βΌ CVE-2021-38612 βΌ
π Read
via "National Vulnerability Database".
In NASCENT RemKon Device Manager 4.0.0.0, a Directory Traversal vulnerability in a log-reading function in maintenance/readLog.php allows an attacker to read any file via a specialized URL.π Read
via "National Vulnerability Database".
βΌ CVE-2021-38306 βΌ
π Read
via "National Vulnerability Database".
Network Attached Storage on LG N1T1*** 10124 devices allows an unauthenticated attacker to gain root access via OS command injection in the en/ajp/plugins/access.ssh/checkInstall.php destServer parameter.π Read
via "National Vulnerability Database".
βΌ CVE-2021-38557 βΌ
π Read
via "National Vulnerability Database".
raspap-webgui in RaspAP 2.6.6 allows attackers to execute commands as root because of the insecure sudoers permissions. The www-data account can execute /etc/raspap/hostapd/enablelog.sh as root with no password; however, the www-data account can also overwrite /etc/raspap/hostapd/enablelog.sh with any executable content.π Read
via "National Vulnerability Database".
βΌ CVE-2021-38556 βΌ
π Read
via "National Vulnerability Database".
includes/configure_client.php in RaspAP 2.6.6 allows attackers to execute commands via command injection.π Read
via "National Vulnerability Database".
βΌ CVE-2021-26040 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in Joomla! 4.0.0. The media manager does not correctly check the user's permissions before executing a file deletion command.π Read
via "National Vulnerability Database".
βΌ CVE-2021-3711 βΌ
π Read
via "National Vulnerability Database".
In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" parameter is populated with the buffer size required to hold the decrypted plaintext. The application can then allocate a sufficiently sized buffer and call EVP_PKEY_decrypt() again, but this time passing a non-NULL value for the "out" parameter. A bug in the implementation of the SM2 decryption code means that the calculation of the buffer size required to hold the plaintext returned by the first call to EVP_PKEY_decrypt() can be smaller than the actual size required by the second call. This can lead to a buffer overflow when EVP_PKEY_decrypt() is called by the application a second time with a buffer that is too small. A malicious attacker who is able present SM2 content for decryption to an application could cause attacker chosen data to overflow the buffer by up to a maximum of 62 bytes altering the contents of other data held after the buffer, possibly changing application behaviour or causing the application to crash. The location of the buffer is application dependent but is typically heap allocated. Fixed in OpenSSL 1.1.1l (Affected 1.1.1-1.1.1k).π Read
via "National Vulnerability Database".
βΌ CVE-2021-3712 βΌ
π Read
via "National Vulnerability Database".
ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL (0) byte. Although not a strict requirement, ASN.1 strings that are parsed using OpenSSL's own "d2i" functions (and other similar parsing functions) as well as any string whose value has been set with the ASN1_STRING_set() function will additionally NUL terminate the byte array in the ASN1_STRING structure. However, it is possible for applications to directly construct valid ASN1_STRING structures which do not NUL terminate the byte array by directly setting the "data" and "length" fields in the ASN1_STRING array. This can also happen by using the ASN1_STRING_set0() function. Numerous OpenSSL functions that print ASN.1 data have been found to assume that the ASN1_STRING byte array will be NUL terminated, even though this is not guaranteed for strings that have been directly constructed. Where an application requests an ASN.1 structure to be printed, and where that ASN.1 structure contains ASN1_STRINGs that have been directly constructed by the application without NUL terminating the "data" field, then a read buffer overrun can occur. The same thing can also occur during name constraints processing of certificates (for example if a certificate has been directly constructed by the application instead of loading it via the OpenSSL parsing functions, and the certificate contains non NUL terminated ASN1_STRING structures). It can also occur in the X509_get1_email(), X509_REQ_get1_email() and X509_get1_ocsp() functions. If a malicious actor can cause an application to directly construct an ASN1_STRING and then process it through one of the affected OpenSSL functions then this issue could be hit. This might result in a crash (causing a Denial of Service attack). It could also result in the disclosure of private memory contents (such as private keys, or sensitive plaintext). Fixed in OpenSSL 1.1.1j (Affected 1.1.1-1.1.1k). Fixed in OpenSSL 1.0.2za (Affected 1.0.2-1.0.2y).π Read
via "National Vulnerability Database".
βΌ CVE-2021-36690 βΌ
π Read
via "National Vulnerability Database".
Segmentation fault vulnerability in SQLite sqlite3 3.36.0 via the idxGetTableInfo function, in which a crafted SQL query can cause a denial of serviceπ Read
via "National Vulnerability Database".
βΌ CVE-2021-38714 βΌ
π Read
via "National Vulnerability Database".
In Plib through 1.85, there is an integer overflow vulnerability that could result in arbitrary code execution. The vulnerability is found in ssgLoadTGA() function in src/ssg/ssgLoadTGA.cxx file.π Read
via "National Vulnerability Database".
