βΌ CVE-2021-41127 βΌ
π Read
via "National Vulnerability Database".
Rasa is an open source machine learning framework to automate text-and voice-based conversations. In affected versions a vulnerability exists in the functionality that loads a trained model `tar.gz` file which allows a malicious actor to craft a `model.tar.gz` file which can overwrite or replace bot files in the bot directory. The vulnerability is fixed in Rasa 2.8.10. For users unable to update ensure that users do not upload untrusted model files, and restrict CLI or API endpoint access where a malicious actor could target a deployed Rasa instance.π Read
via "National Vulnerability Database".
βΌ CVE-2021-39348 βΌ
π Read
via "National Vulnerability Database".
The LearnPress WordPress plugin is vulnerable to Stored Cross-Site Scripting due to insufficient escaping on the $custom_profile parameter found in the ~/inc/admin/views/backend-user-profile.php file which allowed attackers with administrative user access to inject arbitrary web scripts, in versions up to and including 4.1.3.1. This affects multi-site installations where unfiltered_html is disabled for administrators, and sites where unfiltered_html is disabled. Please note that this is seperate from CVE-2021-24702.π Read
via "National Vulnerability Database".
βΌ CVE-2021-39352 βΌ
π Read
via "National Vulnerability Database".
The Catch Themes Demo Import WordPress plugin is vulnerable to arbitrary file uploads via the import functionality found in the ~/inc/CatchThemesDemoImport.php file, in versions up to and including 1.7, due to insufficient file type validation. This makes it possible for an attacker with administrative privileges to upload malicious files that can be used to achieve remote code execution.π Read
via "National Vulnerability Database".
βΌ CVE-2021-27746 βΌ
π Read
via "National Vulnerability Database".
"HCL Connections Security Update for Reflected Cross-Site Scripting (XSS) Vulnerability"π Read
via "National Vulnerability Database".
ποΈ EU ban on anonymous domain registration welcomed by threat intel firm ποΈ
π Read
via "The Daily Swig".
βThis raises the bar and makes it expensive for easy cyber criminality,β argues DomainToolsπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
EU ban on anonymous domain registration welcomed by threat intel firm
βThis raises the bar and makes it expensive for easy cyber criminality,β argues DomainTools
ποΈ Japanese punctuation exacerbates privacy flaw that leaks one-word search terms in Google, Firefox browsers ποΈ
π Read
via "The Daily Swig".
Researcher questions efficacy of proposed remedies as debate rumbles on 18 months after disclosureπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Japanese punctuation exacerbates privacy flaw that leaks one-word search terms in Google, Firefox browsers
Researcher questions efficacy of proposed remedies as debate rumbles on 18 months after disclosure
β Threat Actors Abuse Discord to Push Malware β
π Read
via "Threat Post".
The platformβs Content Delivery Network and core features are being used to send malicious filesβincluding RATs--across its network of 150 million users, putting corporate workplaces at risk.π Read
via "Threat Post".
Threat Post
Threat Actors Abuse Discord to Push Malware
The platformβs Content Delivery Network and core features are being used to send malicious filesβincluding RATsβacross its network of 150 million users, putting corporate workplaces at risk.
βΌ CVE-2021-31835 βΌ
π Read
via "National Vulnerability Database".
Cross-Site Scripting vulnerability in McAfee ePolicy Orchestrator (ePO) prior to 5.10 Update 11 allows ePO administrators to inject arbitrary web script or HTML via a specific parameter where the administrator's entries were not correctly sanitized.π Read
via "National Vulnerability Database".
βΌ CVE-2021-31834 βΌ
π Read
via "National Vulnerability Database".
Stored Cross-Site Scripting vulnerability in McAfee ePolicy Orchestrator (ePO) prior to 5.10 Update 11 allows ePO administrators to inject arbitrary web script or HTML via multiple parameters where the administrator's entries were not correctly sanitized.π Read
via "National Vulnerability Database".
