‼ CVE-2021-43483 ‼
📖 Read
via "National Vulnerability Database".
An Access Control vulnerability exists in CLARO KAON CG3000 1.00.67 in the router configuration, which could allow a malicious user to read or update the configuraiton without authentication.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-27145 ‼
📖 Read
via "National Vulnerability Database".
GPAC mp4box 1.1.0-DEV-rev1727-g8be34973d-master has a stack-overflow vulnerability in function gf_isom_get_sample_for_movie_time of mp4box.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-43517 ‼
📖 Read
via "National Vulnerability Database".
FOSCAM Camera FI9805E with firmware V4.02.R12.00018510.10012.143900.00000 contains a backdoor that opens Telnet port when special command is sent on port 9530.📖 Read
via "National Vulnerability Database".
🕴 Software-as-a-Service Rules the Cloud 🕴
📖 Read
via "Dark Reading".
Half of the IT professionals surveyed who use cloud services also employ infrastructure-as-a-service and platform-as-a-service.📖 Read
via "Dark Reading".
Dark Reading
Software-as-a-Service Rules the Cloud
Half of the IT professionals surveyed who use cloud services also employ infrastructure-as-a-service and platform-as-a-service.
👍1
‼ CVE-2022-1284 ‼
📖 Read
via "National Vulnerability Database".
heap-use-after-free in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is capable of inducing denial of service.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-43498 ‼
📖 Read
via "National Vulnerability Database".
An Access Control vulnerability exists in ATutor 2.2.4 in password_reminder.php when the g, id, h, form_password_hidden, and form_change HTTP POST parameters are set.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-43503 ‼
📖 Read
via "National Vulnerability Database".
A Remote Code Execution (RCE) vulnerability exists in h laravel 5.8.38 via an unserialize pop chain in (1) __destruct in \Routing\PendingResourceRegistration.php, (2) __cal in Queue\Capsule\Manager.php, and (3) __invoke in mockery\library\Mockery\ClosureWrapper.php.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-24821 ‼
📖 Read
via "National Vulnerability Database".
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Simple users can create global SSX/JSX without specific rights: in theory only users with Programming Rights should be allowed to create SSX or JSX that are executed everywhere on a wiki. But a bug allow anyone with edit rights to actually create those. This issue has been patched in XWiki 13.10-rc-1, 12.10.11 and 13.4.6. There's no easy workaround for this issue, administrators should upgrade their wiki.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-1283 ‼
📖 Read
via "National Vulnerability Database".
NULL Pointer Dereference in r_bin_ne_get_entrypoints function in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability allows attackers to cause a denial of service (application crash).📖 Read
via "National Vulnerability Database".
👍1
‼ CVE-2022-27152 ‼
📖 Read
via "National Vulnerability Database".
Roku devices running RokuOS v9.4.0 build 4200 or earlier that uses a Realtek WiFi chip is vulnerable to Arbitrary file modification.📖 Read
via "National Vulnerability Database".
🕴 BakerHostetler Launches 2022 Data Security Incident Response Report — Resilience And Perseverance 🕴
📖 Read
via "Dark Reading".
Ransomware remained the most prevalent and impactful type of data security incident.📖 Read
via "Dark Reading".
Dark Reading
BakerHostetler Launches 2022 Data Security Incident Response Report — Resilience And Perseverance
Ransomware remained the most prevalent and impactful type of data security incident.
🕴 Microsoft Sinkholes Russian Hacking Group's Domains Targeting Ukraine 🕴
📖 Read
via "Dark Reading".
The operation aimed to disrupt cyber espionage activity a Russian GRU group was using for the Ukraine war.📖 Read
via "Dark Reading".
Dark Reading
Microsoft Sinkholes Russian Hacking Group's Domains Targeting Ukraine
The operation aimed to disrupt cyber espionage activity a Russian GRU group was using for the Ukraine war.
‼ CVE-2022-24820 ‼
📖 Read
via "National Vulnerability Database".
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. A guest user without the right to view pages of the wiki can still list documents by rendering some velocity documents. The problem has been patched in XWiki versions 12.10.11, 13.4.4, and 13.9-rc-1. There is no known workaround for this problem.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-24819 ‼
📖 Read
via "National Vulnerability Database".
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. A guest user without the right to view pages of the wiki can still list documents related to users of the wiki. The problem has been patched in XWiki versions 12.10.11, 13.4.4, and 13.9-rc-1. There is no known workaround for this problem.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-43149 ‼
📖 Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-24428 ‼
📖 Read
via "National Vulnerability Database".
Dell PowerScale OneFS, versions 8.2.x, 9.0.0.x, 9.1.0.x, 9.2.0.x, 9.2.1.x, and 9.3.0.x, contain an improper preservation of privileges. A remote filesystem user with a local account could potentially exploit this vulnerability, leading to an escalation of file privileges and information disclosure.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-43009 ‼
📖 Read
via "National Vulnerability Database".
A Cross Site Scripting (XSS) vulnerability exists in OpServices OpMon through 9.11 via the search parameter in the request URL.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-26851 ‼
📖 Read
via "National Vulnerability Database".
Dell PowerScale OneFS, 8.2.2-9.3.x, contains a predictable file name from observable state vulnerability. An unprivileged network attacker could potentially exploit this vulnerability, leading to data loss.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-36288 ‼
📖 Read
via "National Vulnerability Database".
Dell VNX2 for File version 8.1.21.266 and earlier, contain a path traversal vulnerability which may lead unauthenticated users to read/write restricted files📖 Read
via "National Vulnerability Database".
‼ CVE-2022-26852 ‼
📖 Read
via "National Vulnerability Database".
Dell PowerScale OneFS, versions 8.2.x-9.3.x, contain a predictable seed in pseudo-random number generator. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to an account compromise.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-36287 ‼
📖 Read
via "National Vulnerability Database".
Dell VNX2 for file version 8.1.21.266 and earlier, contain an unauthenticated remote code execution vulnerability which may lead unauthenticated users to execute commands on the system.📖 Read
via "National Vulnerability Database".