‼ CVE-2021-43439 ‼
📖 Read
via "National Vulnerability Database".
RCE in Add Review Function in iResturant 1.0 Allows remote attacker to execute commands remotely📖 Read
via "National Vulnerability Database".
‼ CVE-2021-43440 ‼
📖 Read
via "National Vulnerability Database".
Multiple Stored XSS Vulnerabilities in the Source Code of iOrder 1.0 allow remote attackers to execute arbitrary code via signup form in the Name and Phone number field.📖 Read
via "National Vulnerability Database".
🦿 Restrict remote users to a chroot jail in Linux 🦿
📖 Read
via "Tech Republic".
Jack Wallen shows you how to restrict server users to a specific directory in Linux.📖 Read
via "Tech Republic".
TechRepublic
How to restrict server users to a specific directory in Linux
Need to lock down that Linux server so certain remote users can only access a specific directory and only for file upload and download purposes? Jack Wallen shows you how.
❌ Conti Ransomware Gang Has Full Log4Shell Attack Chain ❌
📖 Read
via "Threat Post".
Conti has become the first professional-grade, sophisticated ransomware group to weaponize Log4j2, now with a full attack chain.📖 Read
via "Threat Post".
Threat Post
Conti Ransomware Gang Has Full Log4Shell Attack Chain
Conti has become the first professional-grade, sophisticated ransomware group to weaponize Log4j2, now with a full attack chain.
‼ CVE-2021-43844 ‼
📖 Read
via "National Vulnerability Database".
MSEdgeRedirect is a tool to redirect news, search, widgets, weather, and more to a user's default browser. MSEdgeRedirect versions before 0.5.0.1 are vulnerable to Remote Code Execution via specifically crafted URLs. This vulnerability requires user interaction and the acceptance of a prompt. With how MSEdgeRedirect is coded, parameters are impossible to pass to any launched file. However, there are two possible scenarios in which an attacker can do more than a minor annoyance. In Scenario 1 (confirmed), a user visits an attacker controlled webpage; the user is prompted with, and downloads, an executable payload; the user is prompted with, and accepts, the aforementioned crafted URL prompt; and RCE executes the payload the user previously downloaded, if the download path is successfully guessed. In Scenario 2 (not yet confirmed), a user visits an attacked controlled webpage; the user is prompted with, and accepts, the aforementioned crafted URL prompt; and a payload on a remote, attacker controlled, SMB server is executed. The issue was found in the _DecodeAndRun() function, in which I incorrectly assumed _WinAPI_UrlIs() would only accept web resources. Unfortunately, file:/// passes the default _WinAPI_UrlIs check(). File paths are now directly checked for and must fail. There is no currently known exploitation of this vulnerability in the wild. A patched version, 0.5.0.1, has been released that checks for and denies these crafted URLs. There are no workarounds for this issue. Users are advised not to accept any unexpected prompts from web pages.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-35248 ‼
📖 Read
via "National Vulnerability Database".
It has been reported that any Orion user, e.g. guest accounts can query the Orion.UserSettings entity and enumerate users and their basic settings.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-43746 ‼
📖 Read
via "National Vulnerability Database".
Adobe Premiere Rush versions 1.5.16 (and earlier) allows access to an uninitialized pointer vulnerability that allows remote attackers to disclose sensitive information on affected installations. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of MP4 files. The issue results from the lack of proper initialization of memory prior to accessing it.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-43030 ‼
📖 Read
via "National Vulnerability Database".
Adobe Premiere Rush versions 1.5.16 (and earlier) allows access to an uninitialized pointer vulnerability that allows remote attackers to disclose sensitive information on affected installations. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of MP4 files. The issue results from the lack of proper initialization of memory prior to accessing it.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-22057 ‼
📖 Read
via "National Vulnerability Database".
VMware Workspace ONE Access 21.08, 20.10.0.1, and 20.10 contain an authentication bypass vulnerability. A malicious actor, who has successfully provided first-factor authentication, may be able to obtain second-factor authentication provided by VMware Verify.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-43025 ‼
📖 Read
via "National Vulnerability Database".
Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious SVG file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-43846 ‼
📖 Read
via "National Vulnerability Database".
`solidus_frontend` is the cart and storefront for the Solidus e-commerce project. Versions of `solidus_frontend` prior to 3.1.5, 3.0.5, and 2.11.14 contain a cross-site request forgery (CSRF) vulnerability that allows a malicious site to add an item to the user's cart without their knowledge. Versions 3.1.5, 3.0.5, and 2.11.14 contain a patch for this issue. The patch adds CSRF token verification to the "Add to cart" action. Adding forgery protection to a form that missed it can have some side effects. Other CSRF protection strategies as well as a workaround involving modifcation to config/application.rb` are available. More details on these mitigations are available in the GitHub Security Advisory.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-43847 ‼
📖 Read
via "National Vulnerability Database".
HumHub is an open-source social network kit written in PHP. Prior to HumHub version 1.10.3 or 1.9.3, it could be possible for registered users to become unauthorized members of private Spaces. Versions 1.10.3 and 1.9.3 contain a patch for this issue.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-43029 ‼
📖 Read
via "National Vulnerability Database".
Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious M4A file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-43748 ‼
📖 Read
via "National Vulnerability Database".
Adobe Premiere Rush versions 1.5.16 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-43021 ‼
📖 Read
via "National Vulnerability Database".
Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious EXR file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-42808 ‼
📖 Read
via "National Vulnerability Database".
Improper Access Control in Thales Sentinel Protection Installer could allow a local user to escalate privileges.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-43028 ‼
📖 Read
via "National Vulnerability Database".
Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious M4A file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-38415 ‼
📖 Read
via "National Vulnerability Database".
Fuji Electric V-Server Lite and Tellus Lite V-Simulator prior to v4.0.12.0 is vulnerable a heap-based buffer overflow when parsing a specially crafted project file, which may allow an attacker to execute arbitrary code.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-22056 ‼
📖 Read
via "National Vulnerability Database".
VMware Workspace ONE Access 21.08, 20.10.0.1, and 20.10 and Identity Manager 3.3.5, 3.3.4, and 3.3.3 contain an SSRF vulnerability. A malicious actor with network access may be able to make HTTP requests to arbitrary origins and read the full response.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-44181 ‼
📖 Read
via "National Vulnerability Database".
Adobe Dimension versions 3.4.3 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious GIF file.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-43023 ‼
📖 Read
via "National Vulnerability Database".
Adobe Premiere Rush version 1.5.16 (and earlier) is affected by a memory corruption vulnerability due to insecure handling of a malicious EPS/TIFF file, potentially resulting in arbitrary code execution in the context of the current user. User interaction is required to exploit this vulnerability.📖 Read
via "National Vulnerability Database".