βΌ CVE-2021-33912 βΌ
π Read
via "National Vulnerability Database".
libspf2 before 1.2.11 has a four-byte heap-based buffer overflow that might allow remote attackers to execute arbitrary code (via an unauthenticated e-mail message from anywhere on the Internet) with a crafted SPF DNS record, because of incorrect sprintf usage in SPF_record_expand_data in spf_expand.c. The vulnerable code may be part of the supply chain of a site's e-mail infrastructure (e.g., with additional configuration, Exim can use libspf2; the Postfix web site links to unofficial patches for use of libspf2 with Postfix; older versions of spfquery relied on libspf2) but most often is not.π Read
via "National Vulnerability Database".
βΌ CVE-2022-22310 βΌ
π Read
via "National Vulnerability Database".
IBM WebSphere Application Server Liberty 21.0.0.10 through 21.0.0.12 could provide weaker than expected security. A remote attacker could exploit this weakness to obtain sensitive information and gain unauthorized access to JAX-WS applications. IBM X-Force ID: 217224.π Read
via "National Vulnerability Database".
βΌ CVE-2022-23221 βΌ
π Read
via "National Vulnerability Database".
H2 Console before 2.1.210 allows remote attackers to execute arbitrary code via a jdbc:h2:mem JDBC URL containing the IGNORE_UNKNOWN_SETTINGS=TRUE;FORBID_CREATION=FALSE;INIT=RUNSCRIPT substring, a different vulnerability than CVE-2021-42392.π Read
via "National Vulnerability Database".
βΌ CVE-2021-33913 βΌ
π Read
via "National Vulnerability Database".
libspf2 before 1.2.11 has a heap-based buffer overflow that might allow remote attackers to execute arbitrary code (via an unauthenticated e-mail message from anywhere on the Internet) with a crafted SPF DNS record, because of SPF_record_expand_data in spf_expand.c. The amount of overflowed data depends on the relationship between the length of an entire domain name and the length of its leftmost label. The vulnerable code may be part of the supply chain of a site's e-mail infrastructure (e.g., with additional configuration, Exim can use libspf2; the Postfix web site links to unofficial patches for use of libspf2 with Postfix; older versions of spfquery relied on libspf2) but most often is not.π Read
via "National Vulnerability Database".
βΌ CVE-2021-46203 βΌ
π Read
via "National Vulnerability Database".
Taocms v3.0.2 was discovered to contain an arbitrary file read vulnerability via the path parameter.π Read
via "National Vulnerability Database".
βΌ CVE-2022-0274 βΌ
π Read
via "National Vulnerability Database".
Cross-site Scripting (XSS) - Stored in NPM cypress-orchardcore prior to 1.2.2.π Read
via "National Vulnerability Database".
βΌ CVE-2021-46204 βΌ
π Read
via "National Vulnerability Database".
Taocms v3.0.2 was discovered to contain an arbitrary file read vulnerability via the path parameter. SQL injection vulnerability via taocms\include\Model\Article.php.π Read
via "National Vulnerability Database".
βΌ CVE-2021-42810 βΌ
π Read
via "National Vulnerability Database".
A flaw in the previous versions of the product may allow an authenticated attacker the ability to execute code as a privileged user on a system where the agent is installed.π Read
via "National Vulnerability Database".
π΄ When Patching Security Flaws, Smarter Trumps Faster π΄
π Read
via "Dark Reading".
Just turning the patch dial to "high" is not enough, and if your company is using the Common Vulnerability Scoring System (CVSS) to prioritize software patching, you are doing it wrong.π Read
via "Dark Reading".
Dark Reading
When Patching Security Flaws, Smarter Trumps Faster
Just turning the patch dial to "high" is not enough, and if your company is using the Common Vulnerability Scoring System (CVSS) to prioritize software patching, you are doing it wrong.
π΄ 5 AI and Cybersecurity Predictions for 2022 π΄
π Read
via "Dark Reading".
Among them: Explainable artificial intelligence (XAI) will improve the ways humans and AI interact, plus expect a shift in how organizations fight ransomware.π Read
via "Dark Reading".
Dark Reading
5 AI and Cybersecurity Predictions for 2022
Among them: Explainable artificial intelligence (XAI) will improve the ways humans and AI interact, plus expect a shift in how organizations fight ransomware.
π΄ 1Password Raises $620M Series C, Now Valued at $6.8B π΄
π Read
via "Dark Reading".
The massive funding round comes as the rise of cloud and remote work led to new threats and growing security and privacy concerns.π Read
via "Dark Reading".
Dark Reading
1Password Raises $620M Series C, Now Valued at $6.8B
The massive funding round comes as the rise of cloud and remote work led to new threats and growing security and privacy concerns.
π Europol, Feds Take VPN Used by Cybercriminals Offline π
π Read
via "".
The service was being used to carry out ransomware deployment and other cybercrime activities.π Read
via "".
