CVE-2020-8277
Summary: A Node.js application that allows an attacker to trigger a DNS request for a host of their choice could...
Summary: A Node.js application that allows an attacker to trigger a DNS request for a host of their choice could...
Summary: In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column...
Summary: When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if...
Summary: Apache HTTP Server versions 2.4.20 to 2.4.43. A specially crafted value for the 'Cache-Digest' header in a HTTP/2 request...
Summary: Windows AppX Deployment Extensions Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1642. Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1685...
Researchers have found a fourth strain of malware – Raindrop – that was used in the SolarWinds supply chain attack,...
This is the story of a vulnerability that was brought about by the incorrect use of an encryption technique. After...
A nation state attack leveraging software from SolarWinds has caused a ripple effect throughout the security industry, impacting multiple organizations....
A new record has been set with regards to the data breach, ‘more than 22 billion records were revealed globally...
Since the lockdown started in March, there has been a significant spike in online shopping. This has become a big...
The European Union's drug regulator has said that COVID-19 vaccine documents that were purloined from its servers in a cyberattack...
Background In November, Kali announced a new program for supporting tool developers, which kicked off with sponsoring Byt3Bl33d3r. We are...
A tool to hunt for credentials in the GitHub wild AKA git*huntGetting startedInstall the tool Configure your GitHub token Search...
HosTaGe is a lightweight, low-interaction, portable, and generic honeypot for mobile devices that aims on the detection of malicious, wireless...
LEQL Multi-groupby in InsightIDRFor a look at the most up-to-date list of Log Search capabilities, check out our help documentation...
Security researchers uncovered a series of attacks conducted by the FreakOut botnet that leveraged recently discovered vulnerabilities. Security researchers from...
The Federal Bureau of Investigation (FBI) has issued a notification warning of ongoing vishing attacks attempting to steal corporate accounts. The...
The OpenWRT forum, the community behind the open-source project for embedded operating systems based on Linux, disclosed a data breach....
Experts from Cyble recently found a leak of 500K+ records of C-level people from Capital Economics on a Russian-speaking forum. During a routine Darkweb monitoring, researchers...
Summary: Microsoft SharePoint Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2021-1712. Reference Links(if available): https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1719 CVSS Score...
Summary: Mubu 2.2.1 allows local users to gain privileges to execute commands, aka CNVD-2020-68878. Reference Links(if available): https://www.cnvd.org.cn/flaw/show/2638444 http://mubu.com/doc/d5501245199 CVSS...
Summary: Adobe Photoshop version 22.1 (and earlier) is affected by a heap buffer overflow vulnerability when handling a specially crafted...
Summary: The Python "Flask-Security-Too" package is used for adding security features to your Flask application. It is an is a...
Summary: Adobe Bridge version 11.0 (and earlier) is affected by an out-of-bounds write vulnerability when parsing TTF files that could...