‼ CVE-2021-29763 ‼
📖 Read
via "National Vulnerability Database".
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 under very specific conditions, could allow a local user to keep running a procedure that could cause the system to run out of memory.and cause a denial of service. IBM X-Force ID: 202267.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-29825 ‼
📖 Read
via "National Vulnerability Database".
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) could disclose sensitive information when using ADMIN_CMD with LOAD or BACKUP. IBM X-Force ID: 204470.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-29752 ‼
📖 Read
via "National Vulnerability Database".
IBM Db2 11.2 and 11.5 contains an information disclosure vulnerability, exposing remote storage credentials to privileged users under specific conditions. IBM X-Fporce ID: 201780.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-29842 ‼
📖 Read
via "National Vulnerability Database".
IBM WebSphere Application Server 7.0, 8.0, 8.5, 9.0 and Liberty 17.0.0.3 through 21.0.0.9 could allow a remote user to enumerate usernames due to a difference of responses from valid and invalid login attempts. IBM X-Force ID: 205202.📖 Read
via "National Vulnerability Database".
❌ Airline Credential-Theft Takes Off in Widening Campaign ❌
📖 Read
via "Threat Post".
A spyware effort bent on stealing cookies and logins is being driven by unsophisticated attackers cashing in on the initial-access-broker boom.📖 Read
via "Threat Post".
Threat Post
Airline Credential-Theft Takes Off in Widening Campaign
A spyware effort bent on stealing cookies and logins is being driven by unsophisticated attackers cashing in on the initial-access-broker boom.
‼ CVE-2021-40669 ‼
📖 Read
via "National Vulnerability Database".
SQL Injection vulnerability exists in Wuzhi CMS 4.1.0 via the keywords parameter under the coreframe/app/promote/admin/index.php file.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-40670 ‼
📖 Read
via "National Vulnerability Database".
SQL Injection vulnerability exists in Wuzhi CMS 4.1.0 via the keywords iparameter under the /coreframe/app/order/admin/card.php file.📖 Read
via "National Vulnerability Database".
❌ CISA, FBI: State-Backed APTs May Be Exploiting Critical Zoho Bug ❌
📖 Read
via "Threat Post".
The newly identified bug in a Zoho single sign-on and password management tool has been under active attack since early August.📖 Read
via "Threat Post".
Threat Post
CISA, FBI: State-Backed APTs May Be Exploiting Critical Zoho Bug
The newly identified bug in a Zoho single sign-on and password management tool has been under active attack since early August.
‼ CVE-2020-21535 ‼
📖 Read
via "National Vulnerability Database".
fig2dev 3.2.7b contains a segmentation fault in the gencgm_start function in gencgm.c.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-21531 ‼
📖 Read
via "National Vulnerability Database".
fig2dev 3.2.7b contains a global buffer overflow in the conv_pattern_index function in gencgm.c.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-21532 ‼
📖 Read
via "National Vulnerability Database".
fig2dev 3.2.7b contains a global buffer overflow in the setfigfont function in genepic.c.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-21530 ‼
📖 Read
via "National Vulnerability Database".
fig2dev 3.2.7b contains a segmentation fault in the read_objects function in read.c.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-21529 ‼
📖 Read
via "National Vulnerability Database".
fig2dev 3.2.7b contains a stack buffer overflow in the bezier_spline function in genepic.c.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-21533 ‼
📖 Read
via "National Vulnerability Database".
fig2dev 3.2.7b contains a stack buffer overflow in the read_textobject function in read.c.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-21534 ‼
📖 Read
via "National Vulnerability Database".
fig2dev 3.2.7b contains a global buffer overflow in the get_line function in read.c.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-21596 ‼
📖 Read
via "National Vulnerability Database".
libde265 v1.0.4 contains a global buffer overflow in the decode_CABAC_bit function, which can be exploited via a crafted a file.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-21606 ‼
📖 Read
via "National Vulnerability Database".
libde265 v1.0.4 contains a heap buffer overflow fault in the put_epel_16_fallback function, which can be exploited via a crafted a file.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-21600 ‼
📖 Read
via "National Vulnerability Database".
libde265 v1.0.4 contains a heap buffer overflow in the put_weighted_pred_avg_16_fallback function, which can be exploited via a crafted a file.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-21594 ‼
📖 Read
via "National Vulnerability Database".
libde265 v1.0.4 contains a heap buffer overflow in the put_epel_hv_fallback function, which can be exploited via a crafted a file.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-21598 ‼
📖 Read
via "National Vulnerability Database".
libde265 v1.0.4 contains a heap buffer overflow in the ff_hevc_put_unweighted_pred_8_sse function, which can be exploited via a crafted a file.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-21599 ‼
📖 Read
via "National Vulnerability Database".
libde265 v1.0.4 contains a heap buffer overflow in the de265_image::available_zscan function, which can be exploited via a crafted a file.📖 Read
via "National Vulnerability Database".