βΌ CVE-2021-38205 βΌ
π Read
via "National Vulnerability Database".
drivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before 5.13.3 makes it easier for attackers to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real IOMEM pointer).π Read
via "National Vulnerability Database".
βΌ CVE-2021-38207 βΌ
π Read
via "National Vulnerability Database".
drivers/net/ethernet/xilinx/ll_temac_main.c in the Linux kernel before 5.12.13 allows remote attackers to cause a denial of service (buffer overflow and lockup) by sending heavy network traffic for about ten minutes.π Read
via "National Vulnerability Database".
βΌ CVE-2021-38198 βΌ
π Read
via "National Vulnerability Database".
arch/x86/kvm/mmu/paging_tmpl.h in the Linux kernel before 5.12.11 incorrectly computes the access permissions of a shadow page, leading to a missing guest protection page fault.π Read
via "National Vulnerability Database".
βΌ CVE-2021-38206 βΌ
π Read
via "National Vulnerability Database".
The mac80211 subsystem in the Linux kernel before 5.12.13, when a device supporting only 5 GHz is used, allows attackers to cause a denial of service (NULL pointer dereference in the radiotap parser) by injecting a frame with 802.11a rates.π Read
via "National Vulnerability Database".
βΌ CVE-2021-38201 βΌ
π Read
via "National Vulnerability Database".
net/sunrpc/xdr.c in the Linux kernel before 5.13.4 allows remote attackers to cause a denial of service (xdr_set_page_base slab-out-of-bounds access) by performing many NFS 4.2 READ_PLUS operations.π Read
via "National Vulnerability Database".
βΌ CVE-2021-38209 βΌ
π Read
via "National Vulnerability Database".
net/netfilter/nf_conntrack_standalone.c in the Linux kernel before 5.12.2 allows observation of changes in any net namespace because these changes are leaked into all other net namespaces. This is related to the NF_SYSCTL_CT_MAX, NF_SYSCTL_CT_EXPECT_MAX, and NF_SYSCTL_CT_BUCKETS sysctls.π Read
via "National Vulnerability Database".
βΌ CVE-2021-38208 βΌ
π Read
via "National Vulnerability Database".
net/nfc/llcp_sock.c in the Linux kernel before 5.12.10 allows local unprivileged users to cause a denial of service (NULL pointer dereference and BUG) by making a getsockname call after a certain type of failure of a bind call.π Read
via "National Vulnerability Database".
βΌ CVE-2021-38204 βΌ
π Read
via "National Vulnerability Database".
drivers/usb/host/max3421-hcd.c in the Linux kernel before 5.13.6 allows physically proximate attackers to cause a denial of service (use-after-free and panic) by removing a MAX-3421 USB device in certain situations.π Read
via "National Vulnerability Database".
βΌ CVE-2021-38200 βΌ
π Read
via "National Vulnerability Database".
arch/powerpc/perf/core-book3s.c in the Linux kernel before 5.12.13, on systems with perf_event_paranoid=-1 and no specific PMU driver support registered, allows local users to cause a denial of service (perf_instruction_pointer NULL pointer dereference and OOPS) via a "perf record" command.π Read
via "National Vulnerability Database".
βΌ CVE-2021-38202 βΌ
π Read
via "National Vulnerability Database".
fs/nfsd/trace.h in the Linux kernel before 5.13.4 might allow remote attackers to cause a denial of service (out-of-bounds read in strlen) by sending NFS traffic when the trace event framework is being used for nfsd.π Read
via "National Vulnerability Database".
βΌ CVE-2021-38203 βΌ
π Read
via "National Vulnerability Database".
btrfs in the Linux kernel before 5.13.4 allows attackers to cause a denial of service (deadlock) via processes that trigger allocation of new system chunks during times when there is a shortage of free space in the system space_info.π Read
via "National Vulnerability Database".
β Cutting Through the Noise from Daily Alerts β
π Read
via "Threat Post".
The biggest challenge for security teams today is the quality of the threat intelligence platforms and feeds. How much of the intel is garbage and unusable? Threat intelligence process itself spans and feeds into many external and internal systems and applications. Without actionable data, it is impossible to understand the relevance and potential impact of a threat. Learn how Threat Intelligence management plays a role to help prioritize and act fast.π Read
via "Threat Post".
Threat Post
Cutting Through the Noise from Daily Alerts
Learn how Palo Alto Networks Cortex XSOAR Threat Intelligence Management Helps Prioritize and Act on Threat Intelligence.
