🛡 Cybersecurity & Privacy 🛡 - News
@cibsecurity
25.1K subscribers
88.5K links
🗞 The finest daily news on cybersecurity and privacy.

🔔 Daily releases.

💻 Is your online life secure?

📩 lalilolalo.dev@gmail.com
Download Telegram
About
Blog
Apps
Platform
Join
🛡 Cybersecurity & Privacy 🛡 - News
25.1K subscribers
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2021-45788 ‼

Time-based SQL Injection vulnerabilities were found in Metersphere v1.15.4 via the "orders" parameter.

📖 Read

via "National Vulnerability Database".
95 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2021-43403 ‼

An issue was discovered in FusionPBX before 4.5.30. The log_viewer.php Log View page allows an authenticated user to choose an arbitrary filename for download (i.e., not necessarily freeswitch.log in the intended directory).

📖 Read

via "National Vulnerability Database".
96 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2021-40691 ‼

A session hijack risk was identified in the Shibboleth authentication plugin.

📖 Read

via "National Vulnerability Database".
96 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2020-15346 ‼

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a /live/GLOBALS API with the CLOUDCNM key.

📖 Read

via "National Vulnerability Database".
93 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2021-42047 ‼

An issue was discovered in the Growth extension in MediaWiki through 1.36.2. On any Wiki with the Mentor Dashboard feature enabled, users can login with a mentor account and trigger an XSS payload (such as alert) via Growthexperiments-mentor-dashboard-mentee-overview-no-js-fallback.

📖 Read

via "National Vulnerability Database".
93 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2019-20258 ‼

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.

📖 Read

via "National Vulnerability Database".
94 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2019-20227 ‼

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.

📖 Read

via "National Vulnerability Database".
91 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2019-20259 ‼

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during the year 2019. Notes: none.

📖 Read

via "National Vulnerability Database".
91 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2020-15347 ‼

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has the q6xV4aW8bQ4cfD-b password for the axiros account.

📖 Read

via "National Vulnerability Database".
94 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2019-20294 ‼

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during the year 2019. Notes: none.

📖 Read

via "National Vulnerability Database".
89 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2019-20309 ‼

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.

📖 Read

via "National Vulnerability Database".
90 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2019-20257 ‼

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.

📖 Read

via "National Vulnerability Database".
87 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2020-15343 ‼

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated zy_install_user_key API.

📖 Read

via "National Vulnerability Database".
86 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2019-20285 ‼

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during the year 2019. Notes: none.

📖 Read

via "National Vulnerability Database".
85 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2019-20323 ‼

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.

📖 Read

via "National Vulnerability Database".
91 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2019-20254 ‼

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during the year 2019. Notes: none.

📖 Read

via "National Vulnerability Database".
92 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2020-15329 ‼

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has weak Data.fs permissions.

📖 Read

via "National Vulnerability Database".
90 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2019-20268 ‼

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during the year 2019. Notes: none.

📖 Read

via "National Vulnerability Database".
90 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2019-20305 ‼

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during the year 2019. Notes: none.

📖 Read

via "National Vulnerability Database".
90 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2019-20301 ‼

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during the year 2019. Notes: none.

📖 Read

via "National Vulnerability Database".
92 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2020-15342 ‼

Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has an unauthenticated zy_install_user API.

📖 Read

via "National Vulnerability Database".
98 views