π¦Ώ What to do if your small business is a victim of a cyberattack π¦Ώ
π Read
via "Tech Republic".
Immersed in the throes of a cyberattack is not the time to figure out how to respond. An expert offers suggestions on how to create a company-specific incident-response plan.π Read
via "Tech Republic".
TechRepublic
What to do if your small business is a victim of a cyberattack
Immersed in the throes of a cyberattack is not the time to figure out how to respond. An expert offers suggestions on how to create a company-specific incident-response plan.
ποΈ Swiss exhibitions organizer MCH Group hit by cyber-attack ποΈ
π Read
via "The Daily Swig".
Investigations yet to confirm if any data was exfiltratedπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Swiss exhibitions organizer MCH Group hit by cyber-attack
Investigations yet to confirm if any data was exfiltrated
β REvil ransomware gang allegedly forced offline by law enforcement counterattacks β
π Read
via "Naked Security".
One down. Lots more to go. Here's what to do...π Read
via "Naked Security".
Naked Security
REvil ransomware gang allegedly forced offline by law enforcement counterattacks
One down. Lots more to go. Hereβs what to doβ¦
π΄ What Squid Game Teaches Us About Cybersecurity π΄
π Read
via "Dark Reading".
When life inside the security operations center feels treacherous, here are some suggestions for getting out alive.π Read
via "Dark Reading".
Dark Reading
What Squid Game Teaches Us About Cybersecurity
When life inside the security operations center feels treacherous, here are some suggestions for getting out alive.
βΌ CVE-2021-38453 βΌ
π Read
via "National Vulnerability Database".
Some API functions allow interaction with the registry, which includes reading values as well as data modification.π Read
via "National Vulnerability Database".
βΌ CVE-2021-38463 βΌ
π Read
via "National Vulnerability Database".
The affected product does not properly control the allocation of resources. A user may be able to allocate unlimited memory buffers using API functions.π Read
via "National Vulnerability Database".
βΌ CVE-2021-38451 βΌ
π Read
via "National Vulnerability Database".
The affected productΓ’β¬β’s proprietary protocol CSC allows for calling numerous function codes. In order to call those function codes, the user must supply parameters. There is no sanitation on the value of the offset, which allows the client to specify any offset and read out-of-bounds data.π Read
via "National Vulnerability Database".
βΌ CVE-2021-38473 βΌ
π Read
via "National Vulnerability Database".
The affected productΓ’β¬β’s code base doesnΓ’β¬β’t properly control arguments for specific functions, which could lead to a stack overflow.π Read
via "National Vulnerability Database".
βΌ CVE-2021-38459 βΌ
π Read
via "National Vulnerability Database".
The data of a network capture of the initial handshake phase can be used to authenticate at a SYSDBA level. If a specific .exe is not restarted often, it is possible to access the needed handshake packets between admin/client connections. Using the SYSDBA permission, an attacker can change user passwords or delete the database.π Read
via "National Vulnerability Database".
βΌ CVE-2021-38475 βΌ
π Read
via "National Vulnerability Database".
The database connection to the server is performed by calling a specific API, which could allow an unprivileged user to gain SYSDBA permissions.π Read
via "National Vulnerability Database".
βΌ CVE-2021-38465 βΌ
π Read
via "National Vulnerability Database".
The webinstaller is a Golang web server executable that enables the generation of an Auvesy image agent. Resource consumption can be achieved by generating large amounts of installations, which are then saved without limitation in the temp folder of the webinstaller executable.π Read
via "National Vulnerability Database".
βΌ CVE-2021-38479 βΌ
π Read
via "National Vulnerability Database".
Many API function codes receive raw pointers remotely from the user and trust these pointers as valid in-bound memory regions. An attacker can manipulate API functions by writing arbitrary data into the resolved address of a raw pointer.π Read
via "National Vulnerability Database".