4110 matches found
Sql injection
SQL Injection vulnerability in MyBB before 1.8.26 via User Groups. issue 3 of 3...
CVE-2021-27948
SQL Injection vulnerability in MyBB before 1.8.26 via User Groups. issue 3 of 3...
CVE-2021-27948
CVE-2021-27948 affects MyBB before 1.8.26, via the User Groups component, caused by a SQL injection vulnerability in the user groups logic. The vulnerability can impact confidentiality, integrity and availability (per CVSS metrics). Mitigation: upgrade MyBB to 1.8.26 or later (or apply vendor-sup...
Chromium CVE-2021-21192: Heap buffer overflow in tab groups
This CVE was assigned by Chrome. Microsoft Edge Chromium-based ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information...
MyBB SQL注入漏洞
MyBB is a free open source forum software. A SQL injection vulnerability exists in user groups in versions of MyBB prior to 1.8.26. No detailed vulnerability details are provided at this time...
Google Chrome 缓冲区错误漏洞
Chrome is a simple and efficiently designed web browsing tool developed by Google that is characterized by its simplicity and speed. A heap buffer overflow vulnerability exists in tab groups in versions of Google Chrome prior to 89.0.4389.90. No detailed vulnerability details are provided at this...
PT-2021-17688 · Mybb · Mybb
Name of the Vulnerable Software and Affected Versions: MyBB versions prior to 1.8.26 Description: The issue is related to a SQL Injection vulnerability. It affects the User Groups component. Recommendations: For versions prior to 1.8.26, update to version 1.8.26 or later to resolve the issue...
[ASA-202103-9] chromium: arbitrary code execution
Arch Linux Security Advisory ASA-202103-9 ========================================= Severity: High Date : 2021-03-13 CVE-ID : CVE-2021-21191 CVE-2021-21192 CVE-2021-21193 Package : chromium Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-1683 Summary =======...
Microsoft Exchange Exploits Pave a Ransomware Path
Cybercriminals are now using compromised Microsoft Exchange servers as a foothold to deploy a new ransomware family called DearCry, Microsoft has warned. The ransomware is the latest threat to beleaguer vulnerable Exchange servers, emerging shortly after Microsoft issued emergency patches in earl...
Molson Coors Cracks Open a Cyberattack Investigation
Another high-profile company has been hit with a cyber attack that’s causing a major disruption to its business. Brewing company Molson Coors acknowledged on Thursday that it has “experienced a systems outage that was caused by a cybersecurity incident,” according to a Form 8-K filed with the SEC...
KLA12115 Multiple vulnerabilities in Google Chrome
Multiple vulnerabilities were found in Google Chrome. Malicious users can exploit these vulnerabilities to execute arbitrary code, cause denial of service. Below is a complete list of vulnerabilities: 1. A use after free vulnerability in Blink can be exploited to cause denial of service or execut...
Stable Channel Update for Desktop
The Stable channel has been updated to 89.0.4389.90 for Windows, Mac and Linux which will roll out over the coming days/weeks. A full list of changes in this build is available in the log. Interested in switching release channels? Find out how here. If you find a new issue, please let us know by...
chromium -- multiple vulnerabilities
Chrome Releases reports: This release includes 5 security fixes, including: 1167357 High CVE-2021-21191: Use after free in WebRTC. Reported by raven @raidakame on 2021-01-15 1181387 High CVE-2021-21192: Heap buffer overflow in tab groups. Reported by Abdulrahman Alqabandi, Microsoft Browser...
It’s Open Season for Microsoft Exchange Server Hacks
A patch for the vulnerabilities China exploited has been released. Now, criminal groups are going to reverse engineer it—if they haven’t already...
Warning the World of a Ticking Time Bomb
Globally, hundreds of thousand of organizations running Exchange email servers from Microsoft just got mass-hacked, including at least 30,000 victims in the United States. Each hacked server has been retrofitted with a "web shell" backdoor that gives the bad guys total, remote control, the abilit...
CVE-2021-27904
An issue was discovered in app/Model/SharingGroupServer.php in MISP 2.4.139. In the implementation of Sharing Groups, the "all org" flag sometimes provided view access to unintended actors...
CVE-2021-27904
An issue was discovered in app/Model/SharingGroupServer.php in MISP 2.4.139. In the implementation of Sharing Groups, the "all org" flag sometimes provided view access to unintended actors...
Code injection
An issue was discovered in app/Model/SharingGroupServer.php in MISP 2.4.139. In the implementation of Sharing Groups, the "all org" flag sometimes provided view access to unintended actors...
CVE-2021-27904
An issue was discovered in app/Model/SharingGroupServer.php in MISP 2.4.139. In the implementation of Sharing Groups, the "all org" flag sometimes provided view access to unintended actors...
The vulnerability of Google Chrome’s Tab Groups component allows attackers to compromise the confidentiality, integrity, and accessibility of protected information.
The vulnerability of Google Chrome’s Tab Groups component is related to writing beyond the buffer limit. Exploiting this vulnerability can allow an attacker to compromise the confidentiality, integrity, and accessibility of the protected information...