CVE-2020-14410
Summary: SDL (Simple DirectMedia Layer) through 2.0.12 has a heap-based buffer over-read in Blit_3or4_to_3or4__inversed_rgb in video/SDL_blit_N.c via a crafted .BMP...
CVE-2020-14409
Summary: SDL (Simple DirectMedia Layer) through 2.0.12 has an Integer Overflow (and resultant SDL_memcpy heap corruption) in SDL_BlitCopy in video/SDL_blit_copy.c...
CVE-2021-22167
Summary: An issue has been discovered in GitLab affecting all versions starting from 12.1. Incorrect headers in specific project page...
DNSpooq bugs haunt dnsmasq
The research team at JSOF found seven vulnerabilities in dnsmasq and have dubbed them DNSpooq, collectively. Now, some of you...
Naavi: Information collected from WhatsApp would be shared with Facebook and eventually be used for advertising
The WhatsApp messenger, which is owned by Facebook, began to notify its users (which is about 2 billion) about the...
Serious Vulnerabilities Discovered in Group Face Time Apps
Threat actors utilized Google Duo, Facebook Messenger, Signal, JioChat, and Mocha messaging apps vulnerabilities to their advantage by listening to...
Chinese Threat Group Chimera Attacks Airline Industry
For the last few years, a Chinese threat group under the name Chimera has been targeting the airline industry with...
Maze Ransomware: Exfiltration and Extortion
New research by New Zealand organization Emsisoft has discovered that a cyber-blackmail tactic initially debuted by ransomware gang MAZE has...
WPCracker – WordPress User Enumeration And Login Brute Force Tool
WordPress user enumeration and login Brute Force tool for Windows and Linux With the Brute Force tool, you can control...
CDK – Zero Dependency Container Penetration Toolkit
CDK is an open-sourced container penetration toolkit, designed for offering stable exploitation in different slimmed containers without any OS dependency....
Principles for personal information security legislation
It goes without saying that the 117th US Congress has a lot to get done and many legitimate priorities are...
Experts warn of scanning activity for critical SAP SolMan flaw after the release of exploit
Experts warn of automated scanning activity for servers affected by a critical SAP SolMan flaw after the release of an...
SolarWinds Attack: Microsoft sheds lights into Solorigate second-stage activation
Microsoft’s report provides details of the entire SolarWinds attack chain with a deep dive in the second-stage activation of malware...
Cisco fixed multiple flaws in Cisco SD-WAN products and Smart Software Manager Satellite Web UI
Cisco fixed multiple flaws in Cisco SD-WAN products that could allow an unauthenticated, remote attacker to execute attacks against its devices....
Logic bugs found in popular apps, including Signal and FB Messenger
Flaws in popular messaging apps, such as Signal and FB Messenger allowed to force a target device to transmit audio...
CVE-2021-21248
Summary: OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, there is a critical vulnerability involving the build...
CVE-2021-1701
Summary: Remote Procedure Call Runtime Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1658, CVE-2021-1660, CVE-2021-1664, CVE-2021-1666, CVE-2021-1667,...
CVE-2021-21246
Summary: OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, the REST UserResource endpoint performs a security check...
CVE-2021-21247
Summary: OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, the application's BasePage registers an AJAX event listener...
CVE-2021-1704
Summary: Windows Hyper-V Elevation of Privilege Vulnerability Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1704 CVSS Score (if available) v2: / HIGH v3: /...
Bot ‘FreakOut’ leverages three critical vulnerabilities to attack Linux systems
Oracle Co-Founder Larry Ellison delivers a keynote address at the Oracle OpenWorld conference in 2006. Researchers discovered a new Internet...
Zoom watermarking: pros and cons
Metadata, which gives background information on pieces of data, is typically hidden. It becomes a problem when accidentally revealed. Often...
3 Unique Procedures to Counter Money Laundering in India
The main weapon used by money launders to launder cash is bitcoin and other cryptocurrencies alternatives. India’s cryptocurrency exchanges deployed...
AnyVan 4.1 Million Users Comprised with Data-Breach
Headquartered in Hammersmith, London (UK)- AnyVan is a European online platform for the patrons to access consignment, transport, and removal...
