‼ CVE-2021-44737 ‼
📖 Read
via "National Vulnerability Database".
PJL directory traversal vulnerability in Lexmark devices through 2021-12-07 that can be leveraged to overwrite internal configuration files.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-0219 ‼
📖 Read
via "National Vulnerability Database".
Improper Restriction of XML External Entity Reference in GitHub repository skylot/jadx prior to 1.3.2.📖 Read
via "National Vulnerability Database".
❌ Critical Cisco StarOS Bug Grants Root Access via Debug Mode ❌
📖 Read
via "Threat Post".
Cisco issued a critical fix for a flaw in its Cisco RCM for Cisco StarOS Software that could give attackers RCE on the application with root-level privileges.📖 Read
via "Threat Post".
Threat Post
Critical Cisco StarOS Bug Grants Root Access via Debug Mode
Cisco issued a critical fix for a flaw in its Cisco RCM for Cisco StarOS Software that could give attackers RCE on the application with root-level privileges.
🔏 New White House Memo Aims to Strengthen National Security Systems 🔏
📖 Read
via "".
A new White House memo gives greater power to the NSA in its fight to protect sensitive government data.📖 Read
via "".
Digital Guardian
New White House Memo Aims to Strengthen National Security Systems
A new White House memo gives greater power to the NSA in its fight to protect sensitive government data.
‼ CVE-2021-44092 ‼
📖 Read
via "National Vulnerability Database".
An SQL Injection vulnerability exists in code-projects Pharmacy Management 1.0 via the username parameter in the administer login form.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-46061 ‼
📖 Read
via "National Vulnerability Database".
An SQL Injection vulnerability exists in Sourcecodester Computer and Mobile Repair Shop Management system (RSMS) 1.0 via the code parameter in /rsms/ node app.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-23119 ‼
📖 Read
via "National Vulnerability Database".
A directory traversal vulnerability in Trend Micro Deep Security and Cloud One - Workload Security Agent for Linux version 20 and below could allow an attacker to read arbitrary files from the file system. Please note: an attacker must first obtain compromised access to the target Deep Security Manager (DSM) or the target agent must be not yet activated or configured in order to exploit this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-44090 ‼
📖 Read
via "National Vulnerability Database".
An SQL Injection vulnerability exists in Sourcecodester Online Reviewer System 1.0 via the password parameter.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-29785 ‼
📖 Read
via "National Vulnerability Database".
IBM Security SOAR V42 and V43could allow a remote attacker to obtain sensitive information, caused by the failure to properly enable HTTP Strict Transport Security. An attacker could exploit this vulnerability to obtain sensitive information using man in the middle techniques. IBM X-Force ID: 203169.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-44245 ‼
📖 Read
via "National Vulnerability Database".
An SQL Injection vulnerability exists in Courcecodester COVID 19 Testing Management System (CTMS) 1.0 via the (1) username and (2) contactno parameters.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-23120 ‼
📖 Read
via "National Vulnerability Database".
A code injection vulnerability in Trend Micro Deep Security and Cloud One - Workload Security Agent for Linux version 20 and below could allow an attacker to escalate privileges and run arbitrary code in the context of root. Please note: an attacker must first obtain access to the target agent in an un-activated and unconfigured state in order to exploit this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-44244 ‼
📖 Read
via "National Vulnerability Database".
An SQL Injection vulnerabiity exists in Sourcecodester Logistic Hub Parcel's Management System 1.0 via the username parameter in login.php.📖 Read
via "National Vulnerability Database".
🕴 Red Cross Hit via Third-Party Cyberattack 🕴
📖 Read
via "Dark Reading".
The incident compromised the personal data and confidential information of more than 515,000 "highly vulnerable people," the Red Cross reports.📖 Read
via "Dark Reading".
Dark Reading
Red Cross Hit via Third-Party Cyberattack
The incident compromised the personal data and confidential information of more than 515,000 "highly vulnerable people," the Red Cross reports.
🕴 Automating Response Is a Marathon, Not a Sprint 🕴
📖 Read
via "Dark Reading".
Organizations should balance process automation and human interaction to meet their unique security requirements.📖 Read
via "Dark Reading".
Dark Reading
Automating Response Is a Marathon, Not a Sprint
Organizations should balance process automation and human interaction to meet their unique security requirements.
🕴 Researchers Discover Dangerous Firmware-Level Rootkit 🕴
📖 Read
via "Dark Reading".
MoonBounce is the latest in a small but growing number of implants found hidden in a computer's Unified Extensible Firmware Interface (UEFI).📖 Read
via "Dark Reading".
Dark Reading
Researchers Discover Dangerous Firmware-Level Rootkit
MoonBounce is the latest in a small but growing number of implants found hidden in a computer's Unified Extensible Firmware Interface (UEFI).
‼ CVE-2021-46335 ‼
📖 Read
via "National Vulnerability Database".
Moddable SDK v11.5.0 was discovered to contain a NULL pointer dereference in the component fx_Function_prototype_hasInstance.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-46339 ‼
📖 Read
via "National Vulnerability Database".
There is an Assertion 'lit_is_valid_cesu8_string (string_p, string_size)' failed at /base/ecma-helpers-string.c(ecma_new_ecma_string_from_utf8) in JerryScript 3.0.0.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-46324 ‼
📖 Read
via "National Vulnerability Database".
Espruino 2v11.251 was discovered to contain a stack buffer overflow via src/jsvar.c in jsvNewFromString.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-46337 ‼
📖 Read
via "National Vulnerability Database".
There is an Assertion 'page_p != NULL' failed at /parser/js/js-parser-mem.c(parser_list_get) in JerryScript 3.0.0.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-46338 ‼
📖 Read
via "National Vulnerability Database".
There is an Assertion 'ecma_is_lexical_environment (object_p)' failed at /base/ecma-helpers.c(ecma_get_lex_env_type) in JerryScript 3.0.0.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-46325 ‼
📖 Read
via "National Vulnerability Database".
Espruino 2v10.246 was discovered to contain a stack buffer overflow via src/jsutils.c in vcbprintf.📖 Read
via "National Vulnerability Database".