βΌ CVE-2021-40527 βΌ
π Read
via "National Vulnerability Database".
Exposure of senstive information to an unauthorised actor in the "com.onepeloton.erlich" mobile application up to and including version 1.7.22 allows a remote attacker to access developer files stored in an AWS S3 bucket, by reading credentials stored in plain text within the mobile application.π Read
via "National Vulnerability Database".
βΌ CVE-2021-40526 βΌ
π Read
via "National Vulnerability Database".
Incorrect calculation of buffer size vulnerability in Peleton TTR01 up to and including PTV55G allows a remote attacker to trigger a Denial of Service attack through the GymKit daemon process by exploiting a heap overflow in the network server handling the Apple GymKit communication. This can lead to an Apple MFI device not being able to authenticate with the Peleton Bikeπ Read
via "National Vulnerability Database".
β Listen up 2 β CYBERSECURITY FIRST! How to protect yourself from supply chain attacks β
π Read
via "Naked Security".
Everyone remembers this year's big-news supply chain attacks on Kaseya and SolarWinds. Sophos expert Chester Wisniewski explains how to control the risk.π Read
via "Naked Security".
Naked Security
Listen up 2 β CYBERSECURITY FIRST! How to protect yourself from supply chain attacks
Everyone remembers this yearβs big-news supply chain attacks on Kaseya and SolarWinds. Sophos expert Chester Wisniewski explains how to control the risk.
ποΈ Polygon pays out record $2 million bug bounty reward for critical vulnerability ποΈ
π Read
via "The Daily Swig".
Ethical hacker bags top prize for double spend flaw in smart contractπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Polygon pays out record $2 million bug bounty reward for critical vulnerability
Ethical hacker bags top prize for double spend flaw in smart contract
ποΈ Discourse fixes critical validation-related vulnerability in forum software ποΈ
π Read
via "The Daily Swig".
We need to talk about lack of validationπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Discourse fixes critical validation-related vulnerability in forum software
We need to talk about lack of validation
β CISA Urges Sites to Patch Critical RCE in Discourse β
π Read
via "Threat Post".
The patch, urgently rushed out on Friday, is an emergency fix for the widely deployed platform, whose No. 1 most trafficked site is Amazonβs Seller Central.π Read
via "Threat Post".
Threat Post
CISA Urges Sites to Patch Critical RCE in Discourse
The patch, urgently rushed out on Friday, is an emergency fix for the widely deployed platform, whose No. 1 most trafficked site is Amazonβs Seller Central.
β Listen up 3 β CYBERSECURITY FIRST! Cyberinsurance, help or hindrance? β
π Read
via "Naked Security".
Dr Jason Nurse, Associate Professor in Cybersecurity at the University of Kent, takes on the controversial topic of cyberinsurance.π Read
via "Naked Security".
Naked Security
Listen up 3 β CYBERSECURITY FIRST! Cyberinsurance, help or hindrance?
Dr Jason Nurse, Associate Professor in Cybersecurity at the University of Kent, takes on the controversial topic of cyberinsurance.
βΌ CVE-2021-24774 βΌ
π Read
via "National Vulnerability Database".
The Check & Log Email WordPress plugin before 1.0.3 does not validate and escape the "order" and "orderby" GET parameters before using them in a SQL statement when viewing logs, leading to SQL injections issuesπ Read
via "National Vulnerability Database".
βΌ CVE-2021-24515 βΌ
π Read
via "National Vulnerability Database".
The Video Gallery ΓΒ’Γ’β¬Òβ¬Ε Vimeo and YouTube Gallery WordPress plugin through 1.1.4 does not escape the Title and Description of the videos in a gallery before outputting them in attributes, leading to Stored Cross-Site Scripting issuesπ Read
via "National Vulnerability Database".
βΌ CVE-2021-24608 βΌ
π Read
via "National Vulnerability Database".
