‼ CVE-2021-24700 ‼
📖 Read
via "National Vulnerability Database".
The Forminator WordPress plugin before 1.15.4 does not sanitize and escape the email field label, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed📖 Read
via "National Vulnerability Database".
‼ CVE-2021-36301 ‼
📖 Read
via "National Vulnerability Database".
Dell iDRAC 9 prior to version 4.40.40.00 and iDRAC 8 prior to version 2.80.80.80 contain a Stack Buffer Overflow in Racadm. An authenticated remote attacker may potentially exploit this vulnerability to control process execution and gain access to the underlying operating system.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-38891 ‼
📖 Read
via "National Vulnerability Database".
IBM Sterling Connect:Direct Web Services 1.0 and 6.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 209508.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-38980 ‼
📖 Read
via "National Vulnerability Database".
IBM Tivoli Key Lifecycle Manager (IBM Security Guardium Key Lifecycle Manager) 3.0, 3.0.1, 4.0, and 4.1 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 212786.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-24875 ‼
📖 Read
via "National Vulnerability Database".
The eCommerce Product Catalog Plugin for WordPress plugin before 3.0.39 does not escape the ic-settings-search parameter before outputting it back in the page in an attribute, leading to a Reflected Cross-Site Scripting issue📖 Read
via "National Vulnerability Database".
‼ CVE-2021-31852 ‼
📖 Read
via "National Vulnerability Database".
A Reflected Cross-Site Scripting vulnerability in McAfee Policy Auditor prior to 6.5.2 allows a remote unauthenticated attacker to inject arbitrary web script or HTML via the UID request parameter. The malicious script is reflected unmodified into the Policy Auditor web-based interface which could lead to the extract of end user session token or login credentials. These may be used to access additional security-critical applications or conduct arbitrary cross-domain requests.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-36332 ‼
📖 Read
via "National Vulnerability Database".
Dell EMC CloudLink 7.1 and all prior versions contain a HTML and Javascript Injection Vulnerability. A remote low privileged attacker, may potentially exploit this vulnerability, directing end user to arbitrary and potentially malicious websites.📖 Read
via "National Vulnerability Database".
🦿 How to identify social media misinformation and protect your business 🦿
📖 Read
via "Tech Republic".
Social media has become an integral part of modern communications, providing valuable information to businesses and individuals. Unfortunately, some of that information is just plain wrong or misleading.📖 Read
via "Tech Republic".
TechRepublic
How to identify social media misinformation and protect your business
Social media has become an integral part of modern communications, providing valuable information to businesses and individuals. Unfortunately, some of that information is just plain wrong or misleading.
🕴 Apple Sues NSO Group for Spyware Use 🕴
📖 Read
via "Dark Reading".
The company seeks to hold Israeli firm NSO Group liable for the targeting of Apple users and requests a permanent injunction to ban its use of Apple products and services.📖 Read
via "Dark Reading".
Dark Reading
Apple Sues NSO Group for Spyware Use
The company seeks to hold Israeli firm NSO Group liable for the targeting of Apple users and requests a permanent injunction to ban its use of Apple products and services.
🕴 New Android Spyware Variants Linked to Middle Eastern APT 🕴
📖 Read
via "Dark Reading".
The new variants, improved for stealth and persistence, share code with other malware samples attributed to the C-23 APT.📖 Read
via "Dark Reading".
Dark Reading
New Android Spyware Variants Linked to Middle Eastern APT
The new variants, improved for stealth and persistence, share code with other malware samples attributed to the C-23 APT.
‼ CVE-2018-13951 ‼
📖 Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none.📖 Read
via "National Vulnerability Database".
‼ CVE-2018-13933 ‼
📖 Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none.📖 Read
via "National Vulnerability Database".
‼ CVE-2018-13880 ‼
📖 Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none.📖 Read
via "National Vulnerability Database".
‼ CVE-2015-9086 ‼
📖 Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2015. Notes: none.📖 Read
via "National Vulnerability Database".
‼ CVE-2015-9080 ‼
📖 Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2015. Notes: none.📖 Read
via "National Vulnerability Database".
‼ CVE-2018-13890 ‼
📖 Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none.📖 Read
via "National Vulnerability Database".
‼ CVE-2018-11992 ‼
📖 Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none.📖 Read
via "National Vulnerability Database".
‼ CVE-2015-9082 ‼
📖 Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2015. Notes: none.📖 Read
via "National Vulnerability Database".
‼ CVE-2015-9117 ‼
📖 Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2015. Notes: none.📖 Read
via "National Vulnerability Database".
‼ CVE-2015-9079 ‼
📖 Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2015. Notes: none.📖 Read
via "National Vulnerability Database".
‼ CVE-2018-11848 ‼
📖 Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2018. Notes: none.📖 Read
via "National Vulnerability Database".