‼ CVE-2021-43850 ‼
📖 Read
via "National Vulnerability Database".
Discourse is an open source platform for community discussion. In affected versions admins users can trigger a Denial of Service attack via the `/message-bus/_diagnostics` path. The impact of this vulnerability is greater on multisite Discourse instances (where multiple forums are served from a single application server) where any admin user on any of the forums are able to visit the `/message-bus/_diagnostics` path. The problem has been patched. Please upgrade to 2.8.0.beta10 or 2.7.12. No workarounds for this issue exist.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-43677 ‼
📖 Read
via "National Vulnerability Database".
Fluxbb v1.4.12 is affected by a Cross Site Scripting (XSS) vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-21648 ‼
📖 Read
via "National Vulnerability Database".
Latte is an open source template engine for PHP. Versions since 2.8.0 Latte has included a template sandbox and in affected versions it has been found that a sandbox escape exists allowing for injection into web pages generated from Latte. This may lead to XSS attacks. The issue is fixed in the versions 2.8.8, 2.9.6 and 2.10.8. Users unable to upgrade should not accept template input from untrusted sources.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-21647 ‼
📖 Read
via "National Vulnerability Database".
CodeIgniter is an open source PHP full-stack web framework. Deserialization of Untrusted Data was found in the `old()` function in CodeIgniter4. Remote attackers may inject auto-loadable arbitrary objects with this vulnerability, and possibly execute existing PHP code on the server. We are aware of a working exploit, which can lead to SQL injection. Users are advised to upgrade to v4.1.6 or later. Users unable to upgrade as advised to not use the `old()` function and form_helper nor `RedirectResponse::withInput()` and `redirect()->withInput()`.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-43852 ‼
📖 Read
via "National Vulnerability Database".
OroPlatform is a PHP Business Application Platform. In affected versions by sending a specially crafted request, an attacker could inject properties into existing JavaScript language construct prototypes, such as objects. Later this injection may lead to JS code execution by libraries that are vulnerable to Prototype Pollution. This issue has been patched in version 4.2.8. Users unable to upgrade may configure a firewall to drop requests containing next strings: `__proto__` , `constructor[prototype]`, and `constructor.prototype` to mitigate this issue.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-21643 ‼
📖 Read
via "National Vulnerability Database".
USOC is an open source CMS with a focus on simplicity. In affected versions USOC allows for SQL injection via register.php. In particular usernames, email addresses, and passwords provided by the user were not sanitized and were used directly to construct a sql statement. Users are advised to upgrade as soon as possible. There are not workarounds for this issue.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-24042 ‼
📖 Read
via "National Vulnerability Database".
The calling logic for WhatsApp for Android prior to v2.21.23, WhatsApp Business for Android prior to v2.21.23, WhatsApp for iOS prior to v2.21.230, WhatsApp Business for iOS prior to v2.21.230, WhatsApp for KaiOS prior to v2.2143, WhatsApp Desktop prior to v2.2146 could have allowed an out-of-bounds write if a user makes a 1:1 call to a malicious actor.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-21644 ‼
📖 Read
via "National Vulnerability Database".
USOC is an open source CMS with a focus on simplicity. In affected versions USOC allows for SQL injection via usersearch.php. In search terms provided by the user were not sanitized and were used directly to construct a sql statement. The only users permitted to search are site admins. Users are advised to upgrade as soon as possible. There are not workarounds for this issue.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-41141 ‼
📖 Read
via "National Vulnerability Database".
PJSIP is a free and open source multimedia communication library written in the C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In various parts of PJSIP, when error/failure occurs, it is found that the function returns without releasing the currently held locks. This could result in a system deadlock, which cause a denial of service for the users. No release has yet been made which contains the linked fix commit. All versions up to an including 2.11.1 are affected. Users may need to manually apply the patch.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-41610 ‼
📖 Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2020-27339. Reason: This candidate is a reservation duplicate of CVE-2020-27339. Notes: All CVE users should reference CVE-2020-27339 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.📖 Read
via "National Vulnerability Database".
🕴 McMenamins Breach Affected 23 Years of Employee Data 🕴
📖 Read
via "Dark Reading".
The Oregon-based hospitality and dining business reports the data was compromised in a Dec. 12 ransomware attack.📖 Read
via "Dark Reading".
Dark Reading
McMenamins Breach Affected 23 Years of Employee Data
The Oregon-based hospitality and dining business reports the data was compromised in a Dec. 12 ransomware attack.
