126 matches found
Top Countries With ICS Endpoint Malware Detections
The Trend Micro research paper, "2020 Report on Threats Affecting ICS Endpoints,” presents findings on ICS endpoints and the threats that plague them. From these findings, we rounded up the list of the top ten countries with the most malware and grayware detections...
CVE-2020-14147 affecting package redis 5.0.5-7
CVE-2020-14147 affecting package redis 5.0.5-7. A patched version of the package is available...
OpenWrt Resource Management Error Vulnerability
OpenWrt is a Linux operating system for embedded devices. A security vulnerability exists in libuci in OpenWrt versions prior to 18.06.9 and 19.x series versions prior to 19.07.5, which stems from the possibility of encountering the use of a malware package name after using free. This is related ...
2020-11 Cumulative Update for Windows 10 Version 1703 for x64-based Systems (KB4586782)
A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article...
mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2020)
Vulnerability in the MySQL Server product of Oracle MySQL component: Server: Security: Privileges. Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server...
Design/Logic Flaw
An issue was discovered in Xen through 4.13.x, allowing x86 HVM guest OS users to cause a hypervisor crash. An inverted conditional in x86 HVM guests' dirty video RAM tracking code allows such guests to make Xen de-reference a pointer guaranteed to point at unmapped space. A malicious or buggy HV...
PT-2020-6399 · Drupal · Drupal Core
Name of the Vulnerable Software and Affected Versions: Drupal Core version 7.70 and prior versions. Description: The issue is related to an Open Redirect vulnerability that allows a user to be tricked into visiting a specially crafted link, redirecting them to an arbitrary external URL. This is d...
comune.cadrezzateconosmate.va.it Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1151460 Security Researcher Gh05tPT Helped patch 6892 vulnerabilities Received 10 Coordinated Disclosure badges Received 48 recommendations , a holder of 10 badges for responsible and coordinated disclosure, found a security vulnerability affecting...
CVE-2020-5851
On impacted versions and platforms the Trusted Platform Module TPM system integrity check cannot detect modifications to specific system components. This issue only impacts specific engineering hotfixes and platforms. NOTE: This vulnerability does not affect any of the BIG-IP major, minor or...
Oracle MySQL Server CVE-2020-2580 Remote Security Vulnerability
Description Oracle MySQL Server is prone to a remote security vulnerability in 'Server: DDL' component. The vulnerability can be exploited over the 'MySQL' protocol. This vulnerability affects the following supported versions: 8.0.17 and prior Technologies Affected Oracle MySQL Server 8.0.11 Orac...
ABB Relion 670 Series
1. EXECUTIVE SUMMARY CVSS v3 10.0 ATTENTION: Exploitable remotely/low skill level to exploit Vendor: ABB Equipment: Relion 670 Series Vulnerability: Path Traversal 2. RISK EVALUATION Successful exploitation of this vulnerability may allow an attacker to read and delete files on the device. 3...
Adobe Media Encoder Out-of-Bounds Write Vulnerability
Adobe Media Encoder is an audio and video encoding application from the American company Audobee Adobe. An out-of-bounds write vulnerability exists in Adobe Media Encoder 13.1 and earlier versions for Window and macOS-based platforms. An attacker can exploit the vulnerability to execute code...
ras.aecom.yu.edu Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-1008200 Security Researcher devl00p Helped patch 2581 vulnerabilities Received 10 Coordinated Disclosure badges Received 15 recommendations , a holder of 10 badges for responsible and coordinated disclosure, found a security vulnerability affecting ras.aecom.yu.edu website...
ph.thecharityjob.com Cross Site Scripting vulnerability
Open Bug Bounty ID: OBB-971297 Security Researcher garletmarco Helped patch 1540 vulnerabilities Received 4 Coordinated Disclosure badges , a holder of 4 badges for responsible and coordinated disclosure, found a security vulnerability affecting ph.thecharityjob.com website and its users. Followi...
AVEVA Vijeo Citect and CitectSCADA
1. EXECUTIVE SUMMARY CVSS v3 6.5 ATTENTION: Low skill level to exploit Vendor: AVEVA Equipment: Vijeo Citect and CitectSCADA Vulnerability: Insufficiently Protected Credentials 2. RISK EVALUATION Successful exploitation of this vulnerability could allow a locally authenticated user to obtain...
openssl: Read/write after SSL object in error state
OpenSSL 1.0.2 starting from version 1.0.2b introduced an "error state" mechanism. The intent was that if a fatal error occurred during a handshake then OpenSSL would move into the error state and would immediately fail if you attempted to continue the handshake. This works as designed for the...
esquareworld.com XSS vulnerability
Open Bug Bounty ID: OBB-453470 Description| Value ---|--- Affected Website:| esquareworld.com Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS Prevention Cheat...
Comcast Internet service crippled; affecting users across US
By Waqas If you are using Comcasts Internet service and facing issues This is a post from HackRead.com Read the original post: Comcast Internet service crippled; affecting users across US...
BELL-CVE-2017-15021 CVE-2017-15021 does not affect BellSoft software
Bulletin has no description...
BELL-CVE-2017-8386 CVE-2017-8386 does not affect BellSoft software
Bulletin has no description...