βΌ CVE-2021-20349 βΌ
π Read
via "National Vulnerability Database".
IBM Tivoli Workload Scheduler 9.4 and 9.5 is vulnerable to a stack-based buffer overflow, caused by improper bounds checking. A local attacker could overflow a buffer and gain lower level privileges. IBM X-Force ID: 194599.π Read
via "National Vulnerability Database".
π¦Ώ Ransomware demands and payments reach new highs π¦Ώ
π Read
via "Tech Republic".
As cybercriminals have become more aggressive, the average ransom payment in the first half of 2021 jumped to $570,000, up 82% from 2020, says Palo Alto Networks' Unit 42.π Read
via "Tech Republic".
TechRepublic
Ransomware demands and payments reach new highs
As cybercriminals have become more aggressive, the average ransom payment in the first half of 2021 jumped to $570,000, up 82% from 2020, says Palo Alto Networks' Unit 42.
π Router Firmware Vulnerability Bypasses Authentication π
π Read
via "".
A vulnerability found in some routers and modems could make the devices vulnerable to authentication bypass and in turn, allow attackers access to sensitive information.π Read
via "".
Digital Guardian
Router Firmware Vulnerability Bypasses Authentication
A vulnerability found in some routers and modems could make the devices vulnerable to authentication bypass and in turn, allow attackers access to sensitive information.
β Auth Bypass Bug Exploited, Affecting Millions of Routers β
π Read
via "Threat Post".
A mere three days after disclosure, cyberattackers are hijacking home routers from 20 vendors & ISPs to add them to a Mirai-variant botnet used for carrying out DDoS attacks.π Read
via "Threat Post".
Threat Post
Auth Bypass Bug Exploited, Affecting Millions of Routers
Three days after disclosure, cyberattackers are taking over home routers from 20 vendors and ISPs in order to add them to a Mirai-variant botnet used for carrying out DDoS attacks.
β Black Hat: Scaling Automated Disinformation for Misery and Profit β
π Read
via "Threat Post".
Researchers demonstrated the power deep neural networks enlisted to create a bot army with the firepower to shape public opinion and spark QAnon 2.0.π Read
via "Threat Post".
Threat Post
Black Hat: Scaling Automated Disinformation for Misery and Profit
Researchers demonstrated the power deep neural networks enlisted to create a bot army with the firepower to shape public opinion and spark QAnon 2.0.
βΌ CVE-2021-36276 βΌ
π Read
via "National Vulnerability Database".
Dell DBUtilDrv2.sys driver (versions 2.5 and 2.6) contains an insufficient access control vulnerability which may lead to escalation of privileges, denial of service, or information disclosure. Local authenticated user access is required.π Read
via "National Vulnerability Database".
βΌ CVE-2021-38305 βΌ
π Read
via "National Vulnerability Database".
23andMe Yamale before 3.0.8 allows remote attackers to execute arbitrary code via a crafted schema file. The schema parser uses eval as part of its processing, and tries to protect from malicious expressions by limiting the builtins that are passed to the eval. When processing the schema, each line is run through Python's eval function to make the validator available. A well-constructed string within the schema rules can execute system commands; thus, by exploiting the vulnerability, an attacker can run arbitrary code on the image that invokes Yamale.π Read
via "National Vulnerability Database".
βΌ CVE-2021-32798 βΌ
π Read
via "National Vulnerability Database".
The Jupyter notebook is a web-based notebook environment for interactive computing. In affected versions untrusted notebook can execute code on load. Jupyter Notebook uses a deprecated version of Google Caja to sanitize user inputs. A public Caja bypass can be used to trigger an XSS when a victim opens a malicious ipynb document in Jupyter Notebook. The XSS allows an attacker to execute arbitrary code on the victim computer using Jupyter APIs.π Read
via "National Vulnerability Database".
βΌ CVE-2021-37633 βΌ
π Read
via "National Vulnerability Database".
Discourse is an open source discussion platform. In versions prior to 2.7.8 rendering of d-popover tooltips can be susceptible to XSS attacks. This vulnerability only affects sites which have modified or disabled Discourse's default Content Security Policy. This issue is patched in the latest `stable` 2.7.8 version of Discourse. As a workaround users may ensure that the Content Security Policy is enabled, and has not been modified in a way which would make it more vulnerable to XSS attacks.π Read
via "National Vulnerability Database".
βΌ CVE-2021-21564 βΌ
π Read
via "National Vulnerability Database".
Dell OpenManage Enterprise versions prior to 3.6.1 contain an improper authentication vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability to hijack an elevated session or perform unauthorized actions by sending malformed data.π Read
via "National Vulnerability Database".
βΌ CVE-2021-21585 βΌ
π Read
via "National Vulnerability Database".
