‼ CVE-2021-40147 ‼
📖 Read
via "National Vulnerability Database".
EmTec ZOC before 8.02.2 allows \e[201~ pastes, a different vulnerability than CVE-2021-32198.📖 Read
via "National Vulnerability Database".
🦿 How to create locally signed SSL certificates with mkcert 🦿
📖 Read
via "Tech Republic".
If you need to generate quick SSL certificates for test servers and services, mkcert might be the fastest option available. Jack Wallen shows you how to use this handy tool.📖 Read
via "Tech Republic".
TechRepublic
How to create locally signed SSL certificates with mkcert
If you need to generate quick SSL certificates for test servers and services, mkcert might be the fastest option available. Jack Wallen shows you how to use this handy tool.
🔏 California Reminds Healthcare Orgs of Data Breach Reporting Obligations 🔏
📖 Read
via "".
Hospitals and healthcare providers in the state have been failing to report ransomware attacks that impact health data belonging to patients.📖 Read
via "".
Digital Guardian
California Reminds Healthcare Orgs of Data Breach Reporting Obligations
Hospitals and healthcare providers in the state have been failing to report ransomware attacks that impact health data belonging to patients.
‼ CVE-2021-29487 ‼
📖 Read
via "National Vulnerability Database".
octobercms in a CMS platform based on the Laravel PHP Framework. In affected versions of the october/system package an attacker can exploit this vulnerability to bypass authentication and takeover of and user account on an October CMS server. The vulnerability is exploitable by unauthenticated users via a specially crafted request. This only affects frontend users and the attacker must obtain a Laravel secret key for cookie encryption and signing in order to exploit this vulnerability. The issue has been patched in Build 472 and v1.1.5.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-36929 ‼
📖 Read
via "National Vulnerability Database".
Microsoft Edge (Chromium-based) Information Disclosure Vulnerability📖 Read
via "National Vulnerability Database".
‼ CVE-2020-18476 ‼
📖 Read
via "National Vulnerability Database".
SQL Injection vulnerability in Hucart CMS 5.7.4 via the basic information field found in the avatar usd_image field.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-18477 ‼
📖 Read
via "National Vulnerability Database".
SQL Injection vulnerability in Hucart CMS 5.7.4 via the purchase enquiry field found in the Message con_content field.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-36928 ‼
📖 Read
via "National Vulnerability Database".
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-36931.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-30599 ‼
📖 Read
via "National Vulnerability Database".
Type confusion in V8 in Google Chrome prior to 92.0.4515.159 allowed a remote attacker to execute arbitrary code inside a sandbox via a crafted HTML page.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-30601 ‼
📖 Read
via "National Vulnerability Database".
Use after free in Extensions API in Google Chrome prior to 92.0.4515.159 allowed an attacker who convinced a user to install a malicious extension to potentially exploit heap corruption via a crafted HTML page.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-32648 ‼
📖 Read
via "National Vulnerability Database".
octobercms in a CMS platform based on the Laravel PHP Framework. In affected versions of the october/system package an attacker can request an account password reset and then gain access to the account using a specially crafted request. The issue has been patched in Build 472 and v1.1.5.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-30596 ‼
📖 Read
via "National Vulnerability Database".
Incorrect security UI in Navigation in Google Chrome on Android prior to 92.0.4515.131 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-18468 ‼
📖 Read
via "National Vulnerability Database".
Cross Site Scripting (XSS) vulnerability exists in qdPM 9.1 in the Heading field found in the Login Page page under the General menu via a crafted website name by doing an authenticated POST HTTP request to /qdPM_9.1/index.php/configuration.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-30602 ‼
📖 Read
via "National Vulnerability Database".
Use after free in WebRTC in Google Chrome prior to 92.0.4515.159 allowed an attacker who convinced a user to visit a malicious website to potentially exploit heap corruption via a crafted HTML page.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-36931 ‼
📖 Read
via "National Vulnerability Database".
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-36928.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-18470 ‼
📖 Read
via "National Vulnerability Database".
Stored cross-site scripting (XSS) vulnerability in the Name of application field found in the General Configuration page in Rukovoditel 2.4.1 allows remote attackers to inject arbitrary web script or HTML via a crafted website name by doing an authenticated POST HTTP request to rukovoditel_2.4.1/install/index.php.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-30603 ‼
📖 Read
via "National Vulnerability Database".
Data race in WebAudio in Google Chrome prior to 92.0.4515.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-18475 ‼
📖 Read
via "National Vulnerability Database".
Cross Site Scripting (XSS) vulnerabilty exists in Hucart CMS 5.7.4 is via the mes_title field. The first user inserts a malicious script into the header field of the outbox and sends it to other users. When other users open the email, the malicious code will be executed.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-30594 ‼
📖 Read
via "National Vulnerability Database".
Use after free in Page Info UI in Google Chrome prior to 92.0.4515.131 allowed a remote attacker to potentially exploit heap corruption via physical access to the device.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-30604 ‼
📖 Read
via "National Vulnerability Database".
Use after free in ANGLE in Google Chrome prior to 92.0.4515.159 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-30593 ‼
📖 Read
via "National Vulnerability Database".
Out of bounds read in Tab Strip in Google Chrome prior to 92.0.4515.131 allowed an attacker who convinced a user to install a malicious extension to perform an out of bounds memory read via a crafted HTML page.📖 Read
via "National Vulnerability Database".