❌ Army Testing Facial Recognition in Child-Care Centers ❌
📖 Read
via "Threat Post".
Army looking for AI to layer over daycare CCTV to boost ‘family quality of life.’📖 Read
via "Threat Post".
Threat Post
Army Testing Facial Recognition in Child-Care Centers
Army looking for AI to layer over daycare CCTV to boost ‘family quality of life.’
❌ HPE Warns Sudo Bug Gives Attackers Root Privileges to Aruba Platform ❌
📖 Read
via "Threat Post".
HPE joins Apple in warning customers of a high-severity Sudo vulnerability.📖 Read
via "Threat Post".
Threat Post
HPE Warns Sudo Bug Gives Attackers Root Privileges to Aruba Platform
HPE joins Apple in warning customers of a high-severity Sudo vulnerability.
‼ CVE-2021-32831 ‼
📖 Read
via "National Vulnerability Database".
Total.js framework (npm package total.js) is a framework for Node.js platfrom written in pure JavaScript similar to PHP's Laravel or Python's Django or ASP.NET MVC. In total.js framework before version 3.4.9, calling the utils.set function with user-controlled values leads to code-injection. This can cause a variety of impacts that include arbitrary code execution. This is fixed in version 3.4.9.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-39175 ‼
📖 Read
via "National Vulnerability Database".
HedgeDoc is a platform to write and share markdown. In versions prior to 1.9.0, an unauthenticated attacker can inject arbitrary JavaScript into the speaker-notes of the slide-mode feature by embedding an iframe hosting the malicious code into the slides or by embedding the HedgeDoc instance into another page. The problem is patched in version 1.9.0. There are no known workarounds aside from upgrading.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-34434 ‼
📖 Read
via "National Vulnerability Database".
In Eclipse Mosquitto versions 2.0 to 2.0.11, when using the dynamic security plugin, if the ability for a client to make subscriptions on a topic is revoked when a durable client is offline, then existing subscriptions for that client are not revoked.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-39132 ‼
📖 Read
via "National Vulnerability Database".
### Impact An authorized user can upload a zip-format plugin with a crafted plugin.yaml, or a crafted aclpolicy yaml file, or upload an untrusted project archive with a crafted aclpolicy yaml file, that can cause the server to run untrusted code on Rundeck Community or Enterprise Edition. An authenticated user can make a POST request, that can cause the server to run untrusted code on Rundeck Enterprise Edition. The zip-format plugin issues requires authentication and authorization to these access levels, and affects all Rundeck editions: * `admin` level access to the `system` resource type The ACL Policy yaml file upload issues requires authentication and authorization to these access levels, and affects all Rundeck editions: * `create` `update` or `admin` level access to a `project_acl` resource * `create` `update` or `admin` level access to the `system_acl` resource The unauthorized POST request requires authentication, but no specific authorization, and affects Rundeck Enterprise only. ### Patches Versions 3.4.3, 3.3.14 ### Workarounds Please visit [https://rundeck.com/security](https://rundeck.com/security) for information about specific workarounds. ### For more information If you have any questions or comments about this advisory: * Email us at [security@rundeck.com](mailto:security@rundeck.com) To report security issues to Rundeck please use the form at [https://rundeck.com/security](https://rundeck.com/security) Reporter: Rojan Rijal from Tinder Red Team📖 Read
via "National Vulnerability Database".
‼ CVE-2021-35062 ‼
📖 Read
via "National Vulnerability Database".
A Shell Metacharacter Injection vulnerability in result.php in DRK Odenwaldkreis Testerfassung March-2021 allow an attacker with a valid token of a COVID-19 test result to execute shell commands with the permissions of the web server.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-32832 ‼
📖 Read
via "National Vulnerability Database".
Rocket.Chat is an open-source fully customizable communications platform developed in JavaScript. In Rocket.Chat before versions 3.11.3, 3.12.2, and 3.13 an issue with certain regular expressions could lead potentially to Denial of Service. This was fixed in versions 3.11.3, 3.12.2, and 3.13.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-36692 ‼
📖 Read
via "National Vulnerability Database".
libjxl v0.3.7 is affected by a Divide By Zero in issue in lib/extras/codec_apng.cc jxl::DecodeImageAPNG(). When encoding a malicous APNG file using cjxl, an attacker can trigger a denial of service.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-36691 ‼
📖 Read
via "National Vulnerability Database".
libjxl v0.5.0 is affected by a Assertion failed issue in lib/jxl/image.cc jxl::PlaneBase::PlaneBase(). When encoding a malicous GIF file using cjxl, an attacker can trigger a denial of service.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-39133 ‼
📖 Read
via "National Vulnerability Database".
