‼ CVE-2021-29971 ‼
📖 Read
via "National Vulnerability Database".
If a user had granted a permission to a webpage and saved that grant, any webpage running on the same host - irrespective of scheme or port - would be granted that permission. *This bug only affects Firefox for Android. Other operating systems are unaffected.*. This vulnerability affects Firefox < 90.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-34638 ‼
📖 Read
via "National Vulnerability Database".
Authenticated Directory Traversal in WordPress Download Manager <= 3.1.24 allows authenticated (Contributor+) users to obtain sensitive configuration file information, as well as allowing Author+ users to perform XSS attacks, by setting Download template to a file containing configuration information or an uploaded JavaScript with an image extension This issue affects: WordPress Download Manager version 3.1.24 and prior versions.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-34631 ‼
📖 Read
via "National Vulnerability Database".
The NewsPlugin WordPress plugin is vulnerable to Cross-Site Request Forgery via the handle_save_style function found in the ~/news-plugin.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.0.18.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-29972 ‼
📖 Read
via "National Vulnerability Database".
A use-after-free vulnerability was found via testing, and traced to an out-of-date Cairo library. Updating the library resolved the issue, and may have remediated other, unknown security vulnerabilities as well. This vulnerability affects Firefox < 90.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-3566 ‼
📖 Read
via "National Vulnerability Database".
Prior to ffmpeg version 4.3, the tty demuxer did not have a 'read_probe' function assigned to it. By crafting a legitimate "ffconcat" file that references an image, followed by a file the triggers the tty demuxer, the contents of the second file will be copied into the output file verbatim (as long as the `-vcodec copy` option is passed to ffmpeg).📖 Read
via "National Vulnerability Database".
‼ CVE-2021-3591 ‼
📖 Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-3580 ‼
📖 Read
via "National Vulnerability Database".
A flaw was found in the way nettle's RSA decryption functions handled specially crafted ciphertext. An attacker could use this flaw to provide a manipulated ciphertext leading to application crash and denial of service.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-3679 ‼
📖 Read
via "National Vulnerability Database".
A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-29976 ‼
📖 Read
via "National Vulnerability Database".
Mozilla developers reported memory safety bugs present in code shared between Firefox and Thunderbird. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 78.12, Firefox ESR < 78.12, and Firefox < 90.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-3642 ‼
📖 Read
via "National Vulnerability Database".
A flaw was found in Wildfly Elytron where ScramServer may be susceptible to Timing Attack if enabled. The highest threat of this vulnerability is confidentiality. This flaw affectes Wildfly Elytron versions prior to 1.10.14.Final, prior to 1.15.5.Final and prior to 1.16.1.Final.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-29970 ‼
📖 Read
via "National Vulnerability Database".
A malicious webpage could have triggered a use-after-free, memory corruption, and a potentially exploitable crash. *This bug could only be triggered when accessibility was enabled.*. This vulnerability affects Thunderbird < 78.12, Firefox ESR < 78.12, and Firefox < 90.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-35307 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Bento4 through v1.6.0-636. A NULL pointer dereference exists in the AP4_DescriptorFinder::Test component located in /Core/Ap4Descriptor.h. It allows an attacker to cause a denial of service (DOS).📖 Read
via "National Vulnerability Database".
‼ CVE-2021-35325 ‼
📖 Read
via "National Vulnerability Database".
A stack overflow in the checkLoginUser function of TOTOLINK A720R A720R_Firmware v4.1.5cu.470_B20200911 allows attackers to cause a denial of service (DOS).📖 Read
via "National Vulnerability Database".
‼ CVE-2021-3682 ‼
📖 Read
via "National Vulnerability Database".
A flaw was found in the USB redirector device emulation of QEMU in versions prior to 6.1.0-rc2. It occurs when dropping packets during a bulk transfer from a SPICE client due to the packet queue being full. A malicious SPICE client could use this flaw to make QEMU call free() with faked heap chunk metadata, resulting in a crash of QEMU or potential code execution with the privileges of the QEMU process on the host.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-35324 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability in the Form_Login function of TOTOLINK A720R A720R_Firmware V4.1.5cu.470_B20200911 allows attackers to bypass authentication.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-34639 ‼
📖 Read
via "National Vulnerability Database".
Authenticated File Upload in WordPress Download Manager <= 3.1.24 allows authenticated (Author+) users to upload files with a double extension, e.g. "payload.php.png" which is executable in some configurations. This issue affects: WordPress Download Manager version 3.1.24 and prior versions.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-32577 ‼
📖 Read
via "National Vulnerability Database".
Acronis True Image prior to 2021 Update 5 for Windows allowed local privilege escalation due to insecure folder permissions.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-36584 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in GPAC 1.0.1. There is a heap-based buffer overflow in the function gp_rtp_builder_do_tx3g function in ietf/rtp_pck_3gpp.c, as demonstrated by MP4Box. This can cause a denial of service (DOS).📖 Read
via "National Vulnerability Database".
‼ CVE-2021-37156 ‼
📖 Read
via "National Vulnerability Database".
Redmine 4.2.0 and 4.2.1 allow existing user sessions to continue upon enabling two-factor authentication for the user's account, but the intended behavior is for those sessions to be terminated.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-32581 ‼
📖 Read
via "National Vulnerability Database".
Acronis True Image prior to 2021 Update 4 for Windows, Acronis True Image prior to 2021 Update 5 for Mac, Acronis Agent prior to build 26653, Acronis Cyber Protect prior to build 27009 did not implement SSL certificate validation.📖 Read
via "National Vulnerability Database".
❌ Black Hat: New CISA Head Woos Crowd With Public-Private Task Force ❌
📖 Read
via "Threat Post".
Day two Black Hat keynote by CISA Director Jen Easterly includes launch of private-public partnership with Amazon, Google and Microsoft to fight cybercrime.📖 Read
via "Threat Post".
Threat Post
Black Hat: New CISA Head Woos Crowd With Public-Private Task Force
Day two Black Hat keynote by CISA director includes launch of private-public partnership with Amazon, Google and Microsoft to fight cybercrime.