integratus systems - IS ReportsReports In Progress

integratus systems

Exchange Platform Services

Join Now-Sign Up
Log In

Category : IS Reports

Reports In Progress

Integratus Systems Reports In Progress

Blog
Editor Paper Extracts
Editor Picks Articles
Editor Picks Maps
Editor Picks Reports
IS Competitive Intelligence Briefings
IS Intelligence Work Group
IS Partners
IS Projects Work Group
IS Reports
IS Security Work Group
IS Working Group Briefings
Uncategorized

IS Security Alerts Advisories

89.06046
Modified (6)Adware/Autoins!AndroidAdware/MobiDash!AndroidAdware/TiFamily!AndroidAndroid/Agent.BVU!tr.spyAndroid/Agent.CAX!trAndroid/Facestealer.BJ!tr.spy ... read more
GamePress Plugin up to 1.1.0 on WordPress Game Option Page op_edit cross site scripting
A vulnerability, which was classified as problematic, was found in GamePress Plugin up to 1.1.0 on WordPress (WordPress Plugin). This affects some unknown functionality of the component Game Option Page. ... read more
bluemonday sanitizer up to 0.0.8/1.0.16 on Go/Python Policy access control
A vulnerability, which was classified as critical, has been found in bluemonday sanitizer up to 0.0.8/1.0.16 on Go/Python. This issue affects some unknown processing of the component Policy Handler. There ... read more
Apache Superset up to 1.3.0 HTTP Request sql injection
A vulnerability classified as critical was found in Apache Superset up to 1.3.0. This vulnerability affects an unknown code block of the component HTTP Request Handler. There is no information ... read more
Easy Twitter Feed Plugin up to 1.1 on WordPress Shortcode cross site scripting
A vulnerability was found in Easy Twitter Feed Plugin up to 1.1 on WordPress (Social Network Software). It has been rated as problematic. This issue affects an unknown code block ... read more
Rocket.Chat up to 3.8 Link Preview Renderer cross site scripting
A vulnerability classified as problematic has been found in Rocket.Chat up to 3.8 (Chat Software). This affects an unknown code of the component Link Preview Renderer. Upgrading to version 3.9 ... read more
Fatek Automation WinProladder up to 3.30 Project File out-of-bounds write
A vulnerability, which was classified as critical, was found in Fatek Automation WinProladder up to 3.30 (Automation Software). This affects an unknown code block of the component Project File Handler. ... read more
Fatek Automation WinProladder up to 3.30 Project File heap-based overflow
A vulnerability was found in Fatek Automation WinProladder up to 3.30 (Automation Software). It has been rated as critical. Affected by this issue is an unknown part of the component ... read more
Find My Blocks Plugin up to 3.3.x on WordPress REST API access control
A vulnerability has been found in Find My Blocks Plugin up to 3.3.x on WordPress (WordPress Plugin) and classified as critical. Affected by this vulnerability is an unknown functionality of ... read more
Scroll Baner Plugin up to 1.0 on WordPress cross-site request forgery
A vulnerability, which was classified as problematic, was found in Scroll Baner Plugin up to 1.0 on WordPress (WordPress Plugin). Affected is an unknown function. There is no information about ... read more
Fatek Automation WinProladder up to 3.30 Project File numeric error
A vulnerability was found in Fatek Automation WinProladder up to 3.30 (Automation Software) and classified as critical. This issue affects an unknown function of the component Project File Handler. There ... read more
Fatek Automation WinProladder up to 3.30 Project File memory corruption
A vulnerability was found in Fatek Automation WinProladder up to 3.30 (Automation Software). It has been classified as critical. Affected is an unknown functionality of the component Project File Handler. ... read more
Sociable Plugin up to 4.3.4.1 on WordPress cross site scripting