The Formidable Form Builder ΓΒ’Γ’β¬Òβ¬Ε Contact Form, Survey & Quiz Forms Plugin for WordPress plugin before 5.0.07 does not sanitise and escape its Form's Labels, allowing high privileged users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowedπ Read
via "National Vulnerability Database".
βΌ CVE-2021-24489 βΌ
π Read
via "National Vulnerability Database".
The Request a Quote WordPress plugin before 2.3.5 does not sanitise, validate or escape some of its settings in the admin dashboard, leading to authenticated Stored Cross-Site Scripting issues even when the unfiltered_html capability is disallowed.π Read
via "National Vulnerability Database".
βΌ CVE-2021-24884 βΌ
π Read
via "National Vulnerability Database".
The Formidable Form Builder WordPress plugin before 4.09.05 allows to inject certain HTML Tags like <audio>,<video>,<img>,<a> and<button>.This could allow an unauthenticated, remote attacker to exploit a HTML-injection byinjecting a malicous link. The HTML-injection may trick authenticated users to follow the link. If the Link gets clicked, Javascript code can be executed. The vulnerability is due to insufficient sanitization of the "data-frmverify" tag for links in the web-based entry inspection page of affected systems. A successful exploitation incomibantion with CSRF could allow the attacker to perform arbitrary actions on an affected system with the privileges of the user. These actions include stealing the users account by changing their password or allowing attackers to submit their own code through an authenticated user resulting in Remote Code Execution. If an authenticated user who is able to edit Wordpress PHP Code in any kind, clicks the malicious link, PHP code can be edited.π Read
via "National Vulnerability Database".
βΌ CVE-2021-0939 βΌ
π Read
via "National Vulnerability Database".
In set_default_passthru_cfg of passthru.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-186026549References: N/Aπ Read
via "National Vulnerability Database".
βΌ CVE-2021-0410 βΌ
π Read
via "National Vulnerability Database".
In flv extractor, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05561360; Issue ID: ALPS05561360.π Read
via "National Vulnerability Database".
βΌ CVE-2020-7859 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2020-14264 βΌ
π Read
via "National Vulnerability Database".
"HCL Traveler Companion is vulnerable to an iOS weak cryptographic process vulnerability via the included MobileIron AppConnect SDK"π Read
via "National Vulnerability Database".
βΌ CVE-2021-0414 βΌ
π Read
via "National Vulnerability Database".
In flv extractor, there is a possible out of bounds read due to a heap buffer overflow. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05561384; Issue ID: ALPS05561384.π Read
via "National Vulnerability Database".
βΌ CVE-2021-0633 βΌ
π Read
via "National Vulnerability Database".
In display driver, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05585423; Issue ID: ALPS05585423.π Read
via "National Vulnerability Database".
βΌ CVE-2021-0409 βΌ
π Read
via "National Vulnerability Database".
In flv extractor, there is a possible out of bounds read due to an incorrect bounds check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS05561359; Issue ID: ALPS05561359.π Read
via "National Vulnerability Database".
βΌ CVE-2021-0935 βΌ
π Read
via "National Vulnerability Database".
In ip6_xmit of ip6_output.c, there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-168607263References: Upstream kernelπ Read
via "National Vulnerability Database".
βΌ CVE-2021-24544 βΌ
π Read
via "National Vulnerability Database".
The Responsive WordPress Slider WordPress plugin through 2.2.0 does not sanitise and escape some of the Slider options, allowing Cross-Site Scripting payloads to be set in them. Furthermore, as by default any authenticated user is allowed to create Sliders (https://wordpress.org/support/topic/slider-can-be-changed-from-any-user-even-subscriber/, such settings can be changed in the plugin's settings), this would allow user with a role as low as subscriber to perform Cross-Site Scripting attacks against logged in admins viewing the slider list and could lead to privilege escalation by creating a rogue admin account for example.π Read
via "National Vulnerability Database".