‼ CVE-2021-42089 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Zammad before 4.1.1. The REST API discloses sensitive information.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-42093 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Zammad before 4.1.1. An admin can execute code on the server via a crafted request that manipulates triggers.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-42087 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Zammad before 4.1.1. An admin can discover the application secret via the API.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-42092 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Zammad before 4.1.1. Stored XSS may occur via an Article during addition of an attachment to a Ticket.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-42090 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Zammad before 4.1.1. The Form functionality allows remote code execution because deserialization is mishandled.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-42084 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Zammad before 4.1.1. An attacker with valid agent credentials may send a series of crafted requests that cause an endless loop and thus cause denial of service.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-42091 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Zammad before 4.1.1. SSRF can occur via GitHub or GitLab integration.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-42088 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Zammad before 4.1.1. The Chat functionality allows XSS because clipboard data is mishandled.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-42095 ‼
📖 Read
via "National Vulnerability Database".
Xshell before 7.0.0.76 allows attackers to cause a crash by triggering rapid changes to the title bar.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-21865 ‼
📖 Read
via "National Vulnerability Database".
ThinkPHP50-CMS v1.0 contains a remote code execution (RCE) vulnerability in the component /public/?s=captcha.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-42086 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Zammad before 4.1.1. An Agent account can modify account data, and gain admin access, via a crafted request.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-42094 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Zammad before 4.1.1. Command Injection can occur via custom Packages.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-42085 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Zammad before 4.1.1. There is stored XSS via a custom Avatar.📖 Read
via "National Vulnerability Database".
🕴 Microsec.ai Launches Solution to Deliver Agentless Runtime Protection for Multi-cloud Infrastructure as a Service 🕴
📖 Read
via "Dark Reading".
Continuous monitoring of network traffic, data loss prevention, and responsive self-healing protection from threats to cloud-native applications.📖 Read
via "Dark Reading".
Dark Reading
Microsec.ai Launches Solution to Deliver Agentless Runtime Protection for Multi-cloud Infrastructure as a Service
Continuous monitoring of network traffic, data loss prevention, and responsive self-healing protection from threats to cloud-native applications.
🕴 HP Extends Security Features to Work-from-Home Devices 🕴
📖 Read
via "Dark Reading".
HP aims to let admins secure work-from-home endpoints by extending cloud security management that can remotely track, detect and self-heal remote company devices -- including printers.📖 Read
via "Dark Reading".
Dark Reading
HP Extends Security Features to Work-from-Home Devices
HP aims to let admins secure work-from-home endpoints by extending cloud security management that can remotely track, detect and self-heal remote company devices -- including printers.
‼ CVE-2021-25271 ‼
📖 Read
via "National Vulnerability Database".
A local attacker could read or write arbitrary files with administrator privileges in HitmanPro before version Build 318.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-25270 ‼
📖 Read
via "National Vulnerability Database".
A local attacker could execute arbitrary code with administrator privileges in HitmanPro.Alert before version Build 901.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-33603 ‼
📖 Read
via "National Vulnerability Database".
A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant whereby the AVPACK module component used in certain F-Secure products can crash while scanning a fuzzed files. The exploit can be triggered remotely by an attacker. A successful attack will result in Denial-of-Service (DoS) of the Anti-Virus engine.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-40832 ‼
📖 Read
via "National Vulnerability Database".
A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant whereby the AVRDL unpacking module component used in certain F-Secure products can crash while scanning a fuzzed files. The exploit can be triggered remotely by an attacker. A successful attack will result in Denial-of-Service (DoS) of the Anti-Virus engine.📖 Read
via "National Vulnerability Database".
🗓️ Apache HTTP Server update fails to squash path traversal, RCE bugs 🗓️
📖 Read
via "The Daily Swig".
Web admins told to upgrade (once again) to latest version📖 Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Apache HTTP Server update fails to squash path traversal, RCE bugs
Web admins told to upgrade (once again) to latest version
🕴 Hardware Bolsters Medical Device Security 🕴
📖 Read
via "Dark Reading".
New microprocessor technologies like secure enclaves and cryptography acceleration enable hardware to better safeguard medical devices.📖 Read
via "Dark Reading".
Dark Reading
Hardware Bolsters Medical Device Security
New microprocessor technologies like secure enclaves and cryptography acceleration enable hardware to better safeguard medical devices.