CVE-2021-41054
Summary: tftpd_file.c in atftp through 0.7.4 has a buffer overflow because buffer-size handling does not properly consider the combination of...
Summary: tftpd_file.c in atftp through 0.7.4 has a buffer overflow because buffer-size handling does not properly consider the combination of...
Summary: A directory traversal vulnerability in Trend Micro Apex One, OfficeScan (versions XG and 11.0), and Worry-Free Business Security (versions...
Summary: On BIG-IP version 16.0.x before 16.0.1.2, 15.1.x before 15.1.3.1, 14.1.x before 14.1.4.3, 13.1.x before 13.1.4.1, and all versions of...
Summary: CVE-2021-30869 is a type confusion vulnerability impacting Apple iOS versions 12.5.4 and earlier, and macOS Catalina security update 2021-005...
Researchers have been able to get hold of 372,072 Windows domain credentials, including 96,671 unique credentials, in slightly over 4...
The term “cache” refers to a storage container. If you’re familiar with the outdoor recreational activity geocaching, you may be...
The Spanish National Police (Policía Nacional) has successfully dismantled an organized crime ring of hundreds of members in a sting...
The email addresses of dozens more Afghans who may be eligible for relocation in the United Kingdom have been exposed...
The British company Cyjax discovered a large-scale attack against employees of state agencies in Russia and neighboring countries. Attackers create...
Chinese cybersecurity researcher has discovered a new strain of malware that spreads via "poisoned" search-engine results. The malware dubbed ‘OSX.ZuRu’...
The Russian Embassy in Washington demanded an explanation from the United States about the cyber attacks that were committed on...
On September 21, Microsoft's security team announced that it has discovered a huge operation that delivers phishing services to cybercrime...
What do cyberthreats, Kubernetes and donuts have in common – except that all three end in “ts”, that is? All...
Source code analysis - Screenshot Supporting Materials : https://twitter.com/har1sec/status/1314469278322655233 https://github.com/BlackFan/client-side-prototype-pollution https://github.com/ThePacketBender/notes/blob/01c0b834f6e3ee4d934b087b2d92c9e484dc2a50/web/prototype_pollution.txt https://habr.com/ru/company/huawei/blog/547178/ https://infosecwriteups.com/javascript-prototype-pollution-practice-of-finding-and-exploitation-f97284333b2 https://github.com/securitum/research/tree/master/r2020_prototype-pollution Learn Prototype Pollution in Series -...
wordlistgen is a tool to pass a list of URLs and get back a list of relevant words for your...
Microsoft uncovered a large-scale phishing-as-a-service operation, dubbed BulletProofLink, that enabled threat actors to easily carry out malicious campaigns. Microsoft researchers...
Minnesota-based farming supply cooperative Crystal Valley was hit by a ransomware attack, it is the second attack against the agriculture...
CVE-2021-40847 flaw in Netgear SOHO routers could be exploited by a remote attacker to execute arbitrary code as root. Security...
CISA, FBI, and the NSA warned today of an escalation of the attacks of the Conti ransomware gang targeting US...
A critical issue, tracked as CVE-2021-36260, affects more than 70 Hikvision device models and can allow attackers to take over...
Summary: Advantech WebAccess Node, Version 8.4.4 and prior, Version 9.0.0. Multiple relative path traversal vulnerabilities exist that may allow an...
Summary: Acronis Cyber Protect 15 for Windows prior to build 27009 allowed local privilege escalation via binary hijacking. Reference Links(if...
Summary: Acronis Cyber Protect 15 for Windows prior to build 27009 and Acronis Agent for Windows prior to build 26226...
Summary: The Fileviewer WordPress plugin through 2.2 does not have CSRF checks in place when performing actions such as upload...