βΌ CVE-2021-3050 βΌ
π Read
via "National Vulnerability Database".
An OS command injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an authenticated administrator to execute arbitrary OS commands to escalate privileges. This issue impacts: PAN-OS 9.0 version 9.0.10 through PAN-OS 9.0.14; PAN-OS 9.1 version 9.1.4 through PAN-OS 9.1.10; PAN-OS 10.0 version 10.0.7 and earlier PAN-OS 10.0 versions; PAN-OS 10.1 version 10.1.0 through PAN-OS 10.1.1. Prisma Access firewalls and firewalls running PAN-OS 8.1 versions are not impacted by this issue.π Read
via "National Vulnerability Database".
βΌ CVE-2021-3048 βΌ
π Read
via "National Vulnerability Database".
Certain invalid URL entries contained in an External Dynamic List (EDL) cause the Device Server daemon (devsrvr) to stop responding. This condition causes subsequent commits on the firewall to fail and prevents administrators from performing commits and configuration changes even though the firewall remains otherwise functional. If the firewall then restarts, it results in a denial-of-service (DoS) condition and the firewall stops processing traffic. This issue impacts: PAN-OS 9.0 versions earlier than PAN-OS 9.0.14; PAN-OS 9.1 versions earlier than PAN-OS 9.1.9; PAN-OS 10.0 versions earlier than PAN-OS 10.0.5. PAN-OS 8.1 and PAN-OS 10.1 versions are not impacted.π Read
via "National Vulnerability Database".
β NSA Watchdog Will Review Tucker Carlson Spying Claims β
π Read
via "Threat Post".
Despite a lack of evidence, the National Security Agency will investigate whether the Fox host was illegally targeted.π Read
via "Threat Post".
Threat Post
NSA Watchdog Will Review Tucker Carlson Spying Claims
Despite a lack of evidence, the National Security Agency will investigate whether the Fox host was illegally targeted.
π¦Ώ Top 5 ransomware operators by income π¦Ώ
π Read
via "Tech Republic".
Tom Merritt lists the most lucrative ransomware gangs and why they're dangerous.π Read
via "Tech Republic".
TechRepublic
Top 5 ransomware operators by income
Tom Merritt lists the most lucrative ransomware gangs and why they're dangerous.
π¦Ώ Ransomware operators by income: Top 5 π¦Ώ
π Read
via "Tech Republic".
Ransomware gangs continue because they make a lot of money. Tom Merritt talks about the five most lucrative ones.π Read
via "Tech Republic".
TechRepublic
Ransomware operators by income: Top 5
Ransomware gangs continue because they make a lot of money. Tom Merritt talks about the five most lucrative ones.
π White House Presses Agencies to Protect Critical Software π
π Read
via "".
The countdown is on for federal agencies to identify and safeguard critical software. A new White House memo gives entities one year to incorporate new security measures.π Read
via "".
βΌ CVE-2020-21976 βΌ
π Read
via "National Vulnerability Database".
An arbitrary file upload in the <input type="file" name="user_image"> component of NewsOne CMS v1.1.0 allows attackers to webshell and execute arbitrary commands.π Read
via "National Vulnerability Database".
βΌ CVE-2021-23421 βΌ
π Read
via "National Vulnerability Database".
All versions of package merge-change are vulnerable to Prototype Pollution via the utils.set function.π Read
via "National Vulnerability Database".
βΌ CVE-2021-38085 βΌ
π Read
via "National Vulnerability Database".
The Canon TR150 print driver through 3.71.2.10 is vulnerable to a privilege escalation issue. During the add printer process, a local attacker can overwrite CNMurGE.dll and, if timed properly, the overwritten DLL will be loaded into a SYSTEM process resulting in escalation of privileges. This occurs because the driver drops a world-writable DLL into a CanonBJ %PROGRAMDATA% location that gets loaded by printisolationhost (a system process).π Read
via "National Vulnerability Database".
