All Vulnerabilities for fnmoc.navy.mil Patched via Open Bug Bounty

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: &nbsp&nbsp&nbsp&nbsp&nbsp&nbspa. verified the vulnerability and confirmed its existence; &nbsp&nbsp&nbsp&nbsp&nbsp&nbspb. notified the website operator about its existence...

Exploit for Exposed IOCTL with Insufficient Access Control in Dell Dbutil

Description Script to patch your domain computers about the CV...

RMM software: What is it and do you need it?

As cybersecurity products evolve to better protect against new forms of malware, trickier evasion techniques, and more organized cybercrime campaigns, the practice of cybersecurity evolves, too, providing simple, streamlined methods to manage hundreds of endpoints through one tool: RMM software...

VMware Sounds Ransomware Alarm Over Critical Severity Bug

VMware patched a critical bug impacting its vCenter Server platform with a severity rating of 9.8 out of 10. The company said the flaw could allow a remote attacker to exploit its products and take control of a company’s affected system. VMware went a step further on Tuesday, calling on IT securi...

CVE-2021-21985: What you need to know about the latest critical vCenter Server vulnerability

On Tuesday, May 25, 2021, VMware published security advisory VMSA-2021-0010, which includes details on CVE-2021-21985, a critical remote code execution vulnerability in the vSphere Client HTML5 component of vCenter Server 6.5, 6.7, and 7.0 and VMware Cloud Foundation 3.x and 4.x. The vulnerabilit...

All Vulnerabilities for privatcam.ws Patched via Open Bug Bounty

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| privatcam.ws ---|--- Open Bug Bounty...

Heap buffer overflow in `StringNGrams`

Impact An attacker can cause a heap buffer overflow by passing crafted inputs to tf.rawops.StringNGrams: python import tensorflow as tf separator = b'\x02\x00' ngramwidths = 7, 6, 11 leftpad = b'\x7f\x7f\x7f\x7f\x7f' rightpad = b'\x7f\x7f\x25\x5d\x53\x74' padwidth = 50 preserveshortsequences = Tr...

Wallarm NG WAF is ranked as a “High Performer” by G2, Spring 2021!

We are proud to announce that Wallarm NG WAF was ranked as a “High performer” by G2 in the Web Application Firewall category. This award from the G2 platform confirms that our solution is highly rated by current verified Wallarm WAF users, who left unbiased reviews and answers to WAF-related...

kpatch bug fix and enhancement update

An update is available for kpatch. This update affects Rocky Linux 8. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list The kpatch management tool provides a kernel patching infrastructure which...

All Vulnerabilities for do.ntu.edu.ua Patched via Open Bug Bounty

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| do.ntu.edu.ua ---|--- Open Bug Bounty...

All Vulnerabilities for moodle.hum.umss.edu.bo Patched via Open Bug Bounty

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| moodle.hum.umss.edu.bo ---|--- Open Bug...

PT-2024-11096 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the powerpc/64s architecture in the Linux kernel, where crashes can occur when toggling the entry flush barrier. The entry flush mitigation can be enabled or...

Snuffleupagus - Security Module For Php7 And Php8 - Killing Bugclasses And Virtual-Patching The Rest!

Security module for php7 and php8 - Killing bugclasses and virtual-patching the rest! Snuffleupagus is a PHP 7+ and 8+ module designed to drastically raise the cost of attacks against websites, by killing entire bug classes. It also provides a powerful virtual-patching system, allowing...

All Vulnerabilities for aodelearning.mhc.wa.gov.au Patched via Open Bug Bounty

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| aodelearning.mhc.wa.gov.au ---|--- Open...

Integer overflow

Redis is an open source BSD licensed, in-memory data structure store, used as a database, cache, and message broker. An integer overflow bug in Redis 6.2 before 6.2.3 could be exploited to corrupt the heap and potentially result with remote code execution. Redis 6.0 and earlier are not directly...

CVE-2021-29478

CVE-2021-29478 is an integer overflow in Redis 6.2 before 6.2.3 (and related COPY intsets) that could allow remote code execution when an attacker uses large intsets. IBM advisories cite affected IBM Robotic Process Automation for Cloud Pak versions (21.0.1–21.0.7.5 and 23.0.0–23.0.6) with remedi...

Low: kernel-livepatch-4.14.219-164.354

Issue Overview: A low severity issue was found in the Nitro Enclaves Linux kernel driver that could lead to local privilege escalation. The issue does not break the isolation or security of what is running inside the enclave as the Nitro Enclave's security model already excludes the instance...

CVE-2021-21264

CVE-2021-21264 affects October CMS (Laravel-based) and describes a Twig sandbox bypass where an authenticated backend user with cms.manage_pages, cms.manage_layouts, or cms.manage_partials permissions can write PHP code despite cms.enableSafeMode being enabled. The vulnerability mirrors the impac...

iOS / iPadOS 14.5 Updates: Identify Assets Requiring Update and Take Remote Action with VMDR for Mobile Devices

Apple recently released iOS 14.5 and iPadOS 14.5 which include a security update that addresses almost 50 vulnerabilities including several critical RCE and privilege escalation vulnerabilities. Qualys recommends security teams to immediately update all devices running iOS and iPadOS to the lates...

WhatsApp Vulnerabilities: Automatically Discover and Remediate Using VMDR for Mobile Devices

WhatsApp has recently fixed critical and high-severity vulnerabilities affecting WhatsApp for Android, WhatsApp Business for Android, WhatsApp for iOS, and WhatsApp Business for iOS. The Indian Computer Emergency Response Team CERT-In has issued a high-severity security warning for WhatsApp users...