A vulnerability, which was classified as problematic, has been found in Sociable Plugin up to 4.3.4.1 on WordPress (WordPress Plugin). Affected by this issue is an unknown functionality. Upgrading eliminates ... read more
Radio Player Plugin up to 2.1.0 on WordPress Shortcode cross site scripting
A vulnerability classified as problematic was found in Radio Player Plugin up to 2.1.0 on WordPress (WordPress Plugin). Affected by this vulnerability is an unknown function of the component Shortcode ... read more
Best Video Gallery Plugin up to 1.2 on WordPress Shortcode cross site scripting
A vulnerability classified as problematic has been found in Best Video Gallery Plugin up to 1.2 on WordPress (Photo Gallery Software). Affected is some unknown processing of the component Shortcode ... read more
Audio Player Plugin up to 2.1.2 on WordPress Shortcode cross site scripting
A vulnerability was found in Audio Player Plugin up to 2.1.2 on WordPress (WordPress Plugin). It has been declared as problematic. This vulnerability affects an unknown code of the component ... read more
Fatek Automation WinProladder up to 3.30 out-of-bounds read [CVE-2021-38440]
A vulnerability was found in Fatek Automation WinProladder up to 3.30 (Automation Software). It has been declared as problematic. Affected by this vulnerability is some unknown functionality. There is no ... read more
MainWP Child Reports Plugin up to 2.0.7 on WordPress Admin Dashboard order sql injection
A vulnerability was found in MainWP Child Reports Plugin up to 2.0.7 on WordPress (WordPress Plugin). It has been classified as critical. This affects an unknown part of the component ... read more
PDF Light Viewer Plugin up to 1.4.11 on WordPress Ghostscript command injection
A vulnerability was found in PDF Light Viewer Plugin up to 1.4.11 on WordPress (WordPress Plugin) and classified as critical. Affected by this issue is some unknown functionality of the ... read more
Fatek Automation WinProladder up to 3.30 Project File stack-based overflow
A vulnerability has been found in Fatek Automation WinProladder up to 3.30 (Automation Software) and classified as critical. This vulnerability affects some unknown processing of the component Project File Handler. ... read more
Cisco Identity Services Engine Sensitive Information Disclosure Vulnerability
A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an authenticated, remote attacker to obtain sensitive information. This vulnerability is due to improper enforcement of ... read more
Cisco ATA 190 Series Analog Telephone Adapter Software Vulnerabilities
Multiple vulnerabilities in the Cisco ATA 190 Series Analog Telephone Adapter Software could allow an attacker to perform a command injection attack resulting in remote code execution or cause a denial ... read more
Cisco Orbital Open Redirect Vulnerability
A vulnerability in the web-based management interface of Cisco Orbital could allow an unauthenticated, remote attacker to redirect users to a malicious webpage. This vulnerability is due to improper validation of ... read more
Multiple Vulnerabilities in Frame Aggregation and Fragmentation Implementations of 802.11 Specification Affecting Cisco Products: May 2021
On May 11, 2021, the research paper Fragment and Forge: Breaking Wi-Fi Through Frame Aggregation and Fragmentation was made public. This paper discusses 12 vulnerabilities in the 802.11 standard. One vulnerability ... read more
Cisco IOS XE Software for Catalyst 9800 Series Wireless Controllers IPv6 Denial of Service Vulnerability
A vulnerability in IPv6 traffic processing of Cisco IOS XE Wireless Controller Software for Cisco Catalyst 9000 Family Wireless Controllers could allow an unauthenticated, adjacent attacker to cause a Layer 2 (L2) ... read more
Cisco IP Phone Software Arbitrary File Read Vulnerability
A vulnerability in the debug shell of Cisco IP Phone software could allow an authenticated, local attacker to read any file on the device file system. This vulnerability is due to ... read more
