βΌ CVE-2021-28211 βΌ
π Read
via "National Vulnerability Database".
A heap overflow in LzmaUefiDecompressGetInfo function in EDK II.π Read
via "National Vulnerability Database".
βΌ CVE-2017-3905 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none.π Read
via "National Vulnerability Database".
β REvil Hits US Nuclear Weapons Contractor: Report β
π Read
via "Threat Post".
"We hereby keep a right (sic) to forward all of the relevant documentation and data to military agencies of our choise (sic)" REvil reportedly wrote.π Read
via "Threat Post".
Threat Post
REvil Hits US Nuclear Weapons Contractor: Report
"We hereby keep a right (sic) to forward all of the relevant documentation and data to military agencies of our choise (sic)" REvil reportedly wrote.
β Baby Clothes Giant Carterβs Leaks 410K Customer Records β
π Read
via "Threat Post".
Purchase automation software delivered shortened URLs without protections.π Read
via "Threat Post".
Threat Post
Baby Clothes Giant Carterβs Leaks 410K Customer Records
Purchase automation software delivered shortened URLs without protections.
βΌ CVE-2021-22753 βΌ
π Read
via "National Vulnerability Database".
A CWE-125: Out-of-bounds read vulnerability exists inIGSS Definition (Def.exe) V15.0.0.21140 and prior that could result in loss of data or remote code execution due to missing length checks, when a malicious WSP file is being parsed by IGSS Definition.π Read
via "National Vulnerability Database".
βΌ CVE-2021-22915 βΌ
π Read
via "National Vulnerability Database".
Nextcloud server before 19.0.11, 20.0.10, 21.0.2 is vulnerable to brute force attacks due to lack of inclusion of IPv6 subnets in rate-limiting considerations. This could potentially result in an attacker bypassing rate-limit controls such as the Nextcloud brute-force protection.π Read
via "National Vulnerability Database".
βΌ CVE-2021-0491 βΌ
π Read
via "National Vulnerability Database".
In memory management driver, there is a possible escalation of privilege due to a missing permission check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android SoCAndroid ID: A-183461315π Read
via "National Vulnerability Database".
βΌ CVE-2021-23204 βΌ
π Read
via "National Vulnerability Database".
Exposure of Sensitive Information to an Unauthorized Actor vulnerability in Gallagher Command Centre Server allows OSDP key material to be exposed to Command Centre Operators. This issue affects: Gallagher Command Centre 8.40 versions prior to 8.40.1888 (MR3); 8.30 versions prior to 8.30.1359 (MR3).π Read
via "National Vulnerability Database".
π΄ McDonald's Data Breach Exposed Business & Customer Data π΄
π Read
via "Dark Reading".
An investigation has revealed company data has been breached in the United States, South Korea, and Taiwan.π Read
via "Dark Reading".
Dark Reading
McDonald's Data Breach Exposed Business & Customer Data
An investigation has revealed company data has been breached in the United States, South Korea, and Taiwan.
βΌ CVE-2021-27200 βΌ
π Read
via "National Vulnerability Database".
In WoWonder 3.0.4, remote attackers can take over any account due to the weak cryptographic algorithm in recover.php. The code parameter is easily predicted from the time of day.π Read
via "National Vulnerability Database".
π΄ Trickbot Investigation Shows Details of Massive Cybercrime Effort π΄
π Read
via "Dark Reading".
Nearly a score of cybercriminals allegedly worked together to create the Trickbot malware and deploy it against more than a million users, an unsealed indictment claims.π Read
via "Dark Reading".
Dark Reading
Trickbot Investigation Shows Details of Massive Cybercrime Effort
Nearly a score of cybercriminals allegedly worked together to create the Trickbot malware and deploy it against more than a million users, an unsealed indictment claims.
β Unpatched Bugs Found Lurking in Provisioning Platform Used with Cisco UC β
π Read
via "Threat Post".
A trio of security flaws open the door to remote-code execution and a malware tsunami.π Read
via "Threat Post".
Threat Post
Unpatched Bugs Found Lurking in Provisioning Platform Used with Cisco UC
A trio of security flaws open the door to remote-code execution and a malware tsunami.
π¦Ώ McDonald's suffers cyberattack in US, South Korea and Taiwan π¦Ώ
π Read
via "Tech Republic".
The restaurant chain reportedly said no U.S. customer data was exposed and the attack did not involve ransomware.π Read
via "Tech Republic".
TechRepublic
McDonald's suffers cyberattack in US, South Korea and Taiwan
The restaurant chain reportedly said no U.S. customer data was exposed and the attack did not involve ransomware.
βΌ CVE-2017-5730 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2017-5755 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2017-3918 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2017-3913 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2017-3919 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2017-5690 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2021-34679 βΌ
π Read
via "National Vulnerability Database".
Thycotic Password Reset Server before 5.3.0 allows credential disclosure.π Read
via "National Vulnerability Database".
βΌ CVE-2017-5765 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2017. Notes: none.π Read
via "National Vulnerability Database".