π¦Ώ Risk officers and board members don't agree on use of tech and data in business π¦Ώ
π Read
via "Tech Republic".
Survey by EY finds that board members are interested in spending more money on technology and data analytics for risk management.π Read
via "Tech Republic".
TechRepublic
Risk officers and board members don't agree on use of tech and data in business
Survey by EY finds that board members are interested in spending more money on technology and data analytics for risk management.
π¦Ώ Survey: Boards want to invest more in technology, data analytics π¦Ώ
π Read
via "Tech Republic".
Risk officers would rather stay in their compliance roles than add data usage to their duties, EY survey says.π Read
via "Tech Republic".
TechRepublic
Survey: Boards want to invest more in technology, data analytics
Risk officers would rather stay in their compliance roles than add data usage to their duties, EY survey says.
β€1
β Custom WhatsApp Build Delivers Triada Malware β
π Read
via "Threat Post".
Researchers have spotted the latest version of the Triada trojan targeting mobile devices via an advertising SDK.π Read
via "Threat Post".
Threat Post
Custom WhatsApp Build Delivers Triada Malware
Researchers have spotted the latest version of the Triada trojan targeting mobile devices via an advertising SDK.
β How a gaming mouse can get you Windows superpowers! β
π Read
via "Naked Security".
When a helpful feature (that you probably didn't need) turns into an exploitable vulnerability...π Read
via "Naked Security".
Naked Security
How a gaming mouse can get you Windows superpowers!
When a helpful feature (that you probably didnβt need) turns into an exploitable vulnerabilityβ¦
β Whatβs *THAT* on my 3D printer? Cloud bug lets anyone print to everyone β
π Read
via "Naked Security".
That's funny. I could have sworn I didn't run a print job yesterday... but will you look at that?π Read
via "Naked Security".
Naked Security
Whatβs *THAT* on my 3D printer? Cloud bug lets anyone print to everyone
Thatβs funny. I could have sworn I didnβt run a print job yesterdayβ¦ but will you look at that?
β Pegasus Spyware Uses iPhone Zero-Click iMessage Zero-Day β
? Read
via "Threat Post".
Cybersecurity watchdog CitizenLab saw the new zero-day FORCEDENTRY exploit successfully deployed against iOS versions 14.4 & 14.6, blowing past Apple's new BlastDoor sandboxing feature to install spyware on the iPhones of Bahraini activists β even one living in London at the time.? Read
via "Threat Post".
Threat Post
Pegasus Spyware Uses iPhone Zero-Click iMessage Zero-Day
The new exploit was deployed against iOS versions 14.4 & 14.6, blowing past Apple's new BlastDoor sandboxing to install spyware on iPhones.
βΌ CVE-2021-39137 βΌ
? Read
via "National Vulnerability Database".
go-ethereum is the official Go implementation of the Ethereum protocol. In affected versions a consensus-vulnerability in go-ethereum (Geth) could cause a chain split, where vulnerable versions refuse to accept the canonical chain. Further details about the vulnerability will be disclosed at a later date. A patch is included in the upcoming `v1.10.8` release. No workaround are available.? Read
via "National Vulnerability Database".
π¦Ώ Don't get rugged: DeFi scams go from zero to $129 million in a year to become top financial hack π¦Ώ
π Read
via "Tech Republic".
Atlas VPN's analysis finds that theft within decentralized finance networks is taking in more money than phishing and ransomware attacks.π Read
via "Tech Republic".
TechRepublic
Don't get rugged: DeFi scams go from zero to $129 million in a year to become top financial hack
Atlas VPN's analysis finds that theft within decentralized finance networks is taking in more money than phishing and ransomware attacks.
π¦Ώ You can remove or update a single entry from the SSH known_hosts file π¦Ώ
π Read
via "Tech Republic".
Sometimes you might need to remove or update an SSH fingerprint of your remote machines in the known_hosts file. Jack Wallen shows you how.π Read
via "Tech Republic".
TechRepublic
You can remove or update a single entry from the SSH known_hosts file
Sometimes you might need to remove or update an SSH fingerprint of your remote machines in the known_hosts file. Jack Wallen shows you how.
β Poly Network Recoups $610M Stolen from DeFi Platform β
π Read
via "Threat Post".
The attacker returned the loot after being offered a gig as chief security advisor with Poly Network.π Read
via "Threat Post".
Threat Post
Poly Network Recoups $610M Stolen from DeFi Platform
The attacker returned the loot after being offered a gig as chief security advisor with Poly Network.
π1
βΌ CVE-2021-28615 βΌ
π Read
via "National Vulnerability Database".
Adobe After Effects version 18.2 (and earlier) is affected by an Our-of-bounds Read vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to disclose sensitive memory information in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.π Read
via "National Vulnerability Database".
βΌ CVE-2021-28603 βΌ
π Read
via "National Vulnerability Database".
Adobe After Effects version 18.2 (and earlier) is affected by a Heap-based Buffer Overflow vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.π Read
via "National Vulnerability Database".