PT-2021-3832 · Microsoft · Azure Sphere

Name of the Vulnerable Software and Affected Versions: Azure Sphere affected versions not specified Description: The issue is related to insufficient protection of service data in Azure Sphere operating systems, which could allow an attacker to gain unauthorized access to protected information...

PT-2021-3902 · Microsoft · Windows Services For Nfs +1

Name of the Vulnerable Software and Affected Versions: Windows Services for NFS affected versions not specified Description: The issue is related to insufficient protection of service data, which can be exploited by a remote attacker to gain unauthorized access to protected information. This can...

PT-2021-3917 · Microsoft · Windows Cryptographic Primitives Library +1

Name of the Vulnerable Software and Affected Versions: Windows Cryptographic Primitives Library affected versions not specified Description: The issue is related to insufficient protection of sensitive data in the Windows Cryptographic Primitives Library, which can allow an attacker to gain...

The vulnerability of the command-line interface of Cisco SD-WAN micro-programming software allows a hacker to read arbitrary files or gain unauthorized access to the device.

The vulnerability of the command-line interface of Cisco SD-WAN software lies in the insufficient protection of registration data. Exploiting this vulnerability allows an attacker to read arbitrary files or gain unauthorized access to the device...

PT-2021-7891 · Microsoft · Sharepoint Server

Name of the Vulnerable Software and Affected Versions: Microsoft SharePoint Server affected versions not specified Description: The issue is related to insufficient protection of service data in Microsoft SharePoint Server, which can be exploited by a remote attacker to gain unauthorized access t...

Several Malware Families Targeting IIS Web Servers With Malicious Modules

A systematic analysis of attacks against Microsoft's Internet Information Services IIS servers has revealed as many as 14 malware families, 10 of them newly documented, indicating that the Windows-based web server software continues to be a hotbed for natively developed malware for close to eight...

The vulnerability of the EWWW Image Optimizer plugin of the WordPress content management system, related to a violation of data protection mechanisms, allows attackers to execute arbitrary code.

The vulnerability of the EWWW Image Optimizer plugin of the WordPress content management system is related to a violation of data protection mechanisms. Exploiting this vulnerability allows an attacker who operates remotely to execute arbitrary code...

UC San Diego Health Breach Tied to Phishing Attack

Authorities at the University of California San Diego Health reported a phishing attack led to a major breach of its network, which allowed an adversary to gain access to sensitive patient, student and employee data. A Wednesday notice from UCSD Health explains the attack occurred between Dec. 2,...

CVE-2020-5351

Dell EMC Data Protection Advisor versions 6.4, 6.5 and 18.1 contain an undocumented account with limited privileges that is protected with a hard-coded password. A remote unauthenticated malicious user with the knowledge of the hard-coded password may login to the system and gain read-only...

CVE-2020-5351

Dell EMC Data Protection Advisor versions 6.4, 6.5 and 18.1 contain an undocumented account with limited privileges that is protected with a hard-coded password. A remote unauthenticated malicious user with the knowledge of the hard-coded password may login to the system and gain read-only...

CVE-2020-5341

Deserialization of Untrusted Data Vulnerability Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2, 19.1 and 19.2 and Dell EMC Integrated Data Protection Appliance versions 2.0, 2.1, 2.2, 2.3, 2.4 and 2.4.1 contain a Deserialization of Untrusted Data Vulnerability. A remote unauthenticated...

CVE-2020-5341

Deserialization of Untrusted Data Vulnerability Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2, 19.1 and 19.2 and Dell EMC Integrated Data Protection Appliance versions 2.0, 2.1, 2.2, 2.3, 2.4 and 2.4.1 contain a Deserialization of Untrusted Data Vulnerability. A remote unauthenticated...

Deserialization of untrusted data

Deserialization of Untrusted Data Vulnerability Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2, 19.1 and 19.2 and Dell EMC Integrated Data Protection Appliance versions 2.0, 2.1, 2.2, 2.3, 2.4 and 2.4.1 contain a Deserialization of Untrusted Data Vulnerability. A remote unauthenticated...

Hardcoded credentials

Dell EMC Data Protection Advisor versions 6.4, 6.5 and 18.1 contain an undocumented account with limited privileges that is protected with a hard-coded password. A remote unauthenticated malicious user with the knowledge of the hard-coded password may login to the system and gain read-only...

CVE-2020-5351

Dell EMC Data Protection Advisor versions 6.4, 6.5 and 18.1 contain an undocumented account with limited privileges that is protected with a hard-coded password. A remote unauthenticated malicious user with the knowledge of the hard-coded password may login to the system and gain read-only...

CVE-2020-5351

Dell EMC Data Protection Advisor (versions 6.4, 6.5, and 18.1) contains an undocumented account protected by a hard-coded password. A remote unauthenticated attacker who knows the password can log in and gain read‑only privileges. This is supported by multiple sources in the connected documents (...

CVE-2020-5341

Deserialization of Untrusted Data Vulnerability Dell EMC Avamar Server versions 7.4.1, 7.5.0, 7.5.1, 18.2, 19.1 and 19.2 and Dell EMC Integrated Data Protection Appliance versions 2.0, 2.1, 2.2, 2.3, 2.4 and 2.4.1 contain a Deserialization of Untrusted Data Vulnerability. A remote unauthenticated...

CVE-2020-5341

CVE-2020-5341 describes a Deserialization of Untrusted Data vulnerability affecting Dell EMC Avamar Server and Dell EMC Integrated Data Protection Appliance. Affected Avamar Server versions: 7.4.1, 7.5.0, 7.5.1, 18.2, 19.1, 19.2. Affected IDPA versions: 2.0, 2.1, 2.2, 2.3, 2.4, 2.4.1. The issue a...

Dell EMC Data Protection Advisor 安全漏洞

Dell EMC Data Protection Advisor is a data protection management solution from Dell Dell. The product supports data backup, data recovery, and data replication management. A security vulnerability exists in Dell EMC Data Protection Advisor versions 6.4, 6.5, and 18.1, which arises from the affect...

A Cloud Migration Strategy with Security Embedded

Learn how to build a cloud migration strategy that keeps security in mind...