EUVD-2020-23858

Malware in sbrugna...

CVE-2021-25360

An improper input validation vulnerability in libswmfextractor library prior to SMR APR-2021 Release 1 allows attackers to execute arbitrary code on mediaextractor process...

CVE-2021-30161

An issue was discovered on LG mobile devices with Android OS 11 software. Attackers can bypass the lockscreen protection mechanism after an incoming call has been terminated. The LG ID is LVE-SMP-210002 April 2021...

Oracle Siebel Server <= 21.0 (April 2021 CPU)

The versions of Oracle Siebel CRM installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2021 CPU advisory. - Vulnerability in the Siebel UI Framework product of Oracle Siebel CRM component: SWSE Server Apache Axis. Supported versions that are affected ar...

Linux Vulnerability Exposes Millions of Systems to Attack

By Waqas Dubbed Looney Tunables; the vulnerability has existed since its introduction in April 2021, putting a significant number of systems at risk. This is a post from HackRead.com Read the original post: Linux Vulnerability Exposes Millions of Systems to Attack...

K96639388: Overview of F5 vulnerabilities (April 2021)

Security Advisory Description On April 28th, 2021, F5 announced the following security issues. This document is intended to serve as an overview of these vulnerabilities and security exposures to help determine the impact to your F5 devices. The details of each issue can be found in the associate...

SUSE CVE-2021-30473

aomimage.c in libaom in AOMedia before 2021-04-07 frees memory that is not located on the heap...

Andariel deploys DTrack and Maui ransomware

On July 7, 2022, the CISA published an alert, entitled, "North Korean State-Sponsored Cyber Actors Use Maui Ransomware To Target the Healthcare and Public Health Sector," related to a Stairwell report, "Maui Ransomware." Later, the Department of Justice announced that they had effectively clawed...

Security Updates for Microsoft Excel Products C2R (April 2021)

The Microsoft Excel Products are missing security updates. It is, therefore, affected by multiple vulnerabilities : - Microsoft Office Remote Code Execution Vulnerability CVE-2021-28449 - Microsoft Excel Remote Code Execution Vulnerability CVE-2021-28451, CVE-2021-28454, CVE-2021-28456 Note that...

Security Bulletin: CVE-2021-2161 may affect IBM® SDK, Java™ Technology Edition for Content Collector for SAP Applications

Summary CVE-2021-2161 was disclosed in the Oracle April 2021 Critical Patch Update. Vulnerability Details CVEID: CVE-2021-2161 DESCRIPTION: An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause no confidentiality impact, high...

Security Bulletin: Oracle Database Server Vulnerability Affects IBM Emptoris Strategic Supply Management Platform (CVE-2021-2207)

Summary An Oracle database server security vulnerabilities affect IBM Emptoris Strategic Supply Management Platform. Vulnerability Details CVEID: CVE-2021-2207 DESCRIPTION: An unspecified vulnerability in Oracle Database Server related to the Oracle Database - Enterprise Edition component could...

Security Bulletin: A vulnerability in IBM Java SDK (April 2021) affects IBM InfoSphere Information Server (CVE-2021-2161)

Summary There is a vulnerability in the IBM® SDK Java™ Technology Edition, Version 8 that is used by IBM InfoSphere Information Server. This issue was disclosed as part of the IBM Java SDK updates in April 2021. Vulnerability Details CVEID: CVE-2021-2161 DESCRIPTION: An unspecified vulnerability ...

Security Bulletin: Security vulnerability in IBM® Java SDK April 2021 CPU has been identified in Jazz Team Server shipped with Jazz Reporting Service

Summary Jazz Team Server is shipped as a component of Jazz Reporting Service JRS. Information about a security vulnerability in IBM® SDK Java Technology Edition from April 2021 CPU that is affecting Jazz Team Server and Jazz-based products has been published in a security bulletin. Vulnerability...

Security Bulletin: Security Vulnerabilities in IBM® Java SDK April 2021 CPU plus affect multiple IBM Continuous Engineering products based on IBM Jazz Technology

Summary There are multiple vulnerabilities in IBM® SDK Java Technology Edition from April 2021 CPU that are used by IBM Jazz Team Server affecting the following IBM Jazz Team Server based Applications: Engineering Lifecycle Management ELM, IBM Engineering Requirements Management DOORS Next DOORS...

Security Bulletin: Multiple security vulnerabilities has been identified in IBM WebSphere Application Server shipped with Tivoli Netcool/OMNIbus WebGUI - April 2021 CPU

Summary Websphere Application Server WAS is shipped as a component of Tivoli Netcool/OMNIbus WebGUI. Information about security vulnerabilities affecting WAS has been published in a security bulletin. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section...

Security Bulletin: Multiple vulnerabilities in IBM® Java SDK affect WebSphere Service Registry and Repository April 2021 CPU

Summary There are multiple vulnerabilities in IBM® SDK Java™ Technology Edition, used by WebSphere Service Registry and Repository. These issues were disclosed as part of the IBM Java SDK updates in April 2021. These issues are addressed by WebSphere Application Server shipped with WebSphere...

PT-2021-7908 · Libaom +4 · Libaom +4

Name of the Vulnerable Software and Affected Versions: libaom versions prior to 2021-04-07 Description: The issue is related to the incorrect handling of memory in the aom image.c component of the libaom library, which implements the AV1 codec. This can potentially allow a remote attacker to...

SUSE SLES12 Security Update : java-11-openjdk (SUSE-SU-2021:1314-1)

This update for java-11-openjdk fixes the following issues : Update to upstream tag jdk-11.0.11+9 April 2021 CPU - CVE-2021-2163: Fixed incomplete enforcement of JAR signing disabled algorithms bsc1185055 - CVE-2021-2161: Fixed incorrect handling of partially quoted arguments in ProcessBuilder...

2021. The age of the super vulnerability?

I don’t know about you, but to me it seems that every week we are seeing another vulnerability that not only grants significant access to the vulnerable system but also more widely internally. This last week we have seen the latest round of Microsoft Exchange vulnerabilities. The April 2021 updat...

Oracle Business Intelligence Publisher Multiple Vulnerabilities (Apr 2021 CPU)

The version of Oracle Business Intelligence Publisher or Oracle Analytics Server 5.5 running on the remote host is 11.1.1.9.x prior to 11.1.1.9.210215, 12.2.1.3.x prior to 12.2.1.3.210405, 12.2.1.4.x prior to 12.2.1.4.210402, or 12.2.5.5.x OAS 5.5 prior to 12.2.5.5.210331. It is, therefore,...