‼ CVE-2020-14124 ‼
📖 Read
via "National Vulnerability Database".
There is a buffer overflow in librsa.so called by getwifipwdurl interface, resulting in code execution on Xiaomi router AX3600 with ROM version =rom< 1.1.12.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-34571 ‼
📖 Read
via "National Vulnerability Database".
Multiple Wireless M-Bus devices by Enbra use Hard-coded Credentials in Security mode 5 without an option to change the encryption key. An adversary can learn all information that is available in Enbra EWM.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-40066 ‼
📖 Read
via "National Vulnerability Database".
The access controls on the Mobility read-only API improperly validate user access permissions. Attackers with both network access to the API and valid credentials can read data from it; regardless of access control group membership settings. This vulnerability is fixed in Mobility v11.76 and Mobility v12.14.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-34573 ‼
📖 Read
via "National Vulnerability Database".
In Enbra EWM in Version 1.7.29 together with several tested wireless M-Bus Sensors the events backflow and "no flow" are not reconized or misinterpreted. This may lead to wrong values and missing events.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-34572 ‼
📖 Read
via "National Vulnerability Database".
Enbra EWM 1.7.29 does not check for or detect replay attacks sent by wireless M-Bus Security mode 5 devices. Instead timestamps of the sensor are replaced by the time of the readout even if the data is a replay of earlier data.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-40067 ‼
📖 Read
via "National Vulnerability Database".
The access controls on the Mobility read-write API improperly validate user access permissions; this API is disabled by default. If the API is manually enabled, attackers with both network access to the API and valid credentials can read and write data to it; regardless of access control group membership settings. This vulnerability is fixed in Mobility v12.14.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-14130 ‼
📖 Read
via "National Vulnerability Database".
Some js interfaces in the Xiaomi community were exposed, causing sensitive functions to be maliciously called on Xiaomi community app Affected Version <3.0.210809📖 Read
via "National Vulnerability Database".
🗓️ Manufacturing industry must limit internal data access to prevent sensitive leaks – report 🗓️
📖 Read
via "The Daily Swig".
Sector advised to monitor what employees can do on company networks📖 Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Manufacturing industry must limit internal data access to prevent sensitive leaks – report
Sector advised to monitor what employees can do on company networks
🦿 Bitdefender offers free decryptor for REvil ransomware victims 🦿
📖 Read
via "Tech Republic".
The free decryption tool will help victims restore their encrypted files from attacks made before July 13, 2021, says Bitdefender.📖 Read
via "Tech Republic".
TechRepublic
Bitdefender offers free decryptor for REvil ransomware victims
The free decryption tool will help victims restore their encrypted files from attacks made before July 13, 2021, says Bitdefender.
⚠ OMIGOD, an exploitable hole in Microsoft open source code! ⚠
📖 Read
via "Naked Security".
Got Linux? Here's a bug you weren't expecting, in software you might not know you have.📖 Read
via "Naked Security".
Sophos News
Naked Security – Sophos News
⚠ S3 Ep50: Two 0-days plus another 0-day plus a fast food bug [Podcast] ⚠
📖 Read
via "Naked Security".
Bugs! So many bugs! Latest episode - listen now...📖 Read
via "Naked Security".
Naked Security
S3 Ep50: Two 0-days plus another 0-day plus a fast food bug [Podcast]
Bugs! So many bugs! Latest episode – listen now…
🛠 GNU Privacy Guard 2.2.31 🛠
📖 Read
via "Packet Storm Security".
GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions. This is the LTS release.📖 Read
via "Packet Storm Security".
Packetstormsecurity
GNU Privacy Guard 2.2.31 ≈ Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
‼ CVE-2021-41079 ‼
📖 Read
via "National Vulnerability Database".
Apache Tomcat 8.5.0 to 8.5.63, 9.0.0-M1 to 9.0.43 and 10.0.0-M1 to 10.0.2 did not properly validate incoming TLS packets. When Tomcat was configured to use NIO+OpenSSL or NIO2+OpenSSL for TLS, a specially crafted packet could be used to trigger an infinite loop resulting in a denial of service.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-36160 ‼
📖 Read
via "National Vulnerability Database".
A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS). This issue affects Apache HTTP Server versions 2.4.30 to 2.4.48 (inclusive).📖 Read
via "National Vulnerability Database".
‼ CVE-2021-40438 ‼
📖 Read
via "National Vulnerability Database".
A crafted request uri-path can cause mod_proxy to forward the request to an origin server choosen by the remote user. This issue affects Apache HTTP Server 2.4.48 and earlier.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-27341 ‼
📖 Read
via "National Vulnerability Database".
OpenSIS Community Edition version <= 7.6 is affected by a local file inclusion vulnerability in DownloadWindow.php via the "filename" parameter.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-39214 ‼
📖 Read
via "National Vulnerability Database".
mitmproxy is an interactive, SSL/TLS-capable intercepting proxy. In mitmproxy 7.0.2 and below, a malicious client or server is able to perform HTTP request smuggling attacks through mitmproxy. This means that a malicious client/server could smuggle a request/response through mitmproxy as part of another request/response's HTTP message body. While a smuggled request is still captured as part of another request's body, it does not appear in the request list and does not go through the usual mitmproxy event hooks, where users may have implemented custom access control checks or input sanitization. Unless one uses mitmproxy to protect an HTTP/1 service, no action is required. The vulnerability has been fixed in mitmproxy 7.0.3 and above.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-34798 ‼
📖 Read
via "National Vulnerability Database".
Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and earlier.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-27340 ‼
📖 Read
via "National Vulnerability Database".
OpenSIS Community Edition version <= 7.6 is affected by a reflected XSS vulnerability in EmailCheck.php via the "opt" parameter.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-39275 ‼
📖 Read
via "National Vulnerability Database".
ap_escape_quotes() may write beyond the end of a buffer when given malicious input. No included modules pass untrusted data to these functions, but third-party / external modules may. This issue affects Apache HTTP Server 2.4.48 and earlier.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-39208 ‼
📖 Read
via "National Vulnerability Database".
SharpCompress is a fully managed C# library to deal with many compression types and formats. Versions prior to 0.29.0 are vulnerable to partial path traversal. SharpCompress recreates a hierarchy of directories under destinationDirectory if ExtractFullPath is set to true in options. In order to prevent extraction outside the destination directory the destinationFileName path is verified to begin with fullDestinationDirectoryPath. However, prior to version 0.29.0, it is not enforced that fullDestinationDirectoryPath ends with slash. If the destinationDirectory is not slash terminated like `/home/user/dir` it is possible to create a file with a name thats begins as the destination directory one level up from the directory, i.e. `/home/user/dir.sh`. Because of the file name and destination directory constraints the arbitrary file creation impact is limited and depends on the use case. This issue is fixed in SharpCompress version 0.29.0.📖 Read
via "National Vulnerability Database".