‼ CVE-2022-0177 ‼
📖 Read
via "National Vulnerability Database".
Cross-site Scripting (XSS) - DOM in GitHub repository mrdoob/three.js prior to 0.137.0.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-43394 ‼
📖 Read
via "National Vulnerability Database".
Unisys OS 2200 Messaging Integration Services (NTSI) 7R3B IC3 and IC4, 7R3C, and 7R3D has an Incorrect Implementation of an Authentication Algorithm. An LDAP password is not properly validated.📖 Read
via "National Vulnerability Database".
🦿 Personal identifying information for 1.5 billion users was stolen in 2021, but from where? 🦿
📖 Read
via "Tech Republic".
Threat intelligence company Black Kite found that the majority of attacks were against healthcare providers, involved ransomware and succeeded thanks to software vulnerabilities.📖 Read
via "Tech Republic".
TechRepublic
Personal identifying information for 1.5 billion users was stolen in 2021, but from where?
Threat intelligence company Black Kite found that the majority of attacks were against healthcare providers, involved ransomware and succeeded thanks to software vulnerabilities.
❌ Linux Servers at Risk of RCE Due to Critical CWP Bugs ❌
📖 Read
via "Threat Post".
The two flaws in Control Web Panel – a popular web hosting management software used by 200K+ servers – allow code execution as root on Linux servers.📖 Read
via "Threat Post".
Threat Post
Linux Servers at Risk of RCE Due to Critical CWP Bugs
The two flaws in Control Web Panel – a popular web hosting management software used by 200K+ servers – allow code execution as root on Linux servers.
🕴 Trickbot Injections Get Harder to Detect & Analyze 🕴
📖 Read
via "Dark Reading".
The authors of the infamous malware family have added measures for better protecting malicious code injections against inspection and research.📖 Read
via "Dark Reading".
Dark Reading
Trickbot Injections Get Harder to Detect & Analyze
The authors of the infamous malware family have added measures for better protecting malicious code injections against inspection and research.
🕴 Test Your Team, Not Just Your Disaster Recovery Plan 🕴
📖 Read
via "Dark Reading".
Cyberattacks imperil business continuity, but there is a much more common security threat — unintentional human error.📖 Read
via "Dark Reading".
Dark Reading
DR Technology
‼ CVE-2021-46480 ‼
📖 Read
via "National Vulnerability Database".
Jsish v3.5.0 was discovered to contain a heap buffer overflow via jsiValueObjDelete in src/jsiEval.c. This vulnerability can lead to a Denial of Service (DoS).📖 Read
via "National Vulnerability Database".
‼ CVE-2021-46477 ‼
📖 Read
via "National Vulnerability Database".
Jsish v3.5.0 was discovered to contain a heap buffer overflow via RegExp_constructor in src/jsiRegexp.c. This vulnerability can lead to a Denial of Service (DoS).📖 Read
via "National Vulnerability Database".
‼ CVE-2021-44988 ‼
📖 Read
via "National Vulnerability Database".
Jerryscript v3.0.0 and below was discovered to contain a stack overflow via ecma_find_named_property in ecma-helpers.c.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-46481 ‼
📖 Read
via "National Vulnerability Database".
Jsish v3.5.0 was discovered to contain a memory leak via linenoise at src/linenoise.c.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-44993 ‼
📖 Read
via "National Vulnerability Database".
There is an Assertion ''ecma_is_value_boolean (base_value)'' failed at /jerry-core/ecma/operations/ecma-get-put-value.c in Jerryscript 3.0.0.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-46474 ‼
📖 Read
via "National Vulnerability Database".
Jsish v3.5.0 was discovered to contain a heap buffer overflow via jsiEvalCodeSub in src/jsiEval.c. This vulnerability can lead to a Denial of Service (DoS).📖 Read
via "National Vulnerability Database".
‼ CVE-2021-46483 ‼
📖 Read
via "National Vulnerability Database".
Jsish v3.5.0 was discovered to contain a heap buffer overflow via BooleanConstructor at src/jsiBool.c.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-44992 ‼
📖 Read
via "National Vulnerability Database".
There is an Assertion ''ecma_object_is_typedarray (obj_p)'' failed at /jerry-core/ecma/operations/ecma-typedarray-object.c in Jerryscript 3.0.0.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-44994 ‼
📖 Read
via "National Vulnerability Database".
There is an Assertion ''JERRY_CONTEXT (jmem_heap_allocated_size) == 0'' failed at /jerry-core/jmem/jmem-heap.c in Jerryscript 3.0.0.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-46478 ‼
📖 Read
via "National Vulnerability Database".
Jsish v3.5.0 was discovered to contain a heap buffer overflow via jsiClearStack in src/jsiEval.c. This vulnerability can lead to a Denial of Service (DoS).📖 Read
via "National Vulnerability Database".
‼ CVE-2021-46475 ‼
📖 Read
via "National Vulnerability Database".
Jsish v3.5.0 was discovered to contain a heap buffer overflow via jsi_ArraySliceCmd in src/jsiArray.c. This vulnerability can lead to a Denial of Service (DoS).📖 Read
via "National Vulnerability Database".
‼ CVE-2021-46482 ‼
📖 Read
via "National Vulnerability Database".
Jsish v3.5.0 was discovered to contain a heap buffer overflow via NumberConstructor at src/jsiNumber.c.📖 Read
via "National Vulnerability Database".
📢 IT Pro News In Review: UK four-day working week, cyber crime in schools, GDPR fines of €1bn in 2021 📢
📖 Read
via "ITPro".
Catch up on the biggest headlines of the week in just two minutes📖 Read
via "ITPro".
IT PRO
IT Pro News In Review: UK four-day working week, cyber crime in schools, GDPR fines of €1bn in 2021
Catch up on the biggest headlines of the week in just two minutes
📢 NCSC Cyber Essentials overhaul takes effect 📢
📖 Read
via "ITPro".
Changes to the scope of the government-backed cyber security certification represent the biggest change since the scheme's launch in 2014📖 Read
via "ITPro".
IT PRO
NCSC Cyber Essentials overhaul takes effect | IT PRO
Changes to the scope of the government-backed cyber security certification represent the biggest change since the scheme's launch in 2014
📢 Crypto.com confirms $34 million hack caused by 2FA bypass exploit 📢
📖 Read
via "ITPro".
The cryptocurrency exchange previously denied that any customers lost funds despite numerous reports from customers and analysts📖 Read
via "ITPro".
IT PRO
Crypto.com confirms $34 million hack caused by 2FA bypass exploit | IT PRO
The cryptocurrency exchange previously denied that any customers lost funds despite numerous reports from customers and analysts