βΌ CVE-2021-40896 βΌ
π Read
via "National Vulnerability Database".
A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in that-value v0.1.3 when validating crafted invalid emails.π Read
via "National Vulnerability Database".
βΌ CVE-2021-40898 βΌ
π Read
via "National Vulnerability Database".
A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in scaffold-helper v1.2.0 when copying crafted invalid files.π Read
via "National Vulnerability Database".
π What is Intellectual Property? Understanding IP Rights, Negligence, Infringement & More π
π Read
via "".
What is intellectual property? We define the term and explain how IP negligence and infringement can harm your organization.π Read
via "".
Digital Guardian
What is Intellectual Property? Understanding IP Rights, Negligence, Infringement & More
What is intellectual property? We define the term and explain how IP negligence and infringement can harm your organization.
ποΈ Oracle patches βmiracle exploitβ impacting Middleware Fusion, cloud services ποΈ
π Read
via "The Daily Swig".
Researchers describe discovery of βmegaβ zero-dayπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Oracle patches βmiracle exploitβ impacting Middleware Fusion, cloud services
Researchers describe discovery of βmegaβ zero-day
π΄ It's a Race to Secure the Software Supply Chain β Have You Already Stumbled? π΄
π Read
via "Dark Reading".
If you haven't properly addressed the issue, you're already behind. But even if you've had a false start, it's never too late to get back up.π Read
via "Dark Reading".
Dark Reading
It's a Race to Secure the Software Supply Chain β Have You Already Stumbled?
If you haven't properly addressed the issue, you're already behind. But even if you've had a false start, it's never too late to get back up.
β OpenSSL issues a bugfix for the previous bugfix β
π Read
via "Naked Security".
Fortunately, it's not a major bugfix, which means it's easy to patch and can teach us all some useful lessons.π Read
via "Naked Security".
Naked Security
OpenSSL issues a bugfix for the previous bugfix
Fortunately, itβs not a major bugfix, which means itβs easy to patch and can teach us all some useful lessons.
βΌ CVE-2021-40900 βΌ
π Read
via "National Vulnerability Database".
A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in regexfn v1.0.5 when validating crafted invalid emails.π Read
via "National Vulnerability Database".
βΌ CVE-2021-40901 βΌ
π Read
via "National Vulnerability Database".
A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in scniro-validator v1.0.1 when validating crafted invalid emails.π Read
via "National Vulnerability Database".
βΌ CVE-2022-2218 βΌ
π Read
via "National Vulnerability Database".
Cross-site Scripting (XSS) - Stored in GitHub repository ionicabizau/parse-url prior to 7.0.0.π Read
via "National Vulnerability Database".
βΌ CVE-2022-2216 βΌ
π Read
via "National Vulnerability Database".
Server-Side Request Forgery (SSRF) in GitHub repository ionicabizau/parse-url prior to 7.0.0.π Read
via "National Vulnerability Database".
βΌ CVE-2022-2208 βΌ
π Read
via "National Vulnerability Database".
NULL Pointer Dereference in GitHub repository vim/vim prior to 8.2.π Read
via "National Vulnerability Database".
βΌ CVE-2022-2207 βΌ
π Read
via "National Vulnerability Database".
Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.π Read
via "National Vulnerability Database".
π΄ Thrive Acquires DSM π΄
π Read
via "Dark Reading".
DSM is now the third acquisition by Thrive in Florida in the past six months.π Read
via "Dark Reading".
Dark Reading
Thrive Acquires DSM
DSM is now the third acquisition by Thrive in Florida in the past six months.
β FTC warns of LGBTQ+ extortion scams β be aware before you share! β
π Read
via "Naked Security".
It's a simple jingle and it's solid advice: "If in doubt, don't give it out!"π Read
via "Naked Security".
Naked Security
FTC warns of LGBTQ+ extortion scams β be aware before you share!
Itβs a simple jingle and itβs solid advice: βIf in doubt, donβt give it out!β
ποΈ Untrusted types: Researcher demos trick to beat Trusted Types protection in Google Chrome ποΈ
π Read
via "The Daily Swig".
Flaws in protection mechanism leaves websites more exposed to DOM XSS-based attacksπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Untrusted types: Researcher demos trick to beat Trusted Types protection in Google Chrome
Flaws in protection mechanism leaves websites more exposed to DOM XSS-based attacks
βΌ CVE-2017-20101 βΌ
π Read
via "National Vulnerability Database".
A vulnerability, which was classified as problematic, was found in ProjectSend r754. This affects an unknown part of the file process.php?do=zip_download. The manipulation of the argument client/file leads to information disclosure. It is possible to initiate the attack remotely.π Read
via "National Vulnerability Database".
βΌ CVE-2017-20100 βΌ
π Read
via "National Vulnerability Database".
A vulnerability was found in Air Transfer 1.0.14/1.2.1. It has been rated as problematic. Affected by this issue is some unknown functionality. The manipulation leads to basic cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.π Read
via "National Vulnerability Database".
βΌ CVE-2020-21161 βΌ
π Read
via "National Vulnerability Database".
Cross Site Scripting (XSS) vulnerability in Ruckus Wireless ZoneDirector 9.8.3.0.π Read
via "National Vulnerability Database".
βΌ CVE-2017-20102 βΌ
π Read
via "National Vulnerability Database".
A vulnerability was found in Album Lock 4.0 and classified as critical. Affected by this issue is some unknown functionality of the file /getImage. The manipulation of the argument filePaht leads to path traversal. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used.π Read
via "National Vulnerability Database".
ποΈ Researchers crack MEGAβs βprivacy by designβ storage, encryption ποΈ
π Read
via "The Daily Swig".
ETH Zurich finds flaws in the firmβs cryptographic infrastructureπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Researchers crack MEGAβs βprivacy by designβ storage, encryption
ETH Zurich finds flaws in the firmβs cryptographic infrastructure
β Harmony blockchain loses nearly $100M due to hacked private keys β
π Read
via "Naked Security".
The crooks needed at least two private keys, each stored in two parts... but they got them anyway.π Read
via "Naked Security".
Naked Security
Harmony blockchain loses nearly $100M due to hacked private keys
The crooks needed at least two private keys, each stored in two parts⦠but they got them anyway.