CVE-2021-37723
Summary: A remote arbitrary command execution vulnerability was discovered in Aruba Operating System Software version(s): Prior to 8.7.1.2, 8.6.0.8, 8.5.0.12,...
CVE-2021-37724
Summary: A remote arbitrary command execution vulnerability was discovered in Aruba Operating System Software version(s): Prior to 8.7.1.2, 8.6.0.8, 8.5.0.12,...
CVE-2021-37725
Summary: A remote cross-site request forgery (csrf) vulnerability was discovered in Aruba SD-WAN Software and Gateways; Aruba Operating System Software...
CVE-2020-3302
Summary: A vulnerability in the web UI of Cisco Firepower Management Center (FMC) Software could allow an authenticated, remote attacker...
CVE-2021-41869
Summary: SuiteCRM 7.10.x before 7.10.33 and 7.11.x before 7.11.22 is vulnerable to privilege escalation. Reference Links(if available): https://docs.suitecrm.com/admin/releases/7.11.x/#_7_11_22 https://docs.suitecrm.com/admin/releases/7.10.x/#_7_10_33 https://github.com/salesagility/SuiteCRM...
Inside Apple: How macOS attacks are evolving
The start of fall 2021 saw the fourth Objective by the Sea (OBTS) security conference, which is the only security...
Playbook – 50,538 breached accounts
In September 2021, a publicly accessible PostgresSQL database belonging to the Playbook service was identified. Run by VC firm Plug...
LinuxCatScale – Incident Response Collection And Processing Scripts With Automated Reporting Scripts
Linux CatScale is a bash script that uses live of the land tools to collect extensive data from Linux based...
CVE-2021-30883 – Apple / Multiple – Memory corruption
Summary: CVE-2021-30883 is a memory corruption vulnerability impacting Apple iOS versions 15.0.1 and earlier and Apple iPadOS versions 15.0.1 and...
Microsoft mitigated a record 2.4 Tbps DDoS attack in August
Microsoft Azure cloud service mitigated a massive DDoS attack of 2.4 terabytes per second (Tbps) at the end of August,...
US-CERT Bulletin (SB21-284):Vulnerability Summary for the Week of October 4, 2021
The CISA Vulnerability Bulletin provides a summary of new vulnerabilities that have been recorded by the National Institute of Standards...
Apple released emergency update to fix zero-day actively exploited
Apple released emergency updates for both iOS and iPadOS to address a zero-day flaw that is actively exploited in the...
Security Service of Ukraine arrested a man operating a huge DDoS botnet
Ukrainian police arrested a cybercriminal who controlled a botnet composed of 100,000 devices that was available for rent to launch...
Iran-linked DEV-0343 APT target US and Israeli defense technology firms
DEV-0343: Iran-linked threat actors are targeting US and Israeli defense technology companies leveraging password spraying attacks. Researchers at Microsoft Threat...
Azur3Alph4 – A PowerShell Module That Automates Red-Team Tasks For Ops On Objective
Azur3Alph4 is a PowerShell module that automates red-team tasks for ops on objective. This module situates in a post-breach (RCE...
Improper Certificate Validation issue in LibreOffice and OpenOffice allows signed docs spoofing
LibreOffice and OpenOffice released security updates to address a vulnerability that can be exploited by an attacker to spoof signed...
CVE-2020-19131
Summary: Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the "invertImage()" function in the...
CVE-2020-19131
Summary: Buffer Overflow in LibTiff v4.0.10 allows attackers to cause a denial of service via the "invertImage()" function in the...
CVE-2021-3749
Summary: axios is vulnerable to Inefficient Regular Expression Complexity Reference Links(if available): https://github.com/axios/axios/commit/5b457116e31db0e88fede6c428e969e87f290929 https://huntr.dev/bounties/1e8f07fc-c384-4ff9-8498-0690de2e8c31 https://lists.apache.org/thread.html/rfc5c478053ff808671aef170f3d9fc9d05cc1fab8fb64431edc66103@%3Ccommits.druid.apache.org%3E https://lists.apache.org/thread.html/r7324ecc35b8027a51cb6ed629490fcd3b2d7cf01c424746ed5744bf1@%3Ccommits.druid.apache.org%3E https://lists.apache.org/thread.html/r216f0fd0a3833856d6a6a1fada488cadba45f447d87010024328ccf2@%3Ccommits.druid.apache.org%3E CVSS Score (if...
CVE-2021-3749
Summary: axios is vulnerable to Inefficient Regular Expression Complexity Reference Links(if available): https://github.com/axios/axios/commit/5b457116e31db0e88fede6c428e969e87f290929 https://huntr.dev/bounties/1e8f07fc-c384-4ff9-8498-0690de2e8c31 https://lists.apache.org/thread.html/rfc5c478053ff808671aef170f3d9fc9d05cc1fab8fb64431edc66103@%3Ccommits.druid.apache.org%3E https://lists.apache.org/thread.html/r7324ecc35b8027a51cb6ed629490fcd3b2d7cf01c424746ed5744bf1@%3Ccommits.druid.apache.org%3E https://lists.apache.org/thread.html/r216f0fd0a3833856d6a6a1fada488cadba45f447d87010024328ccf2@%3Ccommits.druid.apache.org%3E CVSS Score (if...
CVE-2021-3749
Summary: axios is vulnerable to Inefficient Regular Expression Complexity Reference Links(if available): https://github.com/axios/axios/commit/5b457116e31db0e88fede6c428e969e87f290929 https://huntr.dev/bounties/1e8f07fc-c384-4ff9-8498-0690de2e8c31 https://lists.apache.org/thread.html/rfc5c478053ff808671aef170f3d9fc9d05cc1fab8fb64431edc66103@%3Ccommits.druid.apache.org%3E https://lists.apache.org/thread.html/r7324ecc35b8027a51cb6ed629490fcd3b2d7cf01c424746ed5744bf1@%3Ccommits.druid.apache.org%3E https://lists.apache.org/thread.html/r216f0fd0a3833856d6a6a1fada488cadba45f447d87010024328ccf2@%3Ccommits.druid.apache.org%3E CVSS Score (if...
CVE-2021-34798
Summary: Malformed requests may cause the server to dereference a NULL pointer. This issue affects Apache HTTP Server 2.4.48 and...
CVE-2021-36160
Summary: A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS). This issue...
CVE-2021-36160
Summary: A carefully crafted request uri-path can cause mod_proxy_uwsgi to read above the allocated memory and crash (DoS). This issue...
