βΌ CVE-2021-33256 βΌ
π Read
via "National Vulnerability Database".
A CSV injection vulnerability on the login panel of ManageEngine ADSelfService Plus Version: 6.1 Build No: 6101 can be exploited by an unauthenticated user. The j_username parameter seems to be vulnerable and a reverse shell could be obtained if a privileged user exports "User Attempts Audit Report" as CSV file.π Read
via "National Vulnerability Database".
βΌ CVE-2021-21740 βΌ
π Read
via "National Vulnerability Database".
There is an information leak vulnerability in the digital media player (DMS) of ZTE's residential gateway product. The attacker could insert the USB disk with the symbolic link into the residential gateway, and access unauthorized directory information through the symbolic link, causing information leak.π Read
via "National Vulnerability Database".
βΌ CVE-2021-25954 βΌ
π Read
via "National Vulnerability Database".
In ΓΒ’Γ’βΒ¬Γ
βDolibarrΓΒ’Γ’βΒ¬? application, 2.8.1 to 13.0.4 donΓΒ’Γ’β¬ÒβΒ’t restrict or incorrectly restricts access to a resource from an unauthorized actor. A low privileged attacker can modify the Private Note which only an administrator has rights to do, the affected field is at ΓΒ’Γ’βΒ¬Γ
β/adherents/note.php?id=1ΓΒ’Γ’βΒ¬? endpoint.π Read
via "National Vulnerability Database".
βΌ CVE-2021-29714 βΌ
π Read
via "National Vulnerability Database".
IBM Content Navigator 3.0.CD could allow a malicious user to cause a denial of service due to improper input validation. IBM X-Force ID: 200968.π Read
via "National Vulnerability Database".
βΌ CVE-2021-20349 βΌ
π Read
via "National Vulnerability Database".
IBM Tivoli Workload Scheduler 9.4 and 9.5 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and gain lower level privileges. IBM X-Force ID: 194599.π Read
via "National Vulnerability Database".
π¦Ώ Ransomware demands and payments reach new highs π¦Ώ
π Read
via "Tech Republic".
As cybercriminals have become more aggressive, the average ransom payment in the first half of 2021 jumped to $570,000, up 82% from 2020, says Palo Alto Networks' Unit 42.π Read
via "Tech Republic".
TechRepublic
Ransomware demands and payments reach new highs
As cybercriminals have become more aggressive, the average ransom payment in the first half of 2021 jumped to $570,000, up 82% from 2020, says Palo Alto Networks' Unit 42.
π Router Firmware Vulnerability Bypasses Authentication π
π Read
via "".
A vulnerability found in some routers and modems could make the devices vulnerable to authentication bypass and in turn, allow attackers access to sensitive information.π Read
via "".
Digital Guardian
Router Firmware Vulnerability Bypasses Authentication
A vulnerability found in some routers and modems could make the devices vulnerable to authentication bypass and in turn, allow attackers access to sensitive information.
β Auth Bypass Bug Exploited, Affecting Millions of Routers β
π Read
via "Threat Post".
A mere three days after disclosure, cyberattackers are hijacking home routers from 20 vendors & ISPs to add them to a Mirai-variant botnet used for carrying out DDoS attacks.π Read
via "Threat Post".
Threat Post
Auth Bypass Bug Exploited, Affecting Millions of Routers
Three days after disclosure, cyberattackers are taking over home routers from 20 vendors and ISPs in order to add them to a Mirai-variant botnet used for carrying out DDoS attacks.
β Black Hat: Scaling Automated Disinformation for Misery and Profit β
π Read
via "Threat Post".
Researchers demonstrated the power deep neural networks enlisted to create a bot army with the firepower to shape public opinion and spark QAnon 2.0.π Read
via "Threat Post".
Threat Post
Black Hat: Scaling Automated Disinformation for Misery and Profit
Researchers demonstrated the power deep neural networks enlisted to create a bot army with the firepower to shape public opinion and spark QAnon 2.0.
βΌ CVE-2021-36276 βΌ
π Read
via "National Vulnerability Database".
Dell DBUtilDrv2.sys driver (versions 2.5 and 2.6) contains an insufficient access control vulnerability which may lead to escalation of privileges, denial of service, or information disclosure. Local authenticated user access is required.π Read
via "National Vulnerability Database".
βΌ CVE-2021-38305 βΌ
π Read
via "National Vulnerability Database".
23andMe Yamale before 3.0.8 allows remote attackers to execute arbitrary code via a crafted schema file. The schema parser uses eval as part of its processing, and tries to protect from malicious expressions by limiting the builtins that are passed to the eval. When processing the schema, each line is run through Python's eval function to make the validator available. A well-constructed string within the schema rules can execute system commands; thus, by exploiting the vulnerability, an attacker can run arbitrary code on the image that invokes Yamale.π Read
via "National Vulnerability Database".
