🛡 Cybersecurity & Privacy 🛡 - News
@cibsecurity
25.8K subscribers
89.2K links
🗞 The finest daily news on cybersecurity and privacy.

🔔 Daily releases.

💻 Is your online life secure?

📩 lalilolalo.dev@gmail.com
Download Telegram
About
Blog
Apps
Platform
Join
🛡 Cybersecurity & Privacy 🛡 - News
25.8K subscribers
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2021-38536 ‼

Certain NETGEAR devices are affected by stored XSS. This affects D6200 before 1.1.00.40, D7000 before 1.0.1.78, R6020 before 1.0.0.48, R6080 before 1.0.0.48, R6120 before 1.0.0.66, R6260 before 1.1.0.78, R6700v2 before 1.2.0.76, R6800 before 1.2.0.76, R6900v2 before 1.2.0.76, R6850 before 1.1.0.78, R7200 before 1.2.0.76, R7350 before 1.2.0.76, R7400 before 1.2.0.76, R7450 before 1.2.0.76, AC2100 before 1.2.0.76, AC2400 before 1.2.0.76, AC2600 before 1.2.0.76, RAX35 before 1.0.3.62, and RAX40 before 1.0.3.62.

📖 Read

via "National Vulnerability Database".
120 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2021-38526 ‼

Certain NETGEAR devices are affected by a buffer overflow by an unauthenticated attacker. This affects RAX35 before 1.0.3.94, RAX38 before 1.0.3.94, and RAX40 before 1.0.3.94.

📖 Read

via "National Vulnerability Database".
124 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2021-38516 ‼

Certain NETGEAR devices are affected by lack of access control at the function level. This affects D6220 before 1.0.0.48, D6400 before 1.0.0.82, D7000v2 before 1.0.0.52, D7800 before 1.0.1.44, D8500 before 1.0.3.43, DC112A before 1.0.0.40, DGN2200v4 before 1.0.0.108, RBK50 before 2.3.0.32, RBR50 before 2.3.0.32, RBS50 before 2.3.0.32, RBK20 before 2.3.0.28, RBR20 before 2.3.0.28, RBS20 before 2.3.0.28, RBK40 before 2.3.0.28, RBR40 before 2.3.0.28, RBS40 before 2.3.0.28, R6020 before 1.0.0.34, R6080 before 1.0.0.34, R6120 before 1.0.0.44, R6220 before 1.1.0.80, R6230 before 1.1.0.80, R6250 before 1.0.4.34, R6260 before 1.1.0.40, R6850 before 1.1.0.40, R6350 before 1.1.0.40, R6400v2 before 1.0.2.62, R6700v3 before 1.0.2.62, R6700v2 before 1.2.0.36, R6800 before 1.2.0.36, R6900v2 before 1.2.0.36, R7000 before 1.0.9.34, R6900P before 1.3.1.44, R7000P before 1.3.1.44, R7100LG before 1.0.0.48, R7200 before 1.2.0.48, R7350 before 1.2.0.48, R7400 before 1.2.0.48, R7450 before 1.2.0.36, AC2100 before 1.2.0.36, AC2400 before 1.2.0.36, AC2600 before 1.2.0.36, R7500v2 before 1.0.3.38, R7800 before 1.0.2.58, R7900 before 1.0.3.8, R7960P before 1.4.1.44, R8000 before 1.0.4.28, R7900P before 1.4.1.30, R8000P before 1.4.1.30, R8900 before 1.0.4.2, R9000 before 1.0.4.2, RAX120 before 1.0.0.74, RBK752 before 3.2.16.6, RBR750 before 3.2.16.6, RBS750 before 3.2.16.6, RBK852 before 3.2.16.6, RBR850 before 3.2.16.6, RBS850 before 3.2.16.6, WNR3500Lv2 before 1.2.0.56, XR450 before 2.3.2.32, and XR500 before 2.3.2.32.

📖 Read

via "National Vulnerability Database".
142 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2021-38530 ‼

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This affects RBK40 before 2.5.1.16, RBR40 before 2.5.1.16, RBS40 before 2.5.1.16, RBK20 before 2.5.1.16, RBR20 before 2.5.1.16, RBS20 before 2.5.1.16, RBK50 before 2.5.1.16, RBR50 before 2.5.1.16, RBS50 before 2.5.1.16, and RBS50Y before 2.6.1.40.

📖 Read

via "National Vulnerability Database".
148 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2021-38534 ‼

Certain NETGEAR devices are affected by stored XSS. This affects D3600 before 1.0.0.76, D6000 before 1.0.0.76, D6100 before 1.0.0.60, D6200 before 1.1.00.36, D6220 before 1.0.0.52, D6400 before 1.0.0.86, D7000 before 1.0.1.70, D7000v2 before 1.0.0.53, D8500 before 1.0.3.44, DC112A before 1.0.0.42, DGN2200v4 before 1.0.0.110, DGND2200Bv4 before 1.0.0.109, DM200 before 1.0.0.61, JR6150 before 1.0.1.18, PR2000 before 1.0.0.28, R6020 before 1.0.0.42, R6050 before 1.0.1.18, R6080 before 1.0.0.42, R6220 before 1.1.0.80, R6230 before 1.1.0.80, R6250 before 1.0.4.34, R6260 before 1.1.0.64, R6300v2 before 1.0.4.34, R6400 before 1.0.1.46, R6400v2 before 1.0.2.62, R6700 before 1.0.2.6, R6700v2 before 1.2.0.36, R6700v3 before 1.0.2.62, R6800 before 1.2.0.36, R6900 before 1.0.2.4, R6900P before 1.3.1.64, R6900v2 before 1.2.0.36, R7000 before 1.0.9.60, R7000P before 1.3.1.64, R7100LG before 1.0.0.50, R7300DST before 1.0.0.70, R7450 before 1.2.0.36, R7900 before 1.0.3.8, R7900P before 1.4.1.50, R8000 before 1.0.4.28, R8000P before 1.4.1.50, R8300 before 1.0.2.130, R8500 before 1.0.2.130, WNDR3400v3 before 1.0.1.24, WNR2020 before 1.1.0.62, WNR3500Lv2 before 1.2.0.62, XR450 before 2.3.2.40, and XR500 before 2.3.2.40.

