject JavaScript via the "query" parameter.π Read
via "National Vulnerability Database".
βΌ CVE-2021-27527 βΌ
π Read
via "National Vulnerability Database".
A cross-site scripting (XSS) vulnerability in DynPG version 4.9.2 allows remote attackers to inject JavaScript via the "valueID" parameter.π Read
via "National Vulnerability Database".
βΌ CVE-2021-27309 βΌ
π Read
via "National Vulnerability Database".
Clansphere CMS 2011.4 allows unauthenticated reflected XSS via "module" parameter.π Read
via "National Vulnerability Database".
βΌ CVE-2021-27528 βΌ
π Read
via "National Vulnerability Database".
A cross-site scripting (XSS) vulnerability in DynPG version 4.9.2 allows remote attackers to inject JavaScript via the "refID" parameter.π Read
via "National Vulnerability Database".
βΌ CVE-2021-27969 βΌ
π Read
via "National Vulnerability Database".
Dolphin CMS 7.4.2 is vulnerable to stored XSS via the Page Builder "width" parameter.π Read
via "National Vulnerability Database".
βΌ CVE-2021-27530 βΌ
π Read
via "National Vulnerability Database".
A cross-site scripting (XSS) vulnerability in DynPG version 4.9.2 allow remote attacker to inject javascript via URI in /index.php.π Read
via "National Vulnerability Database".