2021-06 Cumulative Update for Windows 10 Version 1507 for x86-based Systems (KB5003687)

A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article...

2021-06 Dynamic Cumulative Update for Windows 10 Version 1809 for ARM64-based Systems (KB5003646)

ComponentUpdate: A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft...

2021-06 Cumulative Update for Windows 10 Version 1809 for x64-based Systems (KB5003646)

A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article...

2021-06 Cumulative Update for Azure Stack HCI, version 20H2 and Windows Server 2019 Datacenter: Azure Edition for x64-based Systems (KB5003643)

Install this update to resolve issues in Azure Stack HCI, version 20H2 and Windows Server 2019 Datacenter: Azure Edition. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article for more information. After you install this item, y...

Language Sparrow is vulnerable to XSS

Language Sparrow is a specialized cloud-based knowledge base. Language Sparrow has an XSS vulnerability that can be exploited by an attacker to obtain user cookie information...

Command Execution Vulnerability in Digital OA (EKP) at Shenzhen Lanling Software Co.

Ltd. was founded in Shenzhen Science and Technology Park in 2001. BlueLine is a well-known large platform OA service provider and a leading knowledge management solution provider in China, and is a national high-tech enterprise specializing in knowledge-based consulting, software development,...

File Upload Vulnerability in Refco's Customer Management System

Jiangsu Ruifeng Information Technology Co., Ltd. is a company that always adheres to the mission of "creating value for customers with technical services and empowering customers with data knowledge". There is a file upload vulnerability in the Ruifeng Customer Management System that can be...

Cybercriminals Hold $115,000-Prize Contest to Find New Cryptocurrency Hacks

A top Russian-language underground forum has been running a "contest" for the past month, calling on its community to submit "unorthodox" ways to conduct cryptocurrency attacks. The forum's administrator, in an announcement made on April 20, 2021, invited members to submit papers that assess the...

File Upload Vulnerability in Zhiwei CMS

Knowledge CMS is an open source website builder. A file upload vulnerability exists in Know CMS, which can be exploited by attackers to gain control of the server...

Arbitrary File Deletion Vulnerability in CMS

Knowledge CMS is an open source website builder. Know CMS has an arbitrary file deletion vulnerability that can be exploited by an attacker to delete any file directory...

Information Leakage Vulnerability in WCP Knowledge Management System of Taiyuan Bianzhou Technology Co.

WCP knowledge management system is a set of BS architecture knowledge management system, knowledge base system. There is an information leakage vulnerability in the WCP knowledge management system of Taiyuan Bianzhou Technology Co., Ltd. that can be exploited by attackers to obtain sensitive...

Retention type changes after re-adding an object storage repository

Challenge When a repository extended to object storage that was initially created using PowerShell or REST API is removed from Veeam Backup for Microsoft 365 and then added back, the retention type changes to item-level. This change in retention type after such a repository has been re-added may...

CVE-2021-31153

please before 0.4 allows a local unprivileged attacker to gain knowledge about the existence of files or directories in privileged locations via the searchpath function, the --check option, or the -d option...

Design/Logic Flaw

please before 0.4 allows a local unprivileged attacker to gain knowledge about the existence of files or directories in privileged locations via the searchpath function, the --check option, or the -d option...

CVE-2021-31153

CVE-2021-31153 affects pleaser before 0.4.0, allowing a local unprivileged user to discover the existence of files or directories in privileged locations via search_path, --check, or -d. The root cause is inadequate handling of path discovery during these options. Documented impact is local infor...

CVE-2021-31153

please before 0.4 allows a local unprivileged attacker to gain knowledge about the existence of files or directories in privileged locations via the searchpath function, the --check option, or the -d option...

Security Bulletin: Vulnerabilities in Java affecting Watson Knowledge Catalog for IBM Cloud Pak for Data

Summary Vulnerabilities in Java are affecting Watson Knowledge Catalog for IBM Cloud Pak for Data. The vulnerabilities have been addressed. Vulnerability Details CVEID: CVE-2020-27221 DESCRIPTION: Eclipse OpenJ9 is vulnerable to a stack-based buffer overflow when the virtual machine or JNI native...

Security Bulletin: Vulnerability in Java affecting Watson Knowledge Catalog for IBM Cloud Pak for Data

Summary Vulnerability in Java are affecting Watson Knowledge Catalog for IBM Cloud Pak for Data. The vulnerability has been addressed. Vulnerability Details CVEID: CVE-2020-14797 DESCRIPTION: An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated...

Security Bulletin: Data protection rules and policies are not enforced on virtualized objects

Summary This problem is applicable for IBM Cloud Pak for Data 3.0.1 environments that have both Data Virtualization and Watson Knowledge Catalog add-ons. This problem is relevant only when using Data Virtualization configured for Watson Knowledge Catalog data policy enforcement. The "Policy...

Exchange backup fails after upgrading to Veeam Backup for Microsoft 365 v5

Challenge After upgrading Veeam Backup for Microsoft 365 to v5, backup of Exchange Online data may fail with " Unauthorized 401" error. The issue affects organizations using Modern authentication and legacy protocols with application secret. Cause Starting v5 Veeam Backup for Microsoft 365 has...