Rundeck is an open source automation service with a web console, command line tools and a WebAPI. Prior to version 3.3.14 and version 3.4.3, a user with `admin` access to the `system` resource type is potentially vulnerable to a CSRF attack that could cause the server to run untrusted code on all Rundeck editions. Patches are available in Rundeck versions 3.4.3 and 3.3.14.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-27558 ‼
📖 Read
via "National Vulnerability Database".
A cross site scripting (XSS) issue in EasyCorp ZenTao 12.5.3 allows remote attackers to execute arbitrary web script via various areas such as data-link-creator.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-13639 ‼
📖 Read
via "National Vulnerability Database".
A stored XSS vulnerability was discovered in the ECT Provider in OutSystems before 2020-09-04, affecting generated applications. It could allow an unauthenticated remote attacker to craft and store malicious Feedback content into /ECT_Provider/, such that when the content is viewed (it can only be viewed by Administrators), attacker-controlled JavaScript will execute in the security context of an administrator's browser. This is fixed in Outsystems 10.0.1005.2, Outsystems 11.9.0 Platform Server, and Outsystems 11.7.0 LifeTime Management Console.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-39178 ‼
📖 Read
via "National Vulnerability Database".
Next.js is a React framework. Versions of Next.js between 10.0.0 and 11.0.0 contain a cross-site scripting vulnerability. In order for an instance to be affected by the vulnerability, the `next.config.js` file must have `images.domains` array assigned and the image host assigned in `images.domains` must allow user-provided SVG. If the `next.config.js` file has `images.loader` assigned to something other than default or the instance is deployed on Vercel, the instance is not affected by the vulnerability. The vulnerability is patched in Next.js version 11.1.1.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-36981 ‼
📖 Read
via "National Vulnerability Database".
In the server in SerNet verinice before 1.22.2, insecure Java deserialization allows remote authenticated attackers to execute arbitrary code.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-27557 ‼
📖 Read
via "National Vulnerability Database".
A cross-site request forgery (CSRF) vulnerability in the Cron job tab in EasyCorp ZenTao 12.5.3 allows attackers to update the fields of a Cron job.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-40330 ‼
📖 Read
via "National Vulnerability Database".
git_connect_git in connect.c in Git before 2.30.1 allows a repository path to contain a newline character, which may result in unexpected cross-protocol requests, as demonstrated by the git://localhost:1234/%0d%0a%0d%0aGET%20/%20HTTP/1.1 substring.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-27556 ‼
📖 Read
via "National Vulnerability Database".
The Cron job tab in EasyCorp ZenTao 12.5.3 allows remote attackers (who have admin access) to execute arbitrary code by setting the type parameter to System.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-36356 ‼
📖 Read
via "National Vulnerability Database".
KRAMER VIAware through August 2021 allows remote attackers to execute arbitrary code because ajaxPages/writeBrowseFilePathAjax.php accepts arbitrary executable pathnames (even though browseSystemFiles.php is no longer reachable via the GUI). NOTE: this issue exists because of an incomplete fix for CVE-2019-17124.📖 Read
via "National Vulnerability Database".
❌ LockFile Ransomware Uses Never-Before Seen Encryption to Avoid Detection ❌
📖 Read
via "Threat Post".
Researchers from Sophos discovered the emerging threat in July, which exploits the ProxyShell vulnerabilities in Microsoft Exchange servers to attack systems.📖 Read
via "Threat Post".
Threat Post
LockFile Ransomware Uses Never-Before Seen Encryption to Avoid Detection
Researchers from Sophos discovered the emerging threat in July, which exploits the ProxyShell vulnerabilities in Microsoft Exchange servers to attack systems.
🦿 Cybercriminals are holding schools ransom for billions and some are paying up 🦿
📖 Read
via "Tech Republic".
A new report highlights the financial costs of school ransomware, days lost to downtime and the number of students impacted, as these incidents become a steady source of criminal income.📖 Read
via "Tech Republic".
TechRepublic
Cybercriminals are holding schools ransom for billions and some are paying up
A new report highlights the financial costs of school ransomware, days lost to downtime and the number of students impacted, as these incidents become a steady source of criminal income.