π΄ CREST Calls for Greater Equity, Inclusion and Diversity As Part of National Cyber Security Strategy π΄
π Read
via "Dark Reading".
π Read
via "Dark Reading".
Dark Reading
CREST Calls for Greater Equity, Inclusion and Diversity As Part of National Cyber Security Strategy
21 Feb 2023: CREST, the global not-for-profit community of cyber security businesses and professionals working to keep our information safe in a digital world, today launches its latest best practice guide, describing how to foster greater equity, inclusionβ¦
π΄ Scrut Automation Raises Funding of $7.5M, Led by MassMutual Ventures, Lightspeed, and Endiya Partners π΄
π Read
via "Dark Reading".
With the fresh capital, Scrut aims to focus on simplifying risk management and infosec compliance for cloud-native SaaS, Fintech, and Healthtech companiesπ Read
via "Dark Reading".
Dark Reading
Scrut Automation Raises Funding of $7.5M, Led by MassMutual Ventures, Lightspeed, and Endiya Partners
With the fresh capital, Scrut aims to focus on simplifying risk management and infosec compliance for cloud-native SaaS, Fintech, and Healthtech companies
βΌ CVE-2023-20855 βΌ
π Read
via "National Vulnerability Database".
VMware vRealize Orchestrator contains an XML External Entity (XXE) vulnerability. A malicious actor, with non-administrative access to vRealize Orchestrator, may be able to use specially crafted input to bypass XML parsing restrictions leading to access to sensitive information or possible escalation of privileges.π Read
via "National Vulnerability Database".
βΌ CVE-2021-23946 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2021-4325 βΌ
π Read
via "National Vulnerability Database".
A vulnerability, which was classified as problematic, has been found in NHN TOAST UI Chart 4.1.4. This issue affects some unknown processing of the component Legend Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. Upgrading to version 4.2.0 is able to address this issue. The name of the patch is 1a3f455d17df379e11b501bb5ba1dd1bcc41d63e. It is recommended to upgrade the affected component. The identifier VDB-221501 was assigned to this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2023-20858 βΌ
π Read
via "National Vulnerability Database".
VMware Carbon Black App Control 8.7.x prior to 8.7.8, 8.8.x prior to 8.8.6, and 8.9.x.prior to 8.9.4 contain an injection vulnerability. A malicious actor with privileged access to the App Control administration console may be able to use specially crafted input allowing access to the underlying server operating system.π Read
via "National Vulnerability Database".
βΌ CVE-2021-23940 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2023-24080 βΌ
π Read
via "National Vulnerability Database".
A lack of rate limiting on the password reset endpoint of Chamberlain myQ v5.222.0.32277 (on iOS) allows attackers to compromise user accounts via a bruteforce attack.π Read
via "National Vulnerability Database".
βΌ CVE-2021-23947 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2021-23939 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2021-23944 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2021-23949 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2021-23941 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2021-23948 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2021-23952 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2021-23951 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2021-23942 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2021-23943 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2023-24081 βΌ
π Read
via "National Vulnerability Database".
Multiple stored cross-site scripting (XSS) vulnerabilities in Redrock Software TutorTrac before v4.2.170210 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the reason and location fields of the visits listing page.π Read
via "National Vulnerability Database".
βΌ CVE-2021-23950 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues. Notes: none.π Read
via "National Vulnerability Database".