Cisco Identity Services Engine Privilege Escalation Vulnerability
A vulnerability in the REST API of Cisco Identity Services Engine (ISE) could allow an unauthenticated, remote attacker to perform a command injection attack and elevate privileges to root. This vulnerability ... read more
Cisco IOS XR Software IP Service Level Agreements and Two-Way Active Measurement Protocol Denial of Service Vulnerability
A vulnerability in the IP Service Level Agreements (IP SLA) responder and Two-Way Active Measurement Protocol (TWAMP) features of Cisco IOS XR Software could allow an unauthenticated, remote attacker to cause ... read more
Apache HTTP Server Vulnerabilties: October 2021
On October 5, 2021 and October 7, 2021, the Apache Software Foundation released two security announcements for the Apache HTTP Server that disclosed the following vulnerabilities: CVE-2021-41524: Null Pointer Dereference ... read more
Cisco IOS XR Software for ASR 9000 Series Routers Denial of Service Vulnerability
A vulnerability in the Layer 2 punt code of Cisco IOS XR Software running on Cisco ASR 9000 Series Aggregation Services Routers could allow an unauthenticated, adjacent attacker to cause the affected ... read more
Fatek Automation WinProladder bis 3.30 Project File Pufferüberlauf
Eine kritische Schwachstelle wurde in Fatek Automation WinProladder bis 3.30 (Automation Software) ausgemacht. Hierbei geht es um unbekannter Programmcode der Komponente Project File Handler. Es sind keine Informationen bezüglich Gegenmassnahmen ... read more
Fatek Automation WinProladder bis 3.30 Information Disclosure
In Fatek Automation WinProladder bis 3.30 (Automation Software) wurde eine problematische Schwachstelle ausgemacht. Dabei geht es um ein unbekannter Codeteil. Es sind keine Informationen bezüglich Gegenmassnahmen bekannt. Der Einsatz eines ... read more
Fatek Automation WinProladder bis 3.30 Project File Pufferüberlauf
Es wurde eine kritische Schwachstelle in Fatek Automation WinProladder bis 3.30 (Automation Software) ausgemacht. Es geht dabei um ein unbekannter Teil der Komponente Project File Handler. Es sind keine Informationen ... read more
Fatek Automation WinProladder bis 3.30 Project File Numeric Error
Eine kritische Schwachstelle wurde in Fatek Automation WinProladder bis 3.30 (Automation Software) gefunden. Es geht hierbei um eine unbekannte Funktionalität der Komponente Project File Handler. Es sind keine Informationen bezüglich ... read more
Fatek Automation WinProladder bis 3.30 Project File Pufferüberlauf
In Fatek Automation WinProladder bis 3.30 (Automation Software) wurde eine kritische Schwachstelle gefunden. Es geht um eine unbekannte Funktion der Komponente Project File Handler. Es sind keine Informationen bezüglich Gegenmassnahmen ... read more
Fatek Automation WinProladder bis 3.30 Project File Pufferüberlauf
Es wurde eine kritische Schwachstelle in Fatek Automation WinProladder bis 3.30 (Automation Software) gefunden. Betroffen hiervon ist ein unbekannter Ablauf der Komponente Project File Handler. Es sind keine Informationen bezüglich ... read more
Action Pack 6.0.0 auf Ruby on Rails Host Authorization Middleware Redirect
Eine problematische Schwachstelle wurde in Action Pack 6.0.0 auf Ruby on Rails entdeckt. Betroffen davon ist ein unbekannter Prozess der Komponente Host Authorization Middleware. Ein Upgrade vermag dieses Problem zu ... read more
Advantech WebAccess bis 9.02 Pufferüberlauf [CVE-2021-38389]
Es wurde eine sehr kritische Schwachstelle in Advantech WebAccess bis 9.02 (SCADA Software) entdeckt. Hiervon betroffen ist ein unbekannter Codeblock. Es sind keine Informationen bezüglich Gegenmassnahmen bekannt. Der Einsatz eines ... read more
Advantech WebAccess bis 9.02 Pufferüberlauf [CVE-2021-33023]
Eine Schwachstelle wurde in Advantech WebAccess bis 9.02 (SCADA Software) ausgemacht. Sie wurde als sehr kritisch eingestuft. Davon betroffen ist unbekannter Code. Es sind keine Informationen bezüglich Gegenmassnahmen bekannt. Der ... read more