βΌ CVE-2021-34660 βΌ
π Read
via "National Vulnerability Database".
The WP Fusion Lite WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the startdate parameter found in the ~/includes/admin/logging/class-log-table-list.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 3.37.18.π Read
via "National Vulnerability Database".
βΌ CVE-2021-37788 βΌ
π Read
via "National Vulnerability Database".
A vulnerability in the web UI of Gurock TestRail v5.3.0.3603 could allow an unauthenticated, remote attacker to affect the integrity of a device via a clickjacking attack. The vulnerability is due to insufficient input validation of iFrame data in HTTP requests that are sent to an affected device. An attacker could exploit this vulnerability by sending crafted HTTP packets with malicious iFrame data. A successful exploit could allow the attacker to perform a clickjacking attack where the user is tricked into clicking a malicious link.π Read
via "National Vulnerability Database".
βΌ CVE-2021-34661 βΌ
π Read
via "National Vulnerability Database".
The WP Fusion Lite WordPress plugin is vulnerable to Cross-Site Request Forgery via the `show_logs_section` function found in the ~/includes/admin/logging/class-log-handler.php file which allows attackers to drop all logs for the plugin, in versions up to and including 3.37.18.π Read
via "National Vulnerability Database".
βΌ CVE-2021-36798 βΌ
π Read
via "National Vulnerability Database".
A Denial-of-Service (DoS) vulnerability was discovered in Team Server in HelpSystems Cobalt Strike 4.2 and 4.3. It allows remote attackers to crash the C2 server thread and block beacons' communication with it.π Read
via "National Vulnerability Database".
βΌ CVE-2021-22910 βΌ
π Read
via "National Vulnerability Database".
A sanitization vulnerability exists in Rocket.Chat server versions <3.13.2, <3.12.4, <3.11.4 that allowed queries to an endpoint which could result in a NoSQL injection, potentially leading to RCE.π Read
via "National Vulnerability Database".
βΌ CVE-2021-37573 βΌ
π Read
via "National Vulnerability Database".
A reflected cross-site scripting (XSS) vulnerability in the web server TTiny Java Web Server and Servlet Container (TJWS) <=1.115 allows an adversary to inject malicious code on the server's "404 Page not Found" error pageπ Read
via "National Vulnerability Database".
π Nmap Port Scanner 7.92 π
π Read
via "Packet Storm Security".
Nmap is a utility for port scanning large networks, although it works fine for single hosts. Sometimes you need speed, other times you may need stealth. In some cases, bypassing firewalls may be required. Not to mention the fact that you may want to scan different protocols (UDP, TCP, ICMP, etc.). Nmap supports Vanilla TCP connect() scanning, TCP SYN (half open) scanning, TCP FIN, Xmas, or NULL (stealth) scanning, TCP ftp proxy (bounce attack) scanning, SYN/FIN scanning using IP fragments (bypasses some packet filters), TCP ACK and Window scanning, UDP raw ICMP port unreachable scanning, ICMP scanning (ping-sweep), TCP Ping scanning, Direct (non portmapper) RPC scanning, Remote OS Identification by TCP/IP Fingerprinting, and Reverse-ident scanning. Nmap also supports a number of performance and reliability features such as dynamic delay time calculations, packet timeout and retransmission, parallel port scanning, detection of down hosts via parallel pings.π Read
via "Packet Storm Security".
Packetstormsecurity
Nmap Port Scanner 7.92 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
β Android Malware βFlyTrapβ Hijacks Facebook Accounts β
π Read
via "Threat Post".
Coupon codes for Netlifx or Google AdWords? Voting for the best football team? Beware: Malicious apps offering such come-ons could inflict a new trojan.π Read
via "Threat Post".
Threat Post
Android Malware βFlyTrapβ Hijacks Facebook Accounts
Coupon codes for Netlifx or Google AdWords? Voting for the best football team? Beware: Malicious apps offering such come-ons could inflict a new trojan.
βΌ CVE-2021-33256 βΌ
π Read
via "National Vulnerability Database".
A CSV injection vulnerability on the login panel of ManageEngine ADSelfService Plus Version: 6.1 Build No: 6101 can be exploited by an unauthenticated user. The j_username parameter seems to be vulnerable and a reverse shell could be obtained if a privileged user exports "User Attempts Audit Report" as CSV file.π Read
via "National Vulnerability Database".