Digital Education: The cyberrisks of the online classroom
This past spring, as the COVID-19 pandemic took hold, online learning became the new norm as universities and classrooms around the world were forced to close their doors. By April 29, 2020, more than 1.2 billion children across 186 countries were impacted by school closures. Shortly after schools....
-0.6AI Score
Bluescan is a open source project by Sourcell Xu from DBAPP Security HatLab. Anyone may redistribute copies of bluescan to anyone under the terms stated in the GPL-3.0 license. This document is also available in Chinese. See README-Chinese.md Aren't the previous Bluetooth scanning tools...
7.9AI Score
0.015EPSS
Google Chrome WebGL code execution vulnerability
Summary A use-after-free read vulnerability exists in Google Chrome 81.0.4044.138 (Stable), 84.0.4136.5 (Dev) and 84.0.4143.7 (Canary), when a WebGL component fails to properly handle objects in memory. Successful exploitation of this vulnerability can lead to arbitrary code execution in the...
-0.4AI Score
0.001EPSS
Senate Bill Would Expand Facial-Recognition Restrictions Nationwide
A bill making its way through the U.S. Senate aims to extend nationwide some of the restrictions on the collection of facial-recognition information already imposed by an Illinois state law, as well as expand private citizens’ legal powers to sue companies that violate them. The news comes as...
0.2AI Score
Oracle WebLogic Server - Remote Command Execution
The Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services) allows unauthenticated attackers with network access via HTTP to compromise Oracle WebLogic Server. Versions that are affected are 10.3.6.0.0 and...
9.3AI Score
0.976EPSS
Description of the security update for SharePoint Server 2019: August 11, 2020
Description of the security update for SharePoint Server 2019: August 11, 2020 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see the...
6.7AI Score
0.177EPSS
Description of the security update for SharePoint Server 2010: August 11, 2020
Description of the security update for SharePoint Server 2010: August 11, 2020 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see the...
6.5AI Score
0.014EPSS
Description of the security update for Outlook 2013: August 11, 2020
Description of the security update for Outlook 2013: August 11, 2020 Summary This security update resolves a remote code execution vulnerability that exists in Microsoft Outlook when the software does not correctly handle objects in memory. It also resolves an information disclosure vulnerability.....
6AI Score
0.005EPSS
Description of the security update for SharePoint Foundation 2013: August 11, 2020
Description of the security update for SharePoint Foundation 2013: August 11, 2020 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see the...
6.5AI Score
0.014EPSS
Description of the security update for SharePoint Server 2010 Office Web Apps: August 11, 2020
Description of the security update for SharePoint Server 2010 Office Web Apps: August 11, 2020 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these...
7.8AI Score
0.177EPSS
High-Severity Cisco DoS Flaw Plagues Small-Business Switches
Cisco is warning of a high-severity flaw that could allow remote, unauthenticated attackers to cripple several of its popular small-business switches with denial of service (DoS) attacks. The vulnerability stems from the IPv6 packet processing engine in the switches. IPv6 (also known as Internet...
1AI Score
c-ares 1.16.0 Use-After-Free Exploit
c-ares version 1.16.0 has an issue where ares_destroy() with pending ares_getaddrinfo() leads to a use-after-free...
7AI Score
Description of the security update for SharePoint Server 2010: July 14, 2020
Description of the security update for SharePoint Server 2010: July 14, 2020 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see the...
7.8AI Score
0.841EPSS
Description of the security update for Outlook 2013: July 14, 2020
Description of the security update for Outlook 2013: July 14, 2020 Summary This security update resolves a remote code execution vulnerability that exists in Microsoft Outlook software if it does not correctly handle objects in memory. To learn more about the vulnerability, see Microsoft Common...
8AI Score
0.024EPSS
Description of the security update for SharePoint Enterprise Server 2013: July 14, 2020
Description of the security update for SharePoint Enterprise Server 2013: July 14, 2020 Note: After you install this update, the default setting for a trusted data source and trusted content locations in PerformancePoint Services will change from trust all to trust none. For more information, see.....