Digital Guardian
Europol, Feds Take VPN Used by Cybercriminals Offline
The service was being used to carry out ransomware deployment and other cybercrime activities.
β Destructive Wiper Targeting Ukraine Aimed at Eroding Trust, Experts Say β
π Read
via "Threat Post".
Disruptive malware attacks on Ukrainian organizations (posing as ransomware attacks) are very likely part of Russiaβs wider effort to undermine Ukraineβs sovereignty, according to analysts.π Read
via "Threat Post".
Threat Post
Destructive Wiper Targeting Ukraine Aimed at Eroding Trust, Experts Say
Disruptive malware attacks on Ukrainian organizations (posing as ransomware attacks) are very likely part of Russiaβs wider effort to undermine Ukraineβs sovereignty, according to analysts.
π΄ What Happens to My Organization If APIs Are Compromised? π΄
π Read
via "Dark Reading".
Once attackers have obtained access, they can compromise other systems or pivot within your networks.π Read
via "Dark Reading".
Dark Reading
What Happens to My Organization If APIs Are Compromised?
Once attackers have obtained access, they can compromise other systems or pivot within your networks.
βΌ CVE-2022-0243 βΌ
π Read
via "National Vulnerability Database".
Cross-site Scripting (XSS) - Stored in GitHub repository orchardcms/orchardcore prior to 1.2.2.π Read
via "National Vulnerability Database".
βΌ CVE-2022-22769 βΌ
π Read
via "National Vulnerability Database".
The Web server component of TIBCO Software Inc.'s TIBCO EBX, TIBCO EBX, TIBCO EBX, TIBCO EBX Add-ons, TIBCO EBX Add-ons, TIBCO EBX Add-ons, and TIBCO Product and Service Catalog powered by TIBCO EBX contains an easily exploitable vulnerability that allows a low privileged attacker with network access to execute Stored Cross Site Scripting (XSS) on the affected system. A successful attack using this vulnerability requires human interaction from a person other than the attacker. Affected releases are TIBCO Software Inc.'s TIBCO EBX: versions 5.8.124 and below, TIBCO EBX: versions 5.9.3, 5.9.4, 5.9.5, 5.9.6, 5.9.7, 5.9.8, 5.9.9, 5.9.10, 5.9.11, 5.9.12, 5.9.13, 5.9.14, and 5.9.15, TIBCO EBX: versions 6.0.0, 6.0.1, 6.0.2, and 6.0.3, TIBCO EBX Add-ons: versions 3.20.18 and below, TIBCO EBX Add-ons: versions 4.1.0, 4.2.0, 4.2.1, 4.2.2, 4.3.0, 4.3.1, 4.3.2, 4.3.3, 4.3.4, 4.4.0, 4.4.1, 4.4.2, 4.4.3, 4.5.0, 4.5.1, 4.5.2, 4.5.3, 4.5.4, 4.5.5, and 4.5.6, TIBCO EBX Add-ons: versions 5.0.0, 5.0.1, 5.1.0, 5.1.1, and 5.2.0, and TIBCO Product and Service Catalog powered by TIBCO EBX: versions 1.1.0 and below.π Read
via "National Vulnerability Database".
βΌ CVE-2021-38789 βΌ
π Read
via "National Vulnerability Database".
Allwinner R818 SoC Android Q SDK V1.0 is affected by an incorrect access control vulnerability that does not check the caller's permission, in which a third-party app could change system settings.π Read
via "National Vulnerability Database".
π΄ FireEye & McAfee Enterprise Renamed as Trellix π΄
π Read
via "Dark Reading".
Symphony Technology Group announces a name for the newly merged company, which aims to become a leader in extended detection and response (XDR).π Read
via "Dark Reading".
Dark Reading
FireEye & McAfee Enterprise Renamed as Trellix
Symphony Technology Group announces a name for the newly merged company, which aims to become a leader in extended detection and response (XDR).
βΌ CVE-2021-26247 βΌ
π Read
via "National Vulnerability Database".
As an unauthenticated remote user, visit "http://<CACTI_SERVER>/auth_changepassword.php?ref=<script>alert(1)</script>" to successfully execute the JavaScript payload present in the "ref" URL parameter.π Read
via "National Vulnerability Database".
βΌ CVE-2021-44777 βΌ
π Read
via "National Vulnerability Database".
Cross-Site Request Forgery (CSRF) vulnerabilities leading to single or bulk e-mail entries deletion discovered in Email Tracker WordPress plugin (versions <= 5.2.6).π Read
via "National Vulnerability Database".
βΌ CVE-2021-23225 βΌ
π Read
via "National Vulnerability Database".
Cacti 1.1.38 allows authenticated users with User Management permissions to inject arbitrary web script or HTML in the "new_username" field during creation of a new user via "Copy" method at user_admin.php.π Read
via "National Vulnerability Database".