βΌ CVE-2021-22404 βΌ
π Read
via "National Vulnerability Database".
There is a Directory traversal vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.π Read
via "National Vulnerability Database".
βΌ CVE-2021-22401 βΌ
π Read
via "National Vulnerability Database".
There is a Remote DoS vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability can affect service integrity.π Read
via "National Vulnerability Database".
βΌ CVE-2021-36995 βΌ
π Read
via "National Vulnerability Database".
There is an Unauthorized file access vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability by modifying soft links may tamper with the files restored from backups.π Read
via "National Vulnerability Database".
βΌ CVE-2021-22456 βΌ
π Read
via "National Vulnerability Database".
A component of the HarmonyOS has a Data Processing Errors vulnerability. Local attackers may exploit this vulnerability to cause Kernel System unavailable.π Read
via "National Vulnerability Database".
βΌ CVE-2021-22457 βΌ
π Read
via "National Vulnerability Database".
A component of the HarmonyOS has a Improper Input Validation vulnerability. Local attackers may exploit this vulnerability to cause out-of-bounds write.π Read
via "National Vulnerability Database".
βΌ CVE-2021-22455 βΌ
π Read
via "National Vulnerability Database".
A component of the HarmonyOS has a Integer Overflow or Wraparound vulnerability. Local attackers may exploit this vulnerability to cause the memory which is not released.π Read
via "National Vulnerability Database".
βΌ CVE-2021-22487 βΌ
π Read
via "National Vulnerability Database".
There is an Out-of-bounds read vulnerability in Huawei Smartphone. Successful exploitation of this vulnerability may affect service availability.π Read
via "National Vulnerability Database".
βΌ CVE-2021-22459 βΌ
π Read
via "National Vulnerability Database".
A component of the HarmonyOS has a NULL Pointer Dereference vulnerability. Local attackers may exploit this vulnerability to cause System functions which are unavailable.π Read
via "National Vulnerability Database".
βΌ CVE-2021-22407 βΌ
π Read
via "National Vulnerability Database".
There is a Configuration defects in Huawei Smartphone.Successful exploitation of this vulnerability may affect service confidentiality.π Read
via "National Vulnerability Database".
βΌ CVE-2021-22405 βΌ
π Read
via "National Vulnerability Database".
There is a Configuration defects in Huawei Smartphone.Successful exploitation of this vulnerability may affect service availability.π Read
via "National Vulnerability Database".
βΌ CVE-2021-22452 βΌ
π Read
via "National Vulnerability Database".
A component of the HarmonyOS has a Improper Input Validation vulnerability. Local attackers may exploit this vulnerability to read at any address.π Read
via "National Vulnerability Database".
βΌ CVE-2021-36991 βΌ
π Read
via "National Vulnerability Database".
There is an Unauthorized file access vulnerability in Huawei Smartphone due to unstandardized path input.Successful exploitation of this vulnerability by creating malicious file paths can cause unauthorized file access.π Read
via "National Vulnerability Database".
βΌ CVE-2021-22402 βΌ
π Read
via "National Vulnerability Database".
There is a DoS vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability may cause DoS attacks.π Read
via "National Vulnerability Database".
βΌ CVE-2021-22451 βΌ
π Read
via "National Vulnerability Database".
A component of the HarmonyOS has a Integer Overflow or Wraparound vulnerability. Local attackers may exploit this vulnerability to cause memory overwriting.π Read
via "National Vulnerability Database".
βΌ CVE-2021-22406 βΌ
π Read
via "National Vulnerability Database".
There is an Uncaught Exception vulnerability in Huawei Smartphone.Successful exploitation of this vulnerability will cause the app to exit unexpectedly.π Read
via "National Vulnerability Database".
ποΈ Critical flaw in GoCD provides platform for supply chain attacks ποΈ
π Read
via "The Daily Swig".
Vulnerability in software used by Fortune 500 firms raises fears of SolarWinds-like impactπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Critical flaw in GoCD provides platform for supply chain attacks
Vulnerability in software used by Fortune 500 firms raises fears of SolarWinds-like impact
π¦Ώ How to prepare your team to address a significant security issue π¦Ώ
π Read
via "Tech Republic".
As you work to resolve a security issue, technical knowledge is necessaryβand a team with a broad base of expertise is invaluable.π Read
via "Tech Republic".
TechRepublic
How to prepare your team to address a significant security issue
As you work to resolve a security issue, technical knowledge is necessaryβand a team with a broad base of expertise is invaluable.
ποΈ WordPress plugin vulnerability opened up one million sites to remote takeover ποΈ
π Read
via "The Daily Swig".
Gaping OptinMonster security hole patchedπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
WordPress plugin vulnerability opened up one million sites to remote takeover
Gaping OptinMonster security hole patched
π TOR Virtual Network Tunneling Tool 0.4.6.8 π
π Read
via "Packet Storm Security".
Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs). This is the source code release.π Read
via "Packet Storm Security".
Packetstormsecurity
TOR Virtual Network Tunneling Tool 0.4.6.8 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
β EUβs Green Pass Vaccination ID Private Key Leaked β
π Read
via "Threat Post".
The private key used to sign the vaccine passports was leaked and is being passed around to create fake passes for the likes of Mickey Mouse and Adolf Hitler.π Read
via "Threat Post".
Threat Post
UPDATE: EUβs Green Pass Vaccination ID Private Key Leaked or Forged
UPDATE: French & Polish authorities found no sign of cryptographic compromise in the leak of the private key used to sign the vaccine passports and to create fake passes for Mickey Mouse and Adolf Hitler, et al.
βΌ CVE-2021-3823 βΌ
π Read
via "National Vulnerability Database".
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in the UpdateServer component of Bitdefender GravityZone allows an attacker to execute arbitrary code on vulnerable instances. This issue affects: Bitdefender GravityZone versions prior to 3.3.8.249.π Read
via "National Vulnerability Database".