Dell OpenManage Enterprise versions prior to 3.6.1 contain an OS command injection vulnerability in RACADM and IPMI tools. A remote authenticated malicious user with high privileges may potentially exploit this vulnerability to execute arbitrary OS commands.π Read
via "National Vulnerability Database".
βΌ CVE-2021-34335 βΌ
π Read
via "National Vulnerability Database".
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A floating point exception (FPE) due to an integer divide by zero was found in Exiv2 versions v0.27.4 and earlier. The FPE is triggered when Exiv2 is used to print the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service, if they can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered when printing the interpreted (translated) data, which is a less frequently used Exiv2 operation that requires an extra command line option (`-p t` or `-P t`). The bug is fixed in version v0.27.5.π Read
via "National Vulnerability Database".
βΌ CVE-2021-21584 βΌ
π Read
via "National Vulnerability Database".
Dell OpenManage Enterprise version 3.5 and OpenManage Enterprise-Modular version 1.30.00 contain an information disclosure vulnerability. An authenticated low privileged attacker may potentially exploit this vulnerability leading to disclosure of the OIDC server credentials.π Read
via "National Vulnerability Database".
βΌ CVE-2021-37615 βΌ
π Read
via "National Vulnerability Database".
Exiv2 is a command-line utility and C++ library for reading, writing, deleting, and modifying the metadata of image files. A null pointer dereference was found in Exiv2 versions v0.27.4 and earlier. The null pointer dereference is triggered when Exiv2 is used to print the metadata of a crafted image file. An attacker could potentially exploit the vulnerability to cause a denial of service, if they can trick the victim into running Exiv2 on a crafted image file. Note that this bug is only triggered when printing the interpreted (translated) data, which is a less frequently used Exiv2 operation that requires an extra command line option (`-p t` or `-P t`). The bug is fixed in version v0.27.5.π Read
via "National Vulnerability Database".
βΌ CVE-2021-21596 βΌ
π Read
via "National Vulnerability Database".
Dell OpenManage Enterprise versions 3.4 through 3.6.1 and Dell OpenManage Enterprise Modular versions 1.20.00 through 1.30.00, contain a remote code execution vulnerability. A malicious attacker with access to the immediate subnet may potentially exploit this vulnerability leading to information disclosure and a possible elevation of privileges.π Read
via "National Vulnerability Database".
βΌ CVE-2021-36277 βΌ
π Read
via "National Vulnerability Database".
Dell Command Update, Dell Update, and Alienware Update versions prior to 4.3 contains a Improper Certificate Verification vulnerability. A local authenticated malicious user could exploit this vulnerability by modifying local configuration files in order to execute arbitrary code on the system.π Read
via "National Vulnerability Database".
βΌ CVE-2021-37634 βΌ
π Read
via "National Vulnerability Database".
Leafkit is a templating language with Swift-inspired syntax. Versions prior to 1.3.0 are susceptible to Cross-site Scripting (XSS) attacks. This affects anyone passing unsanitised data to Leaf's variable tags. Before this fix, Leaf would not escape any strings passed to tags as variables. If an attacker managed to find a variable that was rendered with their unsanitised data, they could inject scripts into a generated Leaf page, which could enable XSS attacks if other mitigations such as a Content Security Policy were not enabled. This has been patched in 1.3.0. As a workaround sanitize any untrusted input before passing it to Leaf and enable a CSP to block inline script and CSS data.π Read
via "National Vulnerability Database".
βΌ CVE-2021-32797 βΌ
π Read
via "National Vulnerability Database".
JupyterLab is a user interface for Project Jupyter which will eventually replace the classic Jupyter Notebook. In affected versions untrusted notebook can execute code on load. In particular JupyterLab doesnΓ’β¬β’t sanitize the action attribute of html `<form>`. Using this it is possible to trigger the form validation outside of the form itself. This is a remote code execution, but requires user action to open a notebook.π Read
via "National Vulnerability Database".
βΌ CVE-2020-23149 βΌ
π Read
via "National Vulnerability Database".
The dbName parameter in ajaxDbInstall.php of rConfig 3.9.5 is unsanitized, allowing attackers to perform a SQL injection and access sensitive database information.π Read
via "National Vulnerability Database".
βΌ CVE-2020-24741 βΌ
π Read
via "National Vulnerability Database".
An issue has been fixed in Qt versions 5.14.1 and 5.12.7 where QLibrary attempts to load plugins relative to the working directory, allowing attackers to execute arbitrary code via crafted files.π Read
via "National Vulnerability Database".
βΌ CVE-2021-38311 βΌ
π Read
via "National Vulnerability Database".
In Contiki 3.0, potential nonterminating acknowledgment loops exist in the Telnet service. When the negotiated options are already disabled, servers still respond to DONT and WONT requests with WONT or DONT commands, which may lead to infinite acknowledgment loops, denial of service, and excessive CPU consumption.π Read
via "National Vulnerability Database".