Monitor Windows Registry Changes with Qualys File Integrity Monitoring

With Windows registries storing a large number of programs and OS security settings and a large amount of raw data, threat actors have begun to use those registries as a data store for their malicious activity. It is therefore imperative for organizations to monitor changes in Windows registries ...

The vulnerability of the Data Source component of the Oracle CRM Technical Foundation system, which allows a malicious actor to gain unauthorized access to the device and disclose protected information.

The vulnerability of the Data Source component in the Oracle CRM Technical Foundation system relates to code errors. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to the device and disclose sensitive information through HTTP requests...

GHSA-58QP-5328-V7MH cumulative-distribution-function Infinite Loop vulnerability

Impact Apps using this library on improper data may crash or go into an infinite-loop In the case of a nodejs server-app using this library to act on invalid non-numeric data, the nodejs server may crash. This may affect other users of this server and/or require the server to be rebooted for prop...

Authorization Bypass

grafana is vulnerable to authorization bypass. A dashboard editor is able to bypass a permission check concerning a restricted data source...

CVE-2021-2251

Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite component: Data Source. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle CRM...

Design/Logic Flaw

Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite component: Data Source. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle CRM...

CVE-2021-2251

Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite component: Data Source. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle CRM...

CVE-2021-2251

Vulnerability in the Oracle CRM Technical Foundation product of Oracle E-Business Suite component: Data Source. Supported versions that are affected are 12.1.3 and 12.2.3-12.2.10. Easily exploitable vulnerability allows low privileged attacker with network access via HTTP to compromise Oracle CRM...

Oracle E-Business Suite 安全漏洞

Oracle E-Business Suite E-Business Suite is a set of fully integrated global business management software from Oracle Oracle. The software provides customer relationship management, service management, financial management and other functions. A security vulnerability exists in Oracle E-Business...

Oracle CRM Technical Foundation 安全漏洞

Oracle E-Business Suite is based on the original Application ERP expansion, including ERP Enterprise Resource Planning, HR Human Resource Management, CRM Customer Relationship Management and so on a variety of management software collection, is a seamless integration of a management suite. Oracle...

Design/Logic Flaw

Grafana Enterprise 7.2.x and 7.3.x before 7.3.10 and 7.4.x before 7.4.5 allows a dashboard editor to bypass a permission check concerning a data source they should not be able to access...

CVE-2021-27962

CVE-2021-27962 affects Grafana Enterprise 7.2.x and 7.3.x (before 7.3.10) and 7.4.x (before 7.4.5). The vulnerability allows a dashboard editor to bypass a permission check on a data source they should not access. This is a permission‑level bypass in the data source access path. The CVSS metrics ...

CVE-2021-27962

Grafana Enterprise 7.2.x and 7.3.x before 7.3.10 and 7.4.x before 7.4.5 allows a dashboard editor to bypass a permission check concerning a data source they should not be able to access...

CVE-2021-27962

Grafana Enterprise 7.2.x and 7.3.x before 7.3.10 and 7.4.x before 7.4.5 allows a dashboard editor to bypass a permission check concerning a data source they should not be able to access...

CVE-2021-27962

A flaw was found in Grafana Enterprise. Users with the Editor role are allowed to bypass data source permissions for the organization's default data source. The highest threat from this vulnerability is to data confidentiality. Mitigation If you are using the Enterprise version of Grafana, you ca...

Grafana Labs Grafana Enterprise 安全漏洞

Grafana is a set of open source monitoring tools from Grafana Labs that provide a visual monitoring interface. The tool is primarily used to monitor and analyze Graphite, InfluxDB, and Prometheus, among others. A security vulnerability exists in Grafana Enterprise that stems from a user with the...

CVE-2021-1870

creationtimestamp| type| source ---|---|--- 2021-01-27 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=543 2021-11-08 08:58:17+00:00| seen| MISP/f5030aca-7d5a-43a4-ae03-8f4ac8e85422 2021-11-20 09:53:52+00:00| seen| MISP/3c19819c-1dac-4ef2-bfed-be5efa7e0123 2023-12-05...

CVE-2021-1353

creationtimestamp| type| source ---|---|--- 2021-01-20 22:33:28+00:00| seen| https://t.me/cibsecurity/22456...

CVE-2021-21242

creationtimestamp| type| source ---|---|--- 2021-01-16 00:51:28+00:00| seen| https://t.me/cibsecurity/22233...

CVE-2021-3121

creationtimestamp| type| source ---|---|--- 2021-01-11 12:45:18+00:00| seen| https://t.me/cibsecurity/21896 2024-01-15 19:46:59+00:00| seen| https://t.me/arpsyndicate/2803...