📖 Read

via "National Vulnerability Database".
224 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2021-38520 ‼

Certain NETGEAR devices are affected by command injection by an authenticated user. This affects R6400 before 1.0.1.52, R6400v2 before 1.0.4.84, R6700v3 before 1.0.4.84, R6700v2 before 1.2.0.62, R6900v2 before 1.2.0.62, and R7000P before 1.3.2.124.

📖 Read

via "National Vulnerability Database".
234 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2021-38533 ‼

NETGEAR RAX40 devices before 1.0.3.64 are affected by stored XSS.

📖 Read

via "National Vulnerability Database".
239 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2021-33595 ‼

A address bar spoofing vulnerability was discovered in Safe Browser for iOS. Showing the legitimate URL in the address bar while loading the content from other domain. This makes the user believe that the content is served by a legit domain. A remote attacker can leverage this to perform address bar spoofing attack.

📖 Read

via "National Vulnerability Database".
239 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2021-33594 ‼

An address bar spoofing vulnerability was discovered in Safe Browser for Android. When user clicks on a specially crafted a malicious URL, it appears like a legitimate one on the address bar, while the content comes from other domain and presented in a window, covering the original content. A remote attacker can leverage this to perform address bar spoofing attack.

📖 Read

via "National Vulnerability Database".
257 views
🛡 Cybersecurity & Privacy 🛡 - News
🦿 Use 2FA to secure your WordPress login 🦿

Jack Wallen shows you how to keep your Wordpress account safe with two-factor authentication.

📖 Read

via "Tech Republic".
TechRepublic
Use 2FA to secure your WordPress login
Jack Wallen shows you how to keep your Wordpress account safe with two-factor authentication.
221 views
🛡 Cybersecurity & Privacy 🛡 - News
🦿 Fake COVID vaccine card sales ramp up on Dark Web 🦿

Even as the delta variant spreads, many people would rather pay money for a phony vaccine card than get the actual shot for free, according to Check Point Research.

📖 Read

via "Tech Republic".
TechRepublic
Fake COVID vaccine card sales ramp up on Dark Web
Even as the delta variant spreads, many people would rather pay money for a phony vaccine card than get the actual shot for free, according to Check Point Research.
218 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2021-0006 ‼

Improper conditions check in firmware for Intel(R) Ethernet Adapters 800 Series Controllers and associated adapters before version 1.5.4.0 may allow a privileged user to potentially enable denial of service via local access.

📖 Read

via "National Vulnerability Database".
175 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2021-0083 ‼

Improper input validation in some Intel(R) Optane(TM) PMem versions before versions 1.2.0.5446 or 2.2.0.1547 may allow a privileged user to potentially enable denial of service via local access.

📖 Read

via "National Vulnerability Database".
166 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2021-0007 ‼

Uncaught exception in firmware for Intel(R) Ethernet Adapters 800 Series Controllers and associated adapters before version 1.5.1.0 may allow a privileged attacker to potentially enable denial of service via local access.

📖 Read

via "National Vulnerability Database".
153 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2021-0012 ‼

Use after free in some Intel(R) Graphics Driver before version 27.20.100.8336, 15.45.33.5164, and 15.40.47.5166 may allow an authenticated user to potentially enable denial of service via local access.

📖 Read

via "National Vulnerability Database".
139 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2021-0004 ‼

Improper buffer restrictions in the firmware of Intel(R) Ethernet Adapters 800 Series Controllers and associated adapters before version 1.5.3.0 may allow a privileged user to potentially enable denial of service via local access.

📖 Read

via "National Vulnerability Database".
130 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2021-32939 ‼

FATEK Automation FvDesigner, Versions 1.5.88 and prior is vulnerable to an out-of-bounds write while processing project files, allowing an attacker to craft a project file that may permit arbitrary code execution.

📖 Read

via "National Vulnerability Database".
125 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2021-32931 ‼

An uninitialized pointer in FATEK Automation FvDesigner, Versions 1.5.88 and prior may be exploited while the application is processing project files, allowing an attacker to craft a special project file that may permit arbitrary code execution.

📖 Read

via "National Vulnerability Database".
123 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2021-32947 ‼

FATEK Automation FvDesigner, Versions 1.5.88 and prior is vulnerable to a stack-based buffer overflow, which may allow an attacker to execute arbitrary code.

📖 Read

via "National Vulnerability Database".
117 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2021-0002 ‼

Improper conditions check in some Intel(R) Ethernet Controllers 800 series Linux drivers before version 1.4.11 may allow an authenticated user to potentially enable information disclosure or denial of service via local access.

📖 Read

via "National Vulnerability Database".
114 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2021-0084 ‼

Improper input validation in the Intel(R) Ethernet Controllers X722 and 800 series Linux RMDA driver before version 1.3.19 may allow an authenticated user to potentially enable escalation of privilege via local access.

📖 Read

via "National Vulnerability Database".
104 views