8.9AI Score
0.013EPSS
Description of the security update for SharePoint Server 2010 Office Web Apps: July 14, 2020
Description of the security update for SharePoint Server 2010 Office Web Apps: July 14, 2020 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities,.....
7.8AI Score
0.038EPSS
Description of the security update for SharePoint Foundation 2013: July 14, 2020
Description of the security update for SharePoint Foundation 2013: July 14, 2020 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see the...
7.5AI Score
0.013EPSS
Cisco Warns of High-Severity Bug in Small Business Switch Lineup
Cisco Systems is warning of a high-severity flaw affecting more than a half-dozen of its small business switches. The flaw could allow remote, unauthenticated attackers to access the switches’ management interfaces with administrative privileges. Specifically affected are Series Smart Switches,...
AI Score
Heap-use-after-free in cin_get
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=15200 Crash type: Heap-use-after-free READ 1 Crash state: cin_get get_token...
-0.3AI Score
Fedora 31 : tcpreplay (2020-256ac53cc7)
This release contains bug fixes only (which includes security fixes) : Increase cache buffers size to accomodate VLAN edits (#594) Correct L2 header length to correct IP header offset (#583) Fix warnings from gcc version 10 (#580) Heap Buffer Overflow in randomize_iparp (#579) ...
8.9AI Score
Fedora 32 : tcpreplay (2020-f47830961a)
This release contains bug fixes only (which includes security fixes) : Increase cache buffers size to accomodate VLAN edits (#594) Correct L2 header length to correct IP header offset (#583) Fix warnings from gcc version 10 (#580) Heap Buffer Overflow in randomize_iparp (#579) ...
8.9AI Score
Cisco VPN Concentrator 3000 FTP Unauthorized Administrative Access
This module tests for a logic vulnerability in the Cisco VPN Concentrator 3000 series. It is possible to execute some FTP statements without authentication (CWD, RNFR, MKD, RMD, SIZE, CDUP). It also appears to have some memory leak bugs when working with CWD commands. This module simply creates an....
0.3AI Score
Mitigating Credential Stuffing Attacks in the Financial Sector
(If You Think Multi-Factor Authentication Prevents Credential Stuffing, Think Again!) Financial services firms around the world are experiencing credential stuffing attacks at an alarming rate. Cybercriminals are using readily available automation tools, botnets, and compromised account...
0.6AI Score
Description of the security update for SharePoint Foundation 2013: June 9, 2020
Description of the security update for SharePoint Foundation 2013: June 9, 2020 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see the...
6.6AI Score
0.364EPSS
Description of the security update for SharePoint Server 2010: June 9, 2020
Description of the security update for SharePoint Server 2010: June 9, 2020 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see the following....
6.5AI Score
0.001EPSS
Description of the security update for SharePoint Server 2010: May 12, 2020
Description of the security update for SharePoint Server 2010: May 12, 2020 Summary This security update resolves a cross-site-scripting (XSS) vulnerability that exists if Microsoft SharePoint Server does not correctly sanitize a specially crafted web request to an affected SharePoint server. To...
5.7AI Score
0.001EPSS
Description of the security update for SharePoint Foundation 2013: May 12, 2020
Description of the security update for SharePoint Foundation 2013: May 12, 2020 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see the...
7.1AI Score
0.014EPSS
Adobe Bridge PostScript load Command Out-Of-Bounds Write Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Adobe Bridge. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of the.....
7.8CVSS
2.5AI Score
0.002EPSS
Acronis: Reflected XSS on www.grouplogic.com/video.asp
Hello there, I hope you are well! PoC: http://www.grouplogic.com/video.asp?v=Acroxx1%22%3C/script%3E%3Cscript%3Ealert(document.cookie)%3C/script%3Es_aE&e=mp4&width=560&height=315 Impact Stealing cookies Best Regards,...
1AI Score
b2b.hte.si Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1150599 Security Researcher g0bl1nsec Helped patch 3768 vulnerabilities Received 4 Coordinated Disclosure badges Received 3 recommendations , a holder of 4 badges for responsible and coordinated disclosure, found a security vulnerability affecting b2b.hte.si website and...