🕴 Attackers Exploit Log4j Flaws in Hands-on-Keyboard Attacks to Drop Reverse Shells 🕴
📖 Read
via "Dark Reading".
Microsoft says vulnerabilities present a "real and present" danger, citing high volume of scanning and attack activity targeting the widely used Apache logging framework.📖 Read
via "Dark Reading".
Dark Reading
Attackers Exploit Log4j Flaws in Hands-on-Keyboard Attacks to Drop Reverse Shells
Microsoft says vulnerabilities present a "real and present" danger, citing high volume of scanning and attack activity targeting the widely used Apache logging framework.
🦿 Google makes the perfect case for why you shouldn't use Chrome 🦿
📖 Read
via "Tech Republic".
Google says Manifest V3 is focused on security, privacy and performance, but it could also break Chrome browser extensions used by millions of people.📖 Read
via "Tech Republic".
TechRepublic
Google makes the perfect case for why you shouldn't use Chrome
Google says Manifest V3 is focused on security, privacy and performance, but it could also break Chrome browser extensions used by millions of people.
❌ Microsoft Sees Rampant Log4j Exploit Attempts, Testing ❌
📖 Read
via "Threat Post".
Microsoft says it's only going to get worse: It's seen state-sponsored and cyber-criminal attackers probing systems for the Log4Shell flaw through the end of December.📖 Read
via "Threat Post".
Threat Post
Microsoft Sees Rampant Log4j Exploit Attempts, Testing
Microsoft says it's only going to get worse: It's seen state-sponsored and cyber-criminal attackers probing systems for the Log4Shell flaw through the end of December.
‼ CVE-2022-21649 ‼
📖 Read
via "National Vulnerability Database".
Convos is an open source multi-user chat that runs in a web browser. Characters starting with "https://" in the chat window create an <a> tag. Stored XSS vulnerability using onfocus and autofocus occurs because escaping exists for "<" or ">" but escaping for double quotes does not exist. Through this vulnerability, an attacker is capable to execute malicious scripts. Users are advised to update as soon as possible.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-41388 ‼
📖 Read
via "National Vulnerability Database".
Netskope client prior to 89.x on macOS is impacted by a local privilege escalation vulnerability. The XPC implementation of nsAuxiliarySvc process does not perform validation on new connections before accepting the connection. Thus any low privileged user can connect and call external methods defined in XPC service as root, elevating their privilege to the highest level.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-21650 ‼
📖 Read
via "National Vulnerability Database".
Convos is an open source multi-user chat that runs in a web browser. You can't use SVG extension in Convos' chat window, but you can upload a file with an .html extension. By uploading an SVG file with an html extension the upload filter can be bypassed. This causes Stored XSS. Also, after uploading a file the XSS attack is triggered upon a user viewing the file. Through this vulnerability, an attacker is capable to execute malicious scripts. Users are advised to update as soon as possible.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-22045 ‼
📖 Read
via "National Vulnerability Database".
VMware ESXi (7.0, 6.7 before ESXi670-202111101-SG and 6.5 before ESXi650-202110101-SG), VMware Workstation (16.2.0) and VMware Fusion (12.2.0) contains a heap-overflow vulnerability in CD-ROM device emulation. A malicious actor with access to a virtual machine with CD-ROM device emulation may be able to exploit this vulnerability in conjunction with other issues to execute code on the hypervisor from a virtual machine.📖 Read
via "National Vulnerability Database".
🕴 CrowdStrike Incorporates Intel CPU Telemetry into Falcon Sensor 🕴
📖 Read
via "Dark Reading".
The Falcon sensor uses Intel PT telemetry to identify suspicious operations associated with hard-to-detect exploit techniques.📖 Read
via "Dark Reading".
Dark Reading
CrowdStrike Incorporates Intel CPU Telemetry Into Falcon Sensor
The Falcon sensor uses Intel PT telemetry to identify suspicious operations associated with hard-to-detect exploit techniques.
‼ CVE-2021-43946 ‼
📖 Read
via "National Vulnerability Database".
Affected versions of Atlassian Jira Server and Data Center allow authenticated remote attackers to add administrator groups to filter subscriptions via a Broken Access Control vulnerability in the /secure/EditSubscription.jspa endpoint. The affected versions are before version 8.21.0.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-22567 ‼
📖 Read
via "National Vulnerability Database".
Bidirectional Unicode text can be interpreted and compiled differently than how it appears in editors which can be exploited to get nefarious code passed a code review by appearing benign. An attacker could embed a source that is invisible to a code reviewer that modifies the behavior of a program in unexpected ways.📖 Read
via "National Vulnerability Database".