π΄ DoD Awards Attivo Networks Contract for Ransomware Mitigation π΄
π Read
via "Dark Reading".
Contract extends Attivoβs strategic support to the three major branches of the DoD β Air Force, Army, and Navy.π Read
via "Dark Reading".
Dark Reading
DoD Awards Attivo Networks Contract for Ransomware Mitigation
Contract extends Attivoβs strategic support to the three major branches of the DoD β Air Force, Army, and Navy.
π΄ SANS Institute Launches Cybersecurity Education Scholarship for HBCU Students and Alumni π΄
π Read
via "Dark Reading".
Applications will be open throughout all Black History Month and accepted until March 1, 2022.π Read
via "Dark Reading".
Dark Reading
SANS Institute Launches Cybersecurity Education Scholarship for HBCU Students and Alumni
Applications will be open throughout all Black History Month and accepted until March 1, 2022.
π΄ How to Fight the Novel Software Supply Chain Attacks of Tomorrow π΄
π Read
via "Dark Reading".
In the past year, attackers have focused on the lucrative supply chain. Organizations need to defend against such attacks, even inside their perimeters.π Read
via "Dark Reading".
Dark Reading
DR Technology
π΄ Pixelating Text Leads to Information Leakage, Warns Firm π΄
π Read
via "Dark Reading".
Blurring text isn't enough to obscure sensitive information. An offensive-security firm releases a tool showing how information can still be exposed.π Read
via "Dark Reading".
Dark Reading
Vulnerabilities & Threats recent news | Dark Reading
Explore the latest news and expert commentary on Vulnerabilities & Threats, brought to you by the editors of Dark Reading
π Semiconductor Firm Again Alleges IP Theft π
π Read
via "".
The company has defended its confidential and proprietary information and trade secrets in the past.π Read
via "".
βΌ CVE-2020-6920 βΌ
π Read
via "National Vulnerability Database".
Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software.π Read
via "National Vulnerability Database".
βΌ CVE-2022-23190 βΌ
π Read
via "National Vulnerability Database".
Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.π Read
via "National Vulnerability Database".
βΌ CVE-2021-21966 βΌ
π Read
via "National Vulnerability Database".
An information disclosure vulnerability exists in the HTTP Server /ping.html functionality of Texas Instruments CC3200 SimpleLink Solution NWP 2.9.0.0. A specially-crafted HTTP request can lead to an uninitialized read. An attacker can send an HTTP request to trigger this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2022-23195 βΌ
π Read
via "National Vulnerability Database".
Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.π Read
via "National Vulnerability Database".
βΌ CVE-2022-23193 βΌ
π Read
via "National Vulnerability Database".
Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.π Read
via "National Vulnerability Database".
βΌ CVE-2021-3648 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-3530. Reason: This candidate is a reservation duplicate of CVE-2021-3530. Notes: All CVE users should reference CVE-2021-3530 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.π Read
via "National Vulnerability Database".
βΌ CVE-2021-39298 βΌ
π Read
via "National Vulnerability Database".
Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution.π Read
via "National Vulnerability Database".
βΌ CVE-2022-23188 βΌ
π Read
via "National Vulnerability Database".
Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by a buffer overflow vulnerability due to insecure handling of a crafted malicious file, potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted malicious file in Illustrator.π Read
via "National Vulnerability Database".
βΌ CVE-2022-23189 βΌ
π Read
via "National Vulnerability Database".
Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.π Read
via "National Vulnerability Database".
βΌ CVE-2021-39299 βΌ
π Read
via "National Vulnerability Database".
Potential vulnerabilities have been identified in UEFI firmware (BIOS) for some PC products which may allow escalation of privilege and arbitrary code execution.π Read
via "National Vulnerability Database".
βΌ CVE-2022-24086 βΌ
π Read
via "National Vulnerability Database".
Adobe Commerce versions 2.4.3-p1 (and earlier) and 2.3.7-p2 (and earlier) are affected by an improper input validation vulnerability during the checkout process. Exploitation of this issue does not require user interaction and could result in arbitrary code execution.π Read
via "National Vulnerability Database".
βΌ CVE-2020-6918 βΌ
π Read
via "National Vulnerability Database".
Potential security vulnerabilities including compromise of integrity, and allowed communication with untrusted clients has been identified in HP Support Assistant software.π Read
via "National Vulnerability Database".
βΌ CVE-2022-22945 βΌ
π Read
via "National Vulnerability Database".
VMware NSX Edge contains a CLI shell injection vulnerability. A malicious actor with SSH access to an NSX-Edge appliance can execute arbitrary commands on the operating system as root.π Read
via "National Vulnerability Database".
βΌ CVE-2021-3551 βΌ
π Read
via "National Vulnerability Database".
A flaw was found in the PKI-server, where the spkispawn command, when run in debug mode, stores admin credentials in the installation log file. This flaw allows a local attacker to retrieve the file to obtain the admin password and gain admin privileges to the Dogtag CA manager. The highest threat from this vulnerability is to confidentiality.π Read
via "National Vulnerability Database".
βΌ CVE-2022-23198 βΌ
π Read
via "National Vulnerability Database".
Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by a Null pointer dereference vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.π Read
via "National Vulnerability Database".
βΌ CVE-2022-23186 βΌ
π Read
via "National Vulnerability Database".
Adobe Illustrator versions 25.4.3 (and earlier) and 26.0.2 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.π Read
via "National Vulnerability Database".