βΌ CVE-2021-39263 βΌ
π Read
via "National Vulnerability Database".
A crafted NTFS image can trigger a heap-based buffer overflow, caused by an unsanitized attribute in ntfs_get_attribute_value, in NTFS-3G < 2021.8.22.π Read
via "National Vulnerability Database".
βΌ CVE-2021-39260 βΌ
π Read
via "National Vulnerability Database".
A crafted NTFS image can cause an out-of-bounds access in ntfs_inode_sync_standard_information in NTFS-3G < 2021.8.22.π Read
via "National Vulnerability Database".
βΌ CVE-2021-39258 βΌ
π Read
via "National Vulnerability Database".
A crafted NTFS image can cause out-of-bounds reads in ntfs_attr_find and ntfs_external_attr_find in NTFS-3G < 2021.8.22.π Read
via "National Vulnerability Database".
βΌ CVE-2021-33289 βΌ
π Read
via "National Vulnerability Database".
In Tuxera NTFS-3G versions < 2021.8.22, when a specially crafted MFT section is supplied in an NTFS image a heap buffer overflow can occur and allow for code execution.π Read
via "National Vulnerability Database".
βΌ CVE-2021-39257 βΌ
π Read
via "National Vulnerability Database".
A crafted NTFS image with an unallocated bitmap can lead to a endless recursive function call chain (starting from ntfs_attr_pwrite), causing stack consumption in NTFS-3G < 2021.8.22.π Read
via "National Vulnerability Database".
βΌ CVE-2021-39262 βΌ
π Read
via "National Vulnerability Database".
A crafted NTFS image can cause an out-of-bounds access in ntfs_decompress in NTFS-3G < 2021.8.22.π Read
via "National Vulnerability Database".
βΌ CVE-2021-39259 βΌ
π Read
via "National Vulnerability Database".
A crafted NTFS image can trigger an out-of-bounds access, caused by an unsanitized attribute length in ntfs_inode_lookup_by_name, in NTFS-3G < 2021.8.22.π Read
via "National Vulnerability Database".
βΌ CVE-2021-39252 βΌ
π Read
via "National Vulnerability Database".
A crafted NTFS image can cause an out-of-bounds read in ntfs_ie_lookup in NTFS-3G < 2021.8.22.π Read
via "National Vulnerability Database".
βΌ CVE-2021-33287 βΌ
π Read
via "National Vulnerability Database".
Tuxera NTFS-3G versions < 2021.8.22, when specially crafted NTFS attributes are read in the function ntfs_attr_pread_i, a heap buffer overflow can occur and allow for writing to arbitrary memory or denial of service of the application.π Read
via "National Vulnerability Database".
βΌ CVE-2021-33286 βΌ
π Read
via "National Vulnerability Database".
In Tuxera NTFS-3G versions < 2021.8.22, when a specially crafted unicode string is supplied in an NTFS image a heap buffer overflow can occur and allow for code execution.π Read
via "National Vulnerability Database".
βΌ CVE-2021-35266 βΌ
π Read
via "National Vulnerability Database".
In Tuxera NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode pathname is supplied in an NTFS image a heap buffer overflow can occur resulting in memory disclosure, denial of service and even code execution.π Read
via "National Vulnerability Database".
βΌ CVE-2020-19131 βΌ
π Read
via "National Vulnerability Database".
Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the "invertImage()" function in the component "tiffcrop".π Read
via "National Vulnerability Database".
βΌ CVE-2021-39261 βΌ
π Read
via "National Vulnerability Database".
A crafted NTFS image can cause a heap-based buffer overflow in ntfs_compressed_pwrite in NTFS-3G < 2021.8.22.π Read
via "National Vulnerability Database".
βΌ CVE-2020-7832 βΌ
π Read
via "National Vulnerability Database".
A vulnerability (improper input validation) in the DEXT5 Upload solution allows an unauthenticated attacker to download and execute an arbitrary file via AddUploadFile, SetSelectItem, DoOpenFile function.(CVE-2020-7832)π Read
via "National Vulnerability Database".
βΌ CVE-2021-35268 βΌ
π Read
via "National Vulnerability Database".
Tuxera NTFS-3G versions < 2021.8.22, when a specially crafted NTFS inode is loaded in the function ntfs_inode_real_open, a heap buffer overflow can occur allowing for code execution and escalation of privileges.π Read
via "National Vulnerability Database".
βΌ CVE-2021-39255 βΌ
π Read
via "National Vulnerability Database".
A crafted NTFS image can trigger an out-of-bounds read, caused by an invalid attribute in ntfs_attr_find_in_attrdef, in NTFS-3G < 2021.8.22.π Read
via "National Vulnerability Database".
β ProtonMail Forced to Log IP Address of French Activist β
π Read
via "Threat Post".
The privacy-touting, end-to-end encrypted email provider erased its site's βwe donβt log your IPβ boast after France sicced Swiss cops on it.π Read
via "Threat Post".
Threat Post
ProtonMail Forced to Log IP Address of French Activist
The privacy-touting, end-to-end encrypted email provider erased its site's βwe donβt log your IPβ boast after France sicced Swiss cops on it.
β Jenkins Hit as Atlassian Confluence Cyberattacks Widen β
π Read
via "Threat Post".
Patch now: The popular biz-collaboration platform is seeing mass scanning and exploitation just two weeks after a critical RCE bug was disclosed.π Read
via "Threat Post".
Threat Post
Jenkins Hit as Atlassian Confluence Cyberattacks Widen
Patch now: The popular biz-collaboration platform is seeing mass scanning and exploitation just two weeks after a critical RCE bug was disclosed.
π¦Ώ How to control activity tracking by apps on your iPhone or iPad π¦Ώ
π Read
via "Tech Republic".
You can tell iOS and iPadOS apps not to track your activity. Here's how.π Read
via "Tech Republic".
TechRepublic
How to control activity tracking by apps on your iPhone or iPad
You can tell iOS and iPadOS apps not to track your activity. Here's how.
βΌ CVE-2021-40539 βΌ
π Read
via "National Vulnerability Database".
Zoho ManageEngine ADSelfService Plus version 6113 and prior is vulnerable to REST API authentication bypass with resultant remote code execution.π Read
via "National Vulnerability Database".
βΌ CVE-2021-38123 βΌ
π Read
via "National Vulnerability Database".
Open Redirect vulnerability in Micro Focus Network Automation, affecting Network Automation versions 10.4x, 10.5x, 2018.05, 2018.11, 2019.05, 2020.02, 2020.08, 2020.11, 2021.05. The vulnerability could allow redirect users to malicious websites after authentication.π Read
via "National Vulnerability Database".