βΌ CVE-2021-45342 βΌ
π Read
via "National Vulnerability Database".
A buffer overflow vulnerability in CDataList of the jwwlib component of LibreCAD 2.2.0-rc3 and older allows an attacker to achieve Remote Code Execution using a crafted JWW document.π Read
via "National Vulnerability Database".
βΌ CVE-2021-45847 βΌ
π Read
via "National Vulnerability Database".
Several missing input validations in the 3MF parser component of Slic3r libslic3r 1.3.0 can each allow an attacker to cause an application crash using a crafted 3MF input file.π Read
via "National Vulnerability Database".
βΌ CVE-2021-46113 βΌ
π Read
via "National Vulnerability Database".
In MartDevelopers KEA-Hotel-ERP open source as of 12-31-2021, a remote code execution vulnerability can be exploited by uploading PHP files using the file upload vulnerability in this service.π Read
via "National Vulnerability Database".
βΌ CVE-2022-23034 βΌ
π Read
via "National Vulnerability Database".
A PV guest could DoS Xen while unmapping a grant To address XSA-380, reference counting was introduced for grant mappings for the case where a PV guest would have the IOMMU enabled. PV guests can request two forms of mappings. When both are in use for any individual mapping, unmapping of such a mapping can be requested in two steps. The reference count for such a mapping would then mistakenly be decremented twice. Underflow of the counters gets detected, resulting in the triggering of a hypervisor bug check.π Read
via "National Vulnerability Database".
βΌ CVE-2022-23945 βΌ
π Read
via "National Vulnerability Database".
Missing authentication on ShenYu Admin when register by HTTP. This issue affected Apache ShenYu 2.4.0 and 2.4.1.π Read
via "National Vulnerability Database".
βΌ CVE-2021-45029 βΌ
π Read
via "National Vulnerability Database".
Groovy Code Injection & SpEL Injection which lead to Remote Code Execution. This issue affected Apache ShenYu 2.4.0 and 2.4.1.π Read
via "National Vulnerability Database".
βΌ CVE-2022-23944 βΌ
π Read
via "National Vulnerability Database".
User can access /plugin api without authentication. This issue affected Apache ShenYu 2.4.0 and 2.4.1.π Read
via "National Vulnerability Database".
βΌ CVE-2022-21697 βΌ
π Read
via "National Vulnerability Database".
Jupyter Server Proxy is a Jupyter notebook server extension to proxy web services. Versions of Jupyter Server Proxy prior to 3.2.1 are vulnerable to Server-Side Request Forgery (SSRF). Any user deploying Jupyter Server or Notebook with jupyter-proxy-server extension enabled is affected. A lack of input validation allows authenticated clients to proxy requests to other hosts, bypassing the `allowed_hosts` check. Because authentication is required, which already grants permissions to make the same requests via kernel or terminal execution, this is considered low to moderate severity. Users may upgrade to version 3.2.1 to receive a patch or, as a workaround, install the patch manually.π Read
via "National Vulnerability Database".
βΌ CVE-2021-45846 βΌ
π Read
via "National Vulnerability Database".
A flaw in the AMF parser of Slic3r libslic3r 1.3.0 allows an attacker to cause an application crash using a crafted AMF document, where a metadata tag lacks a "type" attribute.π Read
via "National Vulnerability Database".
π΄ Cyber-Physical Security: What It Is and What You Should Do π΄
π Read
via "Dark Reading".
Ancillary installations like the Internet of Things, operational technology, and industrial control systems enable lots of great functionality, and they face most of the same risks as IT infrastructure.π Read
via "Dark Reading".
Dark Reading
Cyber-Physical Security: What It Is and What You Should Do
Ancillary installations like the Internet of Things, operational technology, and industrial control systems enable lots of great functionality, and they face most of the same risks as IT infrastructure.
ποΈ PrinterLogic vendor addresses triple RCE threat against all connected endpoints ποΈ
π Read
via "The Daily Swig".
High severity flaws show centralized management means centralized risk, say researchersπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
PrinterLogic vendor addresses triple RCE threat against all connected endpoints
High severity flaws show centralized management means centralized risk, say researchers
π1
π΄ 4 Steps Toward Knowing Your Exploitable Attack Surface π΄
π Read
via "Dark Reading".
