βΌ CVE-2021-20876 βΌ
π Read
via "National Vulnerability Database".
Path traversal vulnerability in GroupSession Free edition ver5.1.1 and earlier, GroupSession byCloud ver5.1.1 and earlier, and GroupSession ZION ver5.1.1 and earlier allows an attacker with an administrative privilege to obtain sensitive information stored in the hierarchy above the directory on the published site's server via unspecified vectors.π Read
via "National Vulnerability Database".
βΌ CVE-2021-20827 βΌ
π Read
via "National Vulnerability Database".
Plaintext storage of a password vulnerability in IDEC PLCs (FC6A Series MICROSmart All-in-One CPU module v2.32 and earlier, FC6A Series MICROSmart Plus CPU module v1.91 and earlier, WindLDR v8.19.1 and earlier, WindEDIT Lite v1.3.1 and earlier, and Data File Manager v2.12.1 and earlier) allows an attacker to obtain the PLC Web server user credentials from file servers, backup repositories, or ZLD files saved in SD cards. As a result, the attacker may access the PLC Web server and hijack the PLC, and manipulation of the PLC output and/or suspension of the PLC may be conducted.π Read
via "National Vulnerability Database".
βΌ CVE-2021-20874 βΌ
π Read
via "National Vulnerability Database".
Incorrect permission assignment for critical resource vulnerability in GroupSession Free edition ver5.1.1 and earlier, GroupSession byCloud ver5.1.1 and earlier, and GroupSession ZION ver5.1.1 and earlier allows a remote unauthenticated attacker to access arbitrary files on the server and obtain sensitive information via unspecified vectors.π Read
via "National Vulnerability Database".
βΌ CVE-2021-20875 βΌ
π Read
via "National Vulnerability Database".
Open redirect vulnerability in GroupSession Free edition ver5.1.1 and earlier, GroupSession byCloud ver5.1.1 and earlier, and GroupSession ZION ver5.1.1 and earlier allows a remote unauthenticated attacker to redirect users to arbitrary web sites and conduct phishing attacks by having a user to access a specially crafted URL.π Read
via "National Vulnerability Database".
βΌ CVE-2021-20826 βΌ
π Read
via "National Vulnerability Database".
Unprotected transport of credentials vulnerability in IDEC PLCs (FC6A Series MICROSmart All-in-One CPU module v2.32 and earlier, FC6A Series MICROSmart Plus CPU module v1.91 and earlier, WindLDR v8.19.1 and earlier, WindEDIT Lite v1.3.1 and earlier, and Data File Manager v2.12.1 and earlier) allows an attacker to obtain the PLC Web server user credentials from the communication between the PLC and the software. As a result, the complete access privileges to the PLC Web server may be obtained, and manipulation of the PLC output and/or suspension of the PLC may be conducted.π Read
via "National Vulnerability Database".
βΌ CVE-2021-23772 βΌ
π Read
via "National Vulnerability Database".
This affects all versions of package github.com/kataras/iris; all versions of package github.com/kataras/iris/v12. The unsafe handling of file names during upload using UploadFormFiles method may enable attackers to write to arbitrary locations outside the designated target folder.π Read
via "National Vulnerability Database".
ποΈ #12DaysofSwigmas β Happy Holidays from The Daily Swig ποΈ
π Read
via "The Daily Swig".
On the 12th Day of Swigmas, The Daily Swig gave to meβ¦π Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
#12DaysofSwigmas β Happy Holidays from The Daily Swig
On the 12th Day of Swigmas, The Daily Swig gave to meβ¦
βΌ CVE-2021-4072 βΌ
π Read
via "National Vulnerability Database".
elgg is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')π Read
via "National Vulnerability Database".
β The cool retro phone with a REAL DIALβ¦ plus plenty of IoT problems β
π Read
via "Naked Security".
You know you want one, because this retro phone is NOT A TOY... except when it comes to cybersecurity.π Read
via "Naked Security".
Naked Security
The cool retro phone with a REAL DIAL⦠plus plenty of IoT problems
You know you want one, because this retro phone is NOT A TOY⦠except when it comes to cybersecurity.
π¦Ώ Switch to a well-paid tech career in 2022: Check out these 200+ IT courses π¦Ώ
π Read
via "Tech Republic".
Training for a lucrative tech career is easier and less expensive than you might think. Check out these online courses on programming, cybersecurity, project management and more.π Read
via "Tech Republic".
TechRepublic
Switch to a well-paid tech career in 2022: Check out these 200+ IT courses
Training for a lucrative tech career is easier and less expensive than you might think. Check out these online courses on programming, cybersecurity, project management and more.
β SFW! The Top N CyberΒsecurity Stories of 2021 (for small positive integer values of N) β
π Read
via "Naked Security".
Happy Holidays! Our Top N stories, all totally SFW!π Read
via "Naked Security".
Naked Security
SFW! The Top N CyberΒsecurity Stories of 2021 (for small positive integer values of N)
Happy Holidays! Our Top N stories, all totally SFW!
βΌ CVE-2021-37567 βΌ
π Read
via "National Vulnerability Database".
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols.π Read
via "National Vulnerability Database".
βΌ CVE-2021-32468 βΌ
π Read
via "National Vulnerability Database".
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol.π Read
via "National Vulnerability Database".
βΌ CVE-2021-37560 βΌ
π Read
via "National Vulnerability Database".
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol.π Read
via "National Vulnerability Database".
βΌ CVE-2021-32469 βΌ
π Read
via "National Vulnerability Database".
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol.π Read
via "National Vulnerability Database".
βΌ CVE-2021-37565 βΌ
π Read
via "National Vulnerability Database".
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols.π Read
via "National Vulnerability Database".
βΌ CVE-2021-37562 βΌ
π Read
via "National Vulnerability Database".
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol.π Read
via "National Vulnerability Database".
βΌ CVE-2021-37583 βΌ
π Read
via "National Vulnerability Database".
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols.π Read
via "National Vulnerability Database".
βΌ CVE-2021-37584 βΌ
π Read
via "National Vulnerability Database".
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle the WPS (Wi-Fi Protected Setup) protocol.π Read
via "National Vulnerability Database".
βΌ CVE-2021-37571 βΌ
π Read
via "National Vulnerability Database".
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols.π Read
via "National Vulnerability Database".
βΌ CVE-2021-37570 βΌ
π Read
via "National Vulnerability Database".
MediaTek microchips, as used in NETGEAR devices through 2021-11-11 and other devices, mishandle IEEE 1905 protocols.π Read
via "National Vulnerability Database".