ai.konduit.serving:konduit-serving-clients (>=0.0.2 <=0.3.0), ai.konduit.serving:konduit-serving-distro-bom (>=0.0.2 <=0.3.0) +195 more potentially affected by CVE-2021-21364 via io.swagger:swagger-codegen (>=2.1.1 <=2.4.18)

io.swagger:swagger-codegen MAVEN version =2.1.1, =0.0.2, =0.0.2, =0.1-1, =1.1, =0.1.13, =1.0.1, =1.1, =1.3, =0.12, =1.1.6, =1.1.7 and more Source cves: CVE-2021-21364 Source advisory: OSV:GHSA-HPV8-9RQ5-HQ7W...

NewStart CGSL CORE 5.04 / MAIN 5.04 : openssl Vulnerability (NS-SA-2021-0020)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has openssl packages installed that are affected by a vulnerability: - The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a...

NewStart CGSL MAIN 6.02 : openssl Multiple Vulnerabilities (NS-SA-2021-0086)

The remote NewStart CGSL host, running version MAIN 6.02, has openssl packages installed that are affected by multiple vulnerabilities: - There is an overflow bug in the x6464 Montgomery squaring procedure used in exponentiation with 512-bit moduli. No EC algorithms are affected. Analysis suggest...

Iranian Hackers Using Remote Utilities Software to Spy On Its Targets

Hackers with suspected ties to Iran are actively targeting academia, government agencies, and tourism entities in the Middle East and neighboring regions as part of an espionage campaign aimed at data theft. Dubbed "Earth Vetala" by Trend Micro, the latest finding expands on previous research...

Vulnerability fixed in Cisco Webex Meetings

A vulnerability has been fixed in Cisco Webex Meetings. The vulnerability allows a malicious party to make changes to make changes to the distribution list of Cisco Webex Meetings belonging to another other user within the same organization. Cisco has released updates to fix the vulnerability. Mo...

EulerOS Virtualization for ARM 64 3.0.6.0 : openssl (EulerOS-SA-2021-1549)

According to the version of the openssl packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known...

EulerOS Virtualization 3.0.6.6 : openssl (EulerOS-SA-2021-1505)

According to the version of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as...

RTM Cybergang Adds New Quoter Ransomware to Crime Spree

The Russian-speaking group behind the infamous RTM banking trojan is now packing a trifecta of threats as it turns up the heat – part of a massive new money-grab campaign. Beyond the banking malware it is known for, attackers have enlisted a recently-discovered ransomware family called Quoter as...

Cisco Webex Meetings Unauthorized Distribution List Update Vulnerability

A vulnerability in the distribution list feature of Cisco Webex Meetings could allow an authenticated, remote attacker to modify a distribution list that belongs to another user of their organization. The vulnerability is due to insufficient authorization enforcement for requests to update...

Cisco Webex Meetings 访问控制错误漏洞

Cisco Webex Meetings is a video conferencing and online meeting software from Cisco USA. It provides video and audio conferencing with sharing, chat, and other features. Cisco Webex Meetings suffers from an Access Control Error vulnerability that stems from insufficient execution of authorization...

PT-2021-2258 · Cisco · Cisco Webex Meetings

Name of the Vulnerable Software and Affected Versions: Cisco Webex Meetings affected versions not specified Description: A vulnerability in the distribution list feature of Cisco Webex Meetings could allow an authenticated, remote attacker to modify a distribution list that belongs to another use...

[SECURITY] [DSA 4867-1] grub2 security update

------------------------------------------------------------------------- Debian Security Advisory DSA-4867-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso March 02, 2021 https://www.debian.org/security/faq -...

The vulnerability of the CServerManager::HandleBrowseLoadIconStreamRequest function in the FactoryTalk Linx automation software allows a intruder to trigger a service failure.

The vulnerability of the CServerManager::HandleBrowseLoadIconStreamRequest function messaging.dll in the FactoryTalk Linx automation software is related to the unlimited distribution of resources. Exploiting this vulnerability could allow an attacker to cause a service failure by sending a...

Gootkit RAT Using SEO to Distribute Malware Through Compromised Sites

A framework notorious for delivering a banking Trojan has received a facelift to deploy a wider range of malware, including ransomware payloads. "The Gootkit malware family has been around more than half a decade – a mature Trojan with functionality centered around banking credential theft," Soph...

Debian DSA-4862-1 : firefox-esr - security update

Multiple security issues have been found in the Mozilla Firefox web browser, which could potentially result in the execution of arbitrary code or information disclosure. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security...

Malware Gangs Partner Up in Double-Punch Security Threat

Cybergangs are joining forces under the guise of affiliate groups and “as-a-service” models, warns Maya Horowitz, the director of threat intelligence research with Check Point Research. She said the trend is driving a new and thriving cybercriminal underground economy. Several malware gangs have...

SQL Injection Vulnerability in Qibo Cloud Micro Distribution

Micro-distribution is a "micro-mall + micro-distribution" social e-commerce marketing platform, based on the spread of the WeChat circle of friends, easily lead thousands of WeChat users together for you to sell goods, sales of goods. Qibo cloud micro distribution SQL injection vulnerability...

The mystery of the Silver Sparrow Mac malware

Cyber security company Red Canary published findings last week about a new piece of Mac malware called Silver Sparrow. This malware is notable in being one of the first to include native code for Apples new M1 chips, but what is unknown about this malware is actually more interesting than what is...

EulerOS 2.0 SP2 : openssl110f (EulerOS-SA-2021-1339)

According to the version of the openssl110f packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName...

Debian: Security Advisory (DSA-4858-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...