pacemaker/cluster-glue stonith-ng commandline Information Disclosure
In pacemaker sowie cluster-glue - die betroffene Version ist nicht bekannt - wurde eine problematische Schwachstelle entdeckt. Betroffen ist eine unbekannte Verarbeitung der Komponente stonith-ng. Ein Aktualisieren vermag dieses Problem ... read more
Rocket.Chat bis 3.8 Link Preview Renderer Cross Site Scripting
Es wurde eine Schwachstelle in Rocket.Chat bis 3.8 (Chat Software) entdeckt. Sie wurde als problematisch eingestuft. Es betrifft unbekannter Code der Komponente Link Preview Renderer. Ein Aktualisieren auf die Version ... read more
New High Impact Scenarios and Awards for the Azure Bounty Program
Microsoft is excited to announce new Azure Bounty Program awards up to $60,000 to encourage and reward vulnerability research focused on the highest potential impact to customer security. These increased ... read more
Sociable Plugin fino 4.3.4.1 su WordPress cross site scripting
In Sociable Plugin fino 4.3.4.1 su WordPress (WordPress Plugin) stata rilevata una vulnerabilità di livello problematico. Riguarda una funzione sconosciuta. L'aggiornamento elimina questa vulnerabilità. ... read more
Radio Player Plugin fino 2.1.0 su WordPress Shortcode cross site scripting
È stata rilevata una vulnerabilità di livello problematico in Radio Player Plugin fino 2.1.0 su WordPress (WordPress Plugin). É interessato una funzione sconosciuta del componente Shortcode Handler. L'aggiornamento alla versione ... read more
Best Video Gallery Plugin fino 1.2 su WordPress Shortcode cross site scripting
Una vulnerabilità di livello problematico è stata rilevata in Best Video Gallery Plugin fino 1.2 su WordPress (Photo Gallery Software). Da questa vulnerabilità è interessato una funzione sconosciuta del componente ... read more
Audio Player Plugin fino 2.1.2 su WordPress Shortcode cross site scripting
Un punto di criticita di livello problematico è stato rilevato in Audio Player Plugin fino 2.1.2 su WordPress (WordPress Plugin). Riguarda una funzione sconosciuta del componente Shortcode Handler. L'aggiornamento alla ... read more
Fatek Automation WinProladder fino 3.30 rivelazione di un 'informazione
Un punto di criticita di livello problematico è stato rilevato in Fatek Automation WinProladder fino 3.30 (Automation Software). É interessato una funzione sconosciuta. Informazioni riguardo una possibile contromisura non sono ... read more
MainWP Child Reports Plugin fino 2.0.7 su WordPress Admin Dashboard order sql injection
In MainWP Child Reports Plugin fino 2.0.7 su WordPress (WordPress Plugin) è stato trovato un punto critico di livello critico. É interessato una funzione sconosciuta del componente Admin Dashboard. L'aggiornamento ... read more
PDF Light Viewer Plugin fino 1.4.11 su WordPress Ghostscript escalazione di privilegi
In PDF Light Viewer Plugin fino 1.4.11 su WordPress (WordPress Plugin) è stata rilevato un punto critico di livello critico. Da questa vulnerabilità è interessato una funzione sconosciuta del componente ... read more
Find My Blocks Plugin fino 3.3.x su WordPress REST API escalazione di privilegi
Un punto critico di livello critico è stato rilevato in Find My Blocks Plugin fino 3.3.x su WordPress (WordPress Plugin). Interessato da questa vulnerabilità è una funzione sconosciuta del componente ... read more

integratus systems © 2021

KAVI IS iCOMMEX Platform v 02.25 Monday, October 18, 2021

Exchange Members |
Exchange Services |
Exchange Products |
Exchange Pricing |
Blog |
Disclaimer |
Terms |
Privacy |
Forgot Password ? |
About-Connect

Login

Login to integratus systems Exchange Platform Services

Forgot password?

Register Now

Hello

Your Account Type is
Your Mail Id is
Your Username is

Security Briefing Search

PDF Library Search

IS Reports Search

Reset Password

Reset Password

You have no permission to access this content