CVE Details finally updated the ‘Vulnerabilities By Year’ graph.
We already have 18,124 CVEs as of December 1, 2021. More detail https://www.cvedetails.com/browse-by-date.php
Call us anytime
+84949482065
Wazuh – Active response tools allow arbitrary code execution
In the wazuh-slack active response script in Wazuh before 4.2.5, untrusted user agents are passed to a curl command line, potentially resulting in remote code execution. Ref https://github.com/wazuh/wazuh/issues/10858
IBM Planning Analytics Workspace is affected by security vulnerabilities
IBM Planning Analytics 2.0 is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. Read here https://www.ibm.com/support/pages/node/6517470
Dell EMC CloudLink Security Update for Multiple Security Vulnerabilities
This vulnerability is considered critical as it may be leveraged to completely compromise the vulnerable application as well as the underlying operating system. Dell recommends customers to upgrade at the…
BeyondTrust – Exploiting the vulnerability will give a local unprivileged attacker SYSTEM level privileges.
BeyondTrust Privilege Management for Windows contains a local privilege escalation vulnerability prior to version 21.6. More https://github.com/mandiant/Vulnerability-Disclosures/blob/master/MNDT-2021-0008/MNDT-2021-0008.md
Tardigrade malware attacks vaccine manufacturing infrastructure.
Sophisticated Tardigrade malware launches attacks on vaccine manufacturing infrastructure. Read more in my article on the Tripwire blog https://www.tripwire.com/state-of-security/security-data-protection/sophisticated-tardigrade-malware-launches-attacks-on-vaccine-manufacturing-infrastructure/
Tesla’s rumoured new ‘Model Pi’ smartphone designed to work on Mars
TESLA PHONE THIS 2021? It’s been widely reported that US-based EV maker Tesla will “officially” launch the Model Pi phone "later this year". It’s not clear exactly when, if at…
Linux has a serious security problem that once again enables DNS cache poisoning
The exploit, unveiled in research presented today, revives the DNS cache-poisoning attack that researcher Dan Kaminsky disclosed in 2008. He showed that, by masquerading as an authoritative DNS server and…
Huge fines and a ban on default passwords in new UK law
Default passwords for internet-connected devices will be banned, and firms which do not comply will face huge fines. Read more https://www-bbc-com.cdn.ampproject.org/c/s/www.bbc.com/news/technology-59400762.amp
VMware Releases Security Updates
VMware has released security updates to address multiple vulnerabilities in vCenter Server and Cloud Foundation. A remote attacker can exploit this vulnerability to obtain access to sensitive information. More https://www.vmware.com/security/advisories/VMSA-2021-0027.html
- Go to the previous page
- 1
- …
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- …
- 37
- Go to the next page