AI Score
Sky File 2.1.0 iOS - Directory Traversal Vulnerability
Exploit for php platform in category web...
AI Score
7.4AI Score
lerciopinto.pt Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1148367 Security Researcher DkilerS2 Helped patch 112 vulnerabilities Received 4 Coordinated Disclosure badges Received 8 recommendations , a holder of 4 badges for responsible and coordinated disclosure, found a security vulnerability affecting lerciopinto.pt website and...
AI Score
IBM Data Risk Manager Authentication Bypass / Command Injection / File Download Exploit
IBM Data Risk Manager suffers from authentication bypass, command injection, insecure default password, and arbitrary file download...
7.4AI Score
0.3AI Score
0.1AI Score
1.1AI Score
Oracle VirtualBox xHCI Heap-based Buffer Overflow Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the xHCI...
7.5CVSS
5AI Score
0.001EPSS
Description of the security update for SharePoint Server 2010 Office Web Apps: April 14, 2020
Description of the security update for SharePoint Server 2010 Office Web Apps: April 14, 2020 Summary This security update resolves a remote code execution vulnerability that exists in Microsoft Word software if it does not correctly handle objects in memory. To learn more about the vulnerability,....
8.2AI Score
0.011EPSS
Description of the security update for SharePoint Enterprise Server 2013: April 14, 2020
Description of the security update for SharePoint Enterprise Server 2013: April 14, 2020 Summary This security update resolves a remote code execution vulnerability that exists in Microsoft SharePoint when the software fails to check the source markup of an application package. To learn more about....
9AI Score
0.017EPSS
Description of the security update for SharePoint Foundation 2013: April 14, 2020
Description of the security update for SharePoint Foundation 2013: April 14, 2020 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see the...
6.7AI Score
0.089EPSS
Description of the security update for Outlook 2013: April 14, 2020
Description of the security update for Outlook 2013: April 14, 2020 Summary This security update resolves a remote code execution vulnerability that exists when Microsoft Office improperly loads arbitrary type libraries. To learn more about the vulnerability, see Microsoft Common Vulnerabilities...
8.6AI Score
0.038EPSS
Description of the security update for SharePoint Server 2010: April 14, 2020
Description of the security update for SharePoint Server 2010: April 14, 2020 Summary This security update resolves a cross-site-scripting (XSS) vulnerability that exists if Microsoft SharePoint Server does not correctly sanitize a specially crafted web request to an affected SharePoint server. To....
5.7AI Score
0.001EPSS
MS15-099: Description of the security update for SharePoint Foundation 2013: September 8, 2015
Resolves vulnerabilities in Office that could allow remote code execution if a user opens a specially crafted Office file.SummaryThis security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more...
-0.4AI Score
Resolves vulnerabilities in Microsoft Office that could allow remote code execution if an attacker convinces a user to open or preview a specially crafted Microsoft Word file in an affected version of Office.IntroductionThis security update resolves vulnerabilities in Microsoft Office that could...
-0.3AI Score
MS16-015: Description of the security update for SharePoint Server 2010 Office Web Apps: February 9, 2016 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these...
7.5AI Score
MS15-033: Description of the security update for SharePoint Server 2010 Office Web Apps: April 14, 2015 Introduction This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if an attacker convinces a user to open or preview a specially crafted...
7.4AI Score
MS16-029: Description of the security update for SharePoint Server 2010 Office Web Apps: March 8, 2016 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these...
7.5AI Score
MS15-022: Description of the security update for SharePoint Server 2013: March 10, 2015
MS15-022: Description of the security update for SharePoint Server 2013: March 10, 2015 Introduction This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if an attacker convinces a user to open or preview a specially crafted Microsoft Word file...
7.7AI Score
There is an insufficient integrity validation vulnerability in several products. The device does not sufficiently validate the integrity of certain file in certain loading processes, successful exploit could allow the attacker to load a crafted file to the device through USB.Affected product...
4.6CVSS
4.6AI Score
0.001EPSS