‼ CVE-2019-5863 ‼
📖 Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-37979 ‼
📖 Read
via "National Vulnerability Database".
heap buffer overflow in WebRTC in Google Chrome prior to 94.0.4606.81 allowed a remote attacker who convinced a user to browse to a malicious website to potentially exploit heap corruption via a crafted HTML page.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-37977 ‼
📖 Read
via "National Vulnerability Database".
Use after free in Garbage Collection in Google Chrome prior to 94.0.4606.81 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.📖 Read
via "National Vulnerability Database".
‼ CVE-2018-6044 ‼
📖 Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2018-16064. Reason: This candidate is a reservation duplicate of CVE-2018-16064. Notes: All CVE users should reference CVE-2018-16064 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.📖 Read
via "National Vulnerability Database".
🕴 Attackers Flaunt Remote Access Credentials, Threaten Supply Chain 🕴
📖 Read
via "Dark Reading".
Attackers advertise access to computers within shipping and logistics companies as the global supply chain struggles to meet post-COVID demands.📖 Read
via "Dark Reading".
Dark Reading
Attackers Flaunt Remote Access Credentials, Threaten Supply Chain
Attackers advertise access to computers within shipping and logistics companies as the global supply chain struggles to meet post-COVID demands.
📢 McAfee Total Protection review: Expensive at full price 📢
📖 Read
via "ITPro".
Protects your PC and includes a decent firewall, but costly and less effective than some rivals📖 Read
via "ITPro".
IT PRO
McAfee Total Protection review: Expensive at full price | IT PRO
Protects your PC and includes a decent firewall, but costly and less effective than some rivals
📢 What is end-to-end encryption and why is everyone fighting over it? 📢
📖 Read
via "ITPro".
End-to-end encryption is considered one of the best ways to protect user data, but not everyone thinks it's a good idea📖 Read
via "ITPro".
IT PRO
What is end-to-end encryption and why is everyone fighting over it? | IT PRO
End-to-end encryption is considered one of the best ways to protect user data, but not everyone thinks it's a good idea
📢 17 Windows 10 problems - and how to fix them 📢
📖 Read
via "ITPro".
Tips and tricks for everything from upgrade issues and freeing up storage, to solving privacy errors and using safe mode📖 Read
via "ITPro".
ITPro
17 common Windows 10 problems and how to fix them
Tips and tricks to help you solve the most common Windows 10 problems, whether that's freeing up storage or handling safe mode
📢 Hackers could use new Wslink malware in highly targeted cyber attacks 📢
📖 Read
via "ITPro".
Malware acts as a server, but its origins baffle boffins📖 Read
via "ITPro".
IT PRO
Hackers could use new Wslink malware in highly targeted cyber attacks | IT PRO
Malware acts as a server, but its origins baffle boffins
📢 Celebrity data leaked after ransomware attack on London's Graff jewellers 📢
📖 Read
via "ITPro".
Russia-based Conti ransomware group is demanding tens of millions in cryptocurrency📖 Read
via "ITPro".
IT PRO
Celebrity data leaked after ransomware attack on London's Graff jewellers | IT PRO
Russia-based Conti ransomware group is demanding tens of millions in cryptocurrency
📢 Manufacturers forced to improve cyber security of wireless devices under new EU rule 📢
📖 Read
via "ITPro".
Businesses will have 30 months to comply with the new rules if they want to ship their products to the EU📖 Read
via "ITPro".
IT PRO
Manufacturers forced to improve cyber security of wireless devices under new EU rule | IT PRO
Businesses will have 30 months to comply with the new rules if they want to ship their products to the EU
📢 Apple's ad transparency policy has cost Facebook, YouTube, Snap almost $10 billion so far 📢
📖 Read
via "ITPro".
Estimate from the Financial Times says Facebook has been hit hardest by new rule requiring user consent📖 Read
via "ITPro".
IT PRO
Apple's ad transparency policy has cost Facebook, YouTube, Snap almost $10 billion so far | IT PRO
Estimate from the Financial Times says Facebook has been hit hardest by new rule requiring user consent
📢 Microsoft Exchange Servers are being used to distribute SquirrelWaffle malware 📢
📖 Read
via "ITPro".
Exploiting an unpatched Exchange Server vulnerability and a less-than-foolproof malicious URL strategy is leading to mounting infections in businesses📖 Read
via "ITPro".
ITPro
Microsoft Exchange Servers are being used to distribute Qakbot malware
Exploiting an unpatched Exchange Server vulnerability and a less-than-foolproof malicious URL strategy is leading to mounting infections in businesses
‼ CVE-2021-43267 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-Process Communication (TIPC) functionality allows remote attackers to exploit insufficient validation of user-supplied sizes for the MSG_CRYPTO message type.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-37982 ‼
📖 Read
via "National Vulnerability Database".
Use after free in Incognito in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-43264 ‼
📖 Read
via "National Vulnerability Database".
In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, adjusting the path component for the page help file allows attackers to bypass the intended access control for HTML files via directory traversal. It replaces the - character with the / character.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-37993 ‼
📖 Read
via "National Vulnerability Database".
Use after free in PDF Accessibility in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-43270 ‼
📖 Read
via "National Vulnerability Database".
Datalust Seq.App.HtmlEmail (aka Seq.App.EmailPlus) 3.1.0-dev-00148, 3.1.0-dev-00170, and 3.1.0-dev-00176 can use cleartext SMTP on port 25 in some cases where encryption on port 465 was intended.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-37991 ‼
📖 Read
via "National Vulnerability Database".
Race in V8 in Google Chrome prior to 95.0.4638.54 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-42697 ‼
📖 Read
via "National Vulnerability Database".
Akka HTTP 10.1.x and 10.2.x before 10.2.7 can encounter stack exhaustion while parsing HTTP headers, which allows a remote attacker to conduct a Denial of Service attack by sending a User-Agent header with deeply nested comments.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-37990 ‼
📖 Read
via "National Vulnerability Database".
Inappropriate implementation in WebView in Google Chrome on Android prior to 95.0.4638.54 allowed a remote attacker to leak cross-origin data via a crafted app.📖 Read
via "National Vulnerability Database".