Actionable steps you can take today to identify the true risk your organization faces β learn how to separate the exploitable vulnerabilities from the rest.π Read
via "Dark Reading".
Dark Reading
4 Steps Toward Knowing Your Exploitable Attack Surface
Actionable steps you can take today to identify the true risk your organization faces β learn how to separate the exploitable vulnerabilities from the rest.
β AdSanity, AccessPress Plugins Open Scads of WordPress Sites to Takeover β
π Read
via "Threat Post".
A critical security bug and a months-long, ongoing supply-chain attack spell trouble for WordPress users.π Read
via "Threat Post".
Threat Post
AdSanity, AccessPress Plugins Open Scads of WordPress Sites to Takeover
A critical security bug and a months-long, ongoing supply-chain attack spell trouble for WordPress users.
π΄ As IoT Attacks Increase, Experts Fear More Serious Threats π΄
π Read
via "Dark Reading".
Variants of the Mirai codebase are still a popular way to compromise and subvert Internet of Things devices, but experts fear more serious threats may be ahead.π Read
via "Dark Reading".
Dark Reading
As IoT Attacks Increase, Experts Fear More Serious Threats
Variants of the Mirai codebase are still a popular way to compromise and subvert Internet of Things devices, but experts fear more serious threats may be ahead.
β Alleged carder gang mastermind and three acolytes under arrest in Russia β
π Read
via "Naked Security".
The motto of the gang was "In Fraud We Trust", and they went by a dizzying range of online nicknames.π Read
via "Naked Security".
Naked Security
Alleged carder gang mastermind and three acolytes under arrest in Russia
The motto of the gang was βIn Fraud We Trustβ, and they went by a dizzying range of online nicknames.
βΌ CVE-2021-3850 βΌ
π Read
via "National Vulnerability Database".
Authentication Bypass by Primary Weakness in GitHub repository adodb/adodb prior to 5.20.21.π Read
via "National Vulnerability Database".
βΌ CVE-2021-43863 βΌ
π Read
via "National Vulnerability Database".
The Nextcloud Android app is the Android client for Nextcloud, a self-hosted productivity platform. The Nextcloud Android app uses content providers to manage its data. Prior to version 3.18.1, the providers `FileContentProvider` and `DiskLruImageCacheFileProvider` have security issues (an SQL injection, and an insufficient permission control, respectively) that allow malicious apps in the same device to access Nextcloud's data bypassing the permission control system. Users should upgrade to version 3.18.1 to receive a patch. There are no known workarounds aside from upgrading.π Read
via "National Vulnerability Database".
βΌ CVE-2021-34867 βΌ
π Read
via "National Vulnerability Database".
This vulnerability allows local attackers to escalate privileges on affected installations of Parallels Desktop 16.1.3-49160. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the Toolgate component. The issue results from the lack of proper validation of user-supplied data, which can result in an uncontrolled memory allocation. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the hypervisor. Was ZDI-CAN-13672.π Read
via "National Vulnerability Database".
βΌ CVE-2021-46034 βΌ
π Read
via "National Vulnerability Database".
A problem was found in ForestBlog, as of 2021-12-29, there is a XSS vulnerability that can be injected through the nickname input box.π Read
via "National Vulnerability Database".
βΌ CVE-2021-34866 βΌ
π Read
via "National Vulnerability Database".
This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel 5.14-rc3. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of eBPF programs. The issue results from the lack of proper validation of user-supplied eBPF programs, which can result in a type confusion condition. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel. Was ZDI-CAN-14689.π Read
via "National Vulnerability Database".
βΌ CVE-2021-34870 βΌ
π Read
via "National Vulnerability Database".
This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of NETGEAR XR1000 1.0.0.52_1.0.38 routers. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of SOAP messages. The issue results from a lack of authentication required for a privileged request. An attacker can leverage this vulnerability to disclose stored credentials, leading to further compromise. Was ZDI-CAN-13325.π Read
via "National Vulnerability Database".