βΌ CVE-2021-32798 βΌ
π Read
via "National Vulnerability Database".
The Jupyter notebook is a web-based notebook environment for interactive computing. In affected versions untrusted notebook can execute code on load. Jupyter Notebook uses a deprecated version of Google Caja to sanitize user inputs. A public Caja bypass can be used to trigger an XSS when a victim opens a malicious ipynb document in Jupyter Notebook. The XSS allows an attacker to execute arbitrary code on the victim computer using Jupyter APIs.π Read
via "National Vulnerability Database".
βΌ CVE-2021-37633 βΌ
π Read
via "National Vulnerability Database".
Discourse is an open source discussion platform. In versions prior to 2.7.8 rendering of d-popover tooltips can be susceptible to XSS attacks. This vulnerability only affects sites which have modified or disabled Discourse's default Content Security Policy. This issue is patched in the latest `stable` 2.7.8 version of Discourse. As a workaround users may ensure that the Content Security Policy is enabled, and has not been modified in a way which would make it more vulnerable to XSS attacks.π Read
via "National Vulnerability Database".
βΌ CVE-2021-21564 βΌ
π Read
via "National Vulnerability Database".
Dell OpenManage Enterprise versions prior to 3.6.1 contain an improper authentication vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to hijack an elevated session or perform unauthorized actions by sending malformed data.π Read
via "National Vulnerability Database".
βΌ CVE-2021-21585 βΌ
π Read
via "National Vulnerability Database".
Dell OpenManage Enterprise versions prior to 3.6.1 contain an OS command injection vulnerability in RACADM and IPMI tools. A remote authenticated malicious user with high privileges may potentially exploit this vulnerability to execute arbitrary OS commands.π Read
via "National Vulnerability Database".
βΌ CVE-2021-34335 βΌ
π Read
via "National Vulnerability Database".
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A floating point exception (FPE) due to an integer divide by zero was found in Exiv2 versions v0.27.4 and earlier. The FPE is triggered when Exiv2 is used to print the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service, if they can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered when printing the interpreted (translated) data, which is a less frequently used Exiv2 operation that requires an extra command line option (`-p t` or `-P t`). The bug is fixed in version v0.27.5.π Read
via "National Vulnerability Database".
βΌ CVE-2021-21584 βΌ
π Read
via "National Vulnerability Database".
Dell OpenManage Enterprise version 3.5 and OpenManage Enterprise-Modular version 1.30.00 contain an information disclosure vulnerability. An authenticated low privileged attacker may potentially exploit this vulnerability leading to disclosure of the OIDC server credentials.π Read
via "National Vulnerability Database".
βΌ CVE-2021-37615 βΌ
π Read
via "National Vulnerability Database".
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A null pointer dereference was found in Exiv2 versions v0.27.4 and earlier. The null pointer dereference is triggered when Exiv2 is used to print the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service, if they can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered when printing the interpreted (translated) data, which is a less frequently used Exiv2 operation that requires an extra command line option (`-p t` or `-P t`). The bug is fixed in version v0.27.5.π Read
via "National Vulnerability Database".
βΌ CVE-2021-21596 βΌ
π Read
via "National Vulnerability Database".
Dell OpenManage Enterprise versions 3.4 through 3.6.1 and Dell OpenManage Enterprise Modular versions 1.20.00 through 1.30.00, contain a remote code execution vulnerability. A malicious attacker with access to the immediate subnet may potentially exploit this vulnerability leading to information disclosure and a possible elevation of privileges.π Read
via "National Vulnerability Database".
βΌ CVE-2021-36277 βΌ
π Read
via "National Vulnerability Database".
Dell Command Update, Dell Update, and Alienware Update versions prior to 4.3 contains a Improper Certificate Verification vulnerability. A local authenticated malicious user could exploit this vulnerability by modifying local configuration files in order to execute arbitrary code on the system.π Read
via "National Vulnerability Database".
βΌ CVE-2021-37634 βΌ
π Read
via "National Vulnerability Database".
Leafkit is a templating language with Swift-inspired syntax. Versions prior to 1.3.0 are susceptible to Cross-site Scripting (XSS) attacks. This affects anyone passing unsanitised data to Leaf's variable tags. Before this fix, Leaf would not escape any strings passed to tags as variables. If an attacker managed to find a variable that was rendered with their unsanitised data, they could inject scripts into a generated Leaf page, which could enable XSS attacks if other mitigations such as a Content Security Policy were not enabled. This has been patched in 1.3.0. As a workaround sanitize any untrusted input before passing it to Leaf and enable a CSP to block inline script and CSS data.π Read
via "National Vulnerability Database".