πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
@cibsecurity
25.8K subscribers
89.2K links
πŸ—ž The finest daily news on cybersecurity and privacy.

πŸ”” Daily releases.

πŸ’» Is your online life secure?

πŸ“© lalilolalo.dev@gmail.com
Download Telegram
About
Blog
Apps
Platform
Join
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
25.8K subscribers
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-39595 β€Ό

An issue was discovered in swftools through 20200710. A stack-buffer-overflow exists in the function rfx_alloc() located in mem.c. It allows an attacker to cause code Execution.

πŸ“– Read

via "National Vulnerability Database".
101 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-39590 β€Ό

An issue was discovered in swftools through 20200710. A NULL pointer dereference exists in the function params_dump() located in abc.c. It allows an attacker to cause Denial of Service.

πŸ“– Read

via "National Vulnerability Database".
103 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-39533 β€Ό

An issue was discovered in libslax through v0.22.1. slaxLexer() in slaxlexer.c has a heap-based buffer overflow.

πŸ“– Read

via "National Vulnerability Database".
102 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-39532 β€Ό

An issue was discovered in libslax through v0.22.1. A NULL pointer dereference exists in the function slaxLexer() located in slaxlexer.c. It allows an attacker to cause Denial of Service.

πŸ“– Read

via "National Vulnerability Database".
104 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-32268 β€Ό

Buffer overflow vulnerability in function gf_fprintf in os_file.c in gpac through 20200801, allows attackers to execute arbitrary code.

πŸ“– Read

via "National Vulnerability Database".
105 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-29819 β€Ό

IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204346.

πŸ“– Read

via "National Vulnerability Database".
111 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-39574 β€Ό

An issue was discovered in swftools through 20200710. A heap-buffer-overflow exists in the function pool_read() located in pool.c. It allows an attacker to cause code Execution.

πŸ“– Read

via "National Vulnerability Database".
112 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2020-20894 β€Ό

Buffer Overflow vulnerability in function gaussian_blur in libavfilter/vf_edgedetect.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts.

πŸ“– Read

via "National Vulnerability Database".
114 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-32289 β€Ό

An issue was discovered in heif through through v3.6.2. A NULL pointer dereference exists in the function convertByteStreamToRBSP() located in nalutil.cpp. It allows an attacker to cause Denial of Service.

πŸ“– Read

via "National Vulnerability Database".
114 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-29809 β€Ό

IBM Jazz for Service Management and IBM Tivoli Netcool/OMNIbus_GUI 8.1.0 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 204270.

πŸ“– Read

via "National Vulnerability Database".
123 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-38090 β€Ό

Integer Overflow vulnerability in function filter16_roberts in libavfilter/vf_convolution.c in Ffmpeg 4.2.1, allows attackers to cause a Denial of Service or other unspecified impacts.

πŸ“– Read

via "National Vulnerability Database".
125 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-39514 β€Ό

An issue was discovered in libjpeg through 2020021. An uncaught floating point exception in the function ACLosslessScan::ParseMCU() located in aclosslessscan.cpp. It allows an attacker to cause Denial of Service.

πŸ“– Read

via "National Vulnerability Database".
148 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-39539 β€Ό

An issue was discovered in pdftools through 20200714. A NULL pointer dereference exists in the function node::BDCNode::~BDCNode() located in bdcnode.cpp. It allows an attacker to cause Denial of Service.

πŸ“– Read

via "National Vulnerability Database".
157 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-39537 β€Ό

An issue was discovered in ncurses through v6.2-1. _nc_captoinfo in captoinfo.c has a heap-based buffer overflow.

πŸ“– Read

via "National Vulnerability Database".
163 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
❌ Payment API Bungling Exposes Millions of Users’ Payment Data ❌

Misconfigured APIs make any app risky, but when you’re talking about financial apps, you’re talking about handing ne’er-do-wells the power to turn your pockets inside-out.

πŸ“– Read

via "Threat Post".
Threat Post
Payment API Bungling Exposes Millions of Users’ Payment Data
Misconfigured APIs make any app risky, but when you’re talking about financial apps, you’re talking about handing ne’er-do-wells the power to turn your pockets inside-out.
194 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ” Cyberattack at Eyecare Office Indicative of Shifting Healthcare Breach Trends πŸ”

Large hospitals are making headlines as they continue to get hit by ransomware but smaller outpatient facilities are getting breached just as often.

πŸ“– Read

via "".
Digital Guardian
Cyberattack at Eyecare Office Indicative of Shifting Healthcare Breach Trends
Large hospitals are making headlines as they continue to get hit by ransomware but smaller outpatient facilities are getting breached just as often.
197 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
❌ Europol Breaks Open Extensive Mafia Cybercrime Ring ❌

Organized crime ring thrived on violence, intimidation and $12 million in online fraud profits.

πŸ“– Read

via "Threat Post".
Threat Post
Europol Breaks Open Extensive Mafia Cybercrime Ring
Organized crime ring thrived on violence, intimidation and $12 million in online fraud profits.
213 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2020-19915 β€Ό

Cross Site Scripting (XSS vulnerability exists in WUZHI CMS 4.1.0 via the [mailbox username in index.php.

πŸ“– Read

via "National Vulnerability Database".
205 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2021-32838 β€Ό

Flask-RESTX (pypi package flask-restx) is a community driven fork of Flask-RESTPlus. Flask-RESTX before version 0.5.1 is vulnerable to ReDoS (Regular Expression Denial of Service) in email_regex. This is fixed in version 0.5.1.

πŸ“– Read

via "National Vulnerability Database".
206 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
🦿 Windows 11 prep: How to convert MBR hard drive partitions to GPT 🦿

For added security, Windows 11 will forgo the older MBR partition scheme and use GPT instead. That may require users to convert their older hard drives. Here is how to do it.

πŸ“– Read

via "Tech Republic".
TechRepublic
Windows 11 prep: How to convert MBR hard drive partitions to GPT
For added security, Windows 11 will forgo the older MBR partition scheme and use GPT instead. That may require users to convert their older hard drives. Here is how to do it.
214 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
❌ Amazon Driver-Surveillance Cameras Roll Out, Sparking Debate ❌

Drivers bristle under constant surveillance by artificial-intelligence (AI) tech, but Amazon says it works and boosts safety.

πŸ“– Read

via "Threat Post".
Threat Post
Amazon Driver-Surveillance Cameras Roll Out, Sparking Debate
Drivers bristle under constant surveillance by artificial-intelligence (AI) tech, but Amazon says it works and boosts safety.
199 views