βΌ CVE-2021-37694 βΌ
π Read
via "National Vulnerability Database".
@asyncapi/java-spring-cloud-stream-template generates a Spring Cloud Stream (SCSt) microservice. In versions prior to 0.7.0 arbitrary code injection was possible when an attacker controls the AsyncAPI document. An example is provided in GHSA-xj6r-2jpm-qvxp. There are no mitigations available and all users are advised to update.π Read
via "National Vulnerability Database".
β Accenture Confirms LockBit Ransomware Attack β
π Read
via "Threat Post".
LockBit offered Accenture's purported databases and made a requisite jab at its purportedly sad security. Accenture says it recovered just fine from backups.π Read
via "Threat Post".
Threat Post
Accenture Confirms LockBit Ransomware Attack
081321 08:42 UPDATE: Accenture sent an internal memo confirming that attackers stole client information & work materials in a July 30 "incident."
βΌ CVE-2020-21363 βΌ
π Read
via "National Vulnerability Database".
An arbitrary file deletion vulnerability exists within Maccms10.π Read
via "National Vulnerability Database".
βΌ CVE-2020-25560 βΌ
π Read
via "National Vulnerability Database".
In SapphireIMS 5.0, it is possible to use the hardcoded credential in clients (username: sapphire, password: ims) and gain access to the portal. Once the access is available, the attacker can inject malicious OS commands on Γ’β¬ΕpingΓ’β¬οΏ½, Γ’β¬ΕtracerouteΓ’β¬οΏ½ and Γ’β¬ΕsnmpΓ’β¬οΏ½ functions and execute code on the server. We also observed the same is true if the JSESSIONID is completely removed.π Read
via "National Vulnerability Database".
βΌ CVE-2021-33793 βΌ
π Read
via "National Vulnerability Database".
Foxit Reader before 10.1.4 and PhantomPDF before 10.1.4 have an out-of-bounds write because the Cross-Reference table is mishandled during Office document conversion.π Read
via "National Vulnerability Database".
βΌ CVE-2021-33791 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2021-22098 βΌ
π Read
via "National Vulnerability Database".
UAA server versions prior to 75.4.0 are vulnerable to an open redirect vulnerability. A malicious user can exploit the open redirect vulnerability by social engineering leading to take over of victimsΓ’β¬β’ accounts in certain cases along with redirection of UAA users to a malicious sites.π Read
via "National Vulnerability Database".
βΌ CVE-2020-25565 βΌ
π Read
via "National Vulnerability Database".
In SapphireIMS 5.0, it is possible to use the hardcoded credential in clients (username: sapphire, password: ims) and gain access to the portal. Once the access is available, the attacker can inject malicious OS commands on Γ’β¬ΕpingΓ’β¬οΏ½, Γ’β¬ΕtracerouteΓ’β¬οΏ½ and Γ’β¬ΕsnmpΓ’β¬οΏ½ functions and execute code on the server.π Read
via "National Vulnerability Database".
βΌ CVE-2017-16630 βΌ
π Read
via "National Vulnerability Database".
In SapphireIMS 4097_1, a guest user can create a local administrator account on any system that has SapphireIMS installed, because of an Insecure Direct Object Reference (IDOR) in the local user creation function.π Read
via "National Vulnerability Database".
βΌ CVE-2021-32438 βΌ
π Read
via "National Vulnerability Database".
The gf_media_export_filters function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.π Read
via "National Vulnerability Database".
βΌ CVE-2020-25562 βΌ
π Read
via "National Vulnerability Database".
In SapphireIMS 5.0, there is no CSRF token present in the entire application. This can lead to CSRF vulnerabilities in critical application forms like account resent.π Read
via "National Vulnerability Database".
βΌ CVE-2021-32437 βΌ
π Read
via "National Vulnerability Database".
The gf_hinter_finalize function in GPAC 1.0.1 allows attackers to cause a denial of service (NULL pointer dereference) via a crafted file in the MP4Box command.π Read
via "National Vulnerability Database".