β βSeedwormβ Attackers Target Telcos in Asia, Middle East β
π Read
via "Threat Post".
The focused attacks aimed at cyberespionage and lateral movement appear to hint at further ambitions by the group, including supply-chain threats.π Read
via "Threat Post".
Threat Post
βSeedwormβ Attackers Target Telcos in Asia, Middle East
The focused attacks aimed at cyberespionage and lateral movement appear to hint at further ambitions by the group, including supply-chain threats.
ποΈ Severe Chrome bug allowed RCE on devices running remote headless interface ποΈ
π Read
via "The Daily Swig".
Attackers could read and write arbitrary files to a deviceβs hard driveπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Severe Chrome bug allowed RCE on devices running remote headless interface
Attackers could read and write arbitrary files to a deviceβs hard drive
π΄ Combat Misinformation by Getting Back to Security Basics π΄
π Read
via "Dark Reading".
One volley of fake news may land, but properly trained AI can shut down similar attempts at their sources.π Read
via "Dark Reading".
Dark Reading
Combat Misinformation by Getting Back to Security Basics
One volley of fake news may land, but properly trained AI can shut down similar attempts at their sources.
βΌ CVE-2021-45014 βΌ
π Read
via "National Vulnerability Database".
There is an upload sql injection vulnerability in the background of taocms 3.0.2 in parameter id:action=cms&ctrl=update&id=26π Read
via "National Vulnerability Database".
βΌ CVE-2021-44538 βΌ
π Read
via "National Vulnerability Database".
The olm_session_describe function in Matrix libolm before 3.2.7 is vulnerable to a buffer overflow. The Olm session object represents a cryptographic channel between two parties. Therefore, its state is partially controllable by the remote party of the channel. Attackers can construct a crafted sequence of messages to manipulate the state of the receiver's session in such a way that, for some buffer sizes, a buffer overflow happens on a call to olm_session_describe. Furthermore, safe buffer sizes were undocumented. The overflow content is partially controllable by the attacker and limited to ASCII spaces and digits. The known affected products are Element Web And SchildiChat Web.π Read
via "National Vulnerability Database".
βΌ CVE-2021-45015 βΌ
π Read
via "National Vulnerability Database".
taocms 3.0.2 is vulnerable to arbitrary file deletion via taocms\include\Model\file.php from line 60 to line 72.π Read
via "National Vulnerability Database".
βΌ CVE-2021-3376 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in Cuppa CMS Versions Before 31 Jan 2021 allows authenticated attackers to gain escalated privileges via a crafted POST request using the user_group_id_field parameter.π Read
via "National Vulnerability Database".
βΌ CVE-2021-44935 βΌ
π Read
via "National Vulnerability Database".
glFusion CMS v1.7.9 is affected by an arbitrary user impersonation vulnerability in /public_html/comment.php. The attacker can complete the attack remotely without interaction.π Read
via "National Vulnerability Database".
βΌ CVE-2021-36721 βΌ
π Read
via "National Vulnerability Database".
Sysaid API User Enumeration - Attacker sending requests to specific api path without any authorization before 21.3.60 version could get users names from the LDAP server.π Read
via "National Vulnerability Database".
βΌ CVE-2021-44937 βΌ
π Read
via "National Vulnerability Database".
glFusion CMS v1.7.9 is affected by an arbitrary user registration vulnerability in /public_html/users.php. An attacker can register with the mailbox of any user. When users want to register, they will find that the mailbox has been occupied.π Read
via "National Vulnerability Database".
ποΈ PyPI admins remove three malicious packages after more than 10,000 downloads ποΈ
π Read
via "The Daily Swig".
Two packages lay undiscovered for 10 monthsπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
PyPI admins remove three malicious packages after more than 10,000 downloads
Two packages lay undiscovered for 10 months
π¦Ώ How to test if your Linux server is vulnerable to Log4j π¦Ώ
π Read
via "Tech Republic".
Log4j is a serious vulnerability that has swept across the IT landscape quickly. Here's a single command you can run to test and see if you have any vulnerable packages installed.π Read
via "Tech Republic".
TechRepublic
How to test if your Linux server is vulnerable to Log4j
Log4j is a serious vulnerability that has swept across the IT landscape quickly. Here's a single command you can run to test and see if you have any vulnerable packages installed.
βΌ CVE-2021-42061 βΌ
π Read
via "National Vulnerability Database".
SAP BusinessObjects Business Intelligence Platform (Web Intelligence) - version 420, does not sufficiently encode user-controlled inputs, resulting in Cross-Site Scripting (XSS) vulnerability. This allows a low privileged attacker to retrieve some data from the victim but will never be able to modify the document and publish these modifications to the server. It impacts the "Quick Prompt" workflow.π Read
via "National Vulnerability Database".
βΌ CVE-2021-42068 βΌ
π Read
via "National Vulnerability Database".
When a user opens a manipulated GIF (.gif) file received from untrusted sources in SAP 3D Visual Enterprise Viewer - version 9.0, the application crashes and becomes temporarily unavailable to the user until restart of the application.π Read
via "National Vulnerability Database".
βΌ CVE-2021-42066 βΌ
π Read
via "National Vulnerability Database".
SAP Business One - version 10.0, allows an admin user to view DB password in plain text over the network, which should otherwise be encrypted. For an attacker to discover vulnerable function in-depth application knowledge is required, but once exploited the attacker may be able to completely compromise confidentiality, integrity, and availability of the application.π Read
via "National Vulnerability Database".
βΌ CVE-2021-39311 βΌ
π Read
via "National Vulnerability Database".
The link-list-manager WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the category parameter found in the ~/llm.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.0.π Read
via "National Vulnerability Database".
βΌ CVE-2021-39310 βΌ
π Read
via "National Vulnerability Database".
The Real WYSIWYG WordPress plugin is vulnerable to Reflected Cross-Site Scripting due to the use of PHP_SELF in the ~/real-wysiwyg.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 0.0.2.π Read
via "National Vulnerability Database".
βΌ CVE-2021-4007 βΌ
π Read
via "National Vulnerability Database".
Rapid7 Insight Agent, versions 3.0.1 to 3.1.2.34, suffer from a local privilege escalation due to an uncontrolled DLL search path. Specifically, when Insight Agent versions 3.0.1 to 3.1.2.34 start, the Python interpreter attempts to load python3.dll at "C:\DLLs\python3.dll," which normally is writable by locally authenticated users. Because of this, a malicious local user could use Insight Agent's startup conditions to elevate to SYSTEM privileges. This issue was fixed in Rapid7 Insight Agent 3.1.2.35. This vulnerability is a regression of CVE-2019-5629.π Read
via "National Vulnerability Database".
βΌ CVE-2021-41066 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in Listary through 6. When Listary is configured as admin, Listary will not ask for permissions again if a user tries to access files on the system from Listary itself (it will bypass UAC protection; there is no privilege validation of the current user that runs via Listary).π Read
via "National Vulnerability Database".
βΌ CVE-2021-3836 βΌ
π Read
via "National Vulnerability Database".
dbeaver is vulnerable to Improper Restriction of XML External Entity Referenceπ Read
via "National Vulnerability Database".
βΌ CVE-2021-39312 βΌ
π Read
via "National Vulnerability Database".
The True Ranker plugin <= 2.2.2 for WordPress allows arbitrary files, including sensitive configuration files such as wp-config.php, to be accessed via the src parameter found in the ~/admin/vendor/datatables/examples/resources/examples.php file.π Read
via "National Vulnerability Database".