integratus systems - IS ReportsReports In Progress

integratus systems

Exchange Platform Services

Join Now-Sign Up
Log In

Category : IS Reports

Reports In Progress

Integratus Systems Reports In Progress

Blog
Editor Paper Extracts
Editor Picks Articles
Editor Picks Maps
Editor Picks Reports
IS Competitive Intelligence Briefings
IS Intelligence Work Group
IS Partners
IS Projects Work Group
IS Reports
IS Security Work Group
IS Working Group Briefings
Uncategorized

IS Security Alerts Advisories

87.00915
Newly Added (1)Android/Agent.COP!trModified (7)Adware/Android_LeadBolt!AndroidAdware/Callflakes!AndroidAdware/MobiDash!AndroidAdware/Notifyer!AndroidAndroid/Agent.ASJ!trAndroid/GoodNews.G!wormAndroid/Triada.EF!tr ]]> ... read more
ESB-2021.2536 – [Linux] IBM QRadar SIEM: Multiple vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.2536 Security Bulletin: IBM QRadar SIEM is vulnerable to an XML External Entity Injection (XXE) attack (CVE-2021-20399) 27 ... read more
ESB-2021.2537 – [Debian] intel-microcode: Multiple vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.2537 intel-microcode security update 27 July 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: intel-microcode Publisher: Debian Operating ... read more
Wiper Malware Riding the 2021 Tokyo Olympic Games
FortiGuard Labs has observed a new wiper malware targeting the 2021 Tokyo Olympic games. Read our blog for initial updates on this threat. ... read more
Security Bulletin: XSS Security Vulnerabilty Affects Mailbox UI of IBM Sterling B2B Integrator (CVE-2021-20562)
IBM Sterling B2B Integrator has addressed a XSS vulnerability affecting the mailbox UI. CVE(s): CVE-2021-20562 Affected product(s) and affected version(s): Affected Product(s) Version(s) IBM Sterling B2B ... read more
Security Bulletin: A security vulnerability in Golang Go affects IBM Cloud Pak for Multicloud Management Managed services
A security vulnerability in Golang Go affects IBM Cloud Pak for Multicloud Management Managed services. CVE(s): CVE-2021-31525 Affected product(s) and affected version(s): Affected Product(s) Version(s) IBM ... read more
Security Bulletin: A security vulnerability in Ruby on Rails affects IBM Cloud Pak for Multicloud Management Infrastructure Management
A security vulnerability in Ruby on Rails affects IBM Cloud Pak for Multicloud Management Infrastructure Management. CVE(s): CVE-2021-22885 Affected product(s) and affected version(s): Affected Product(s) Version(s) ... read more
87.00914
Newly Added (1)Android/Agent.BSY!tr.spyModified (3)Adware/LeadBolt!AndroidAdware/MobiDash!AndroidAndroid/Agent.BSM!tr ]]> ... read more
ESB-2021.2535 – [Linux] IBM QRadar SIEM: Multiple vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.2535 Security Bulletin: GRUB2 as used by IBM QRadar SIEM is vulnerable to arbitrary code execution 27 July ... read more
ESB-2021.2534 – [RedHat] thunderbird: Multiple vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.2534 thunderbird security update 27 July 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: thunderbird Publisher: Red Hat ... read more
ESB-2021.2532 – [RedHat] OpenShift Container Platform 4.7.21: Multiple vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.2532 OpenShift Container Platform 4.7.21 security and bug fix update 27 July 2021 =========================================================================== AusCERT Security Bulletin Summary ... read more
ESB-2021.2533 – [Debian] drupal7: Multiple vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.2533 drupal7 security update 27 July 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: drupal7 Publisher: Debian Operating ... read more
ESB-2021.2531 – [Ubuntu] MySQL: Multiple vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.2531 USN-5022-1: MySQL vulnerabilities 27 July 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: MySQL Publisher: Ubuntu Operating ... read more
ESB-2021.2325.2 – UPDATE [Cisco] Cisco Adaptive Security Device Manager: Multiple vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.2325.2 Cisco Adaptive Security Device Manager Remote Code Execution Vulnerability 27 July 2021 =========================================================================== AusCERT Security Bulletin Summary ... read more
CVE-2020-18430
tinyexr 0.9.5 was discovered to contain an array index error in the tinyexr::DecodeEXRImage component, which can lead to a denial of service (DOS). ... read more
CVE-2021-37576
arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e. ... read more
CVE-2020-18428
tinyexr commit 0.9.5 was discovered to contain an array index error in the tinyexr::SaveEXR component, which can lead to a denial of service (DOS). ... read more
87.00913
Modified (4)Adware/MobiDash!AndroidAndroid/Boogr.GSH!trAndroid/Hiddapp.DA!trRiskware/SpyLoan!Android ]]> ... read more
CVE-2021-37534
app/View/GalaxyClusters/add.ctp in MISP 2.4.146 allows Stored XSS when forking a galaxy cluster. (CVSS:0.0) (Last Update:2021-07-26) ... read more
CVE-2021-37477
In NavigateCMS version 2.9.4 and below, function in `structure.php` is vulnerable to sql injection on parameter `children_order`, which results in arbitrary sql query execution in the backend database. (CVSS:0.0) (Last ... read more
CVE-2021-37478
In NavigateCMS version 2.9.4 and below, function `block` is vulnerable to sql injection on parameter `block-order`, which results in arbitrary sql query execution in the backend database. (CVSS:0.0) (Last Update:2021-07-26) ... read more
CVE-2021-37473
In NavigateCMS version 2.9.4 and below, function in `product.php` is vulnerable to sql injection on parameter `products-order` through a post request, which results in arbitrary sql query execution in the ... read more
CVE-2021-37475
In NavigateCMS version 2.9.4 and below, function in `templates.php` is vulnerable to sql injection on parameter `template-properties-order`, which results in arbitrary sql query execution in the backend database. (CVSS:0.0) (Last ... read more
CVE-2021-37476
In NavigateCMS version 2.9.4 and below, function in `product.php` is vulnerable to sql injection on parameter `id` through a post request, which results in arbitrary sql query execution in the ... read more
CVE-2021-37555
TX9 Automatic Food Dispenser v3.2.57 devices allow access to a shell as root/superuser, a related issue to CVE-2019-16734. To connect, the telnet service is used on port 23 with the ... read more
ESB-2021.2530 – [Ubuntu] Aspell: Multiple vulnerabilities
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.2530 USN-5023-1: Aspell vulnerability 27 July 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Aspell Publisher: Ubuntu Operating ... read more
87.00912
Modified (2)Adware/MobiDash!AndroidAndroid/Boogr.GSH!tr ]]> ... read more
NA – CVE-2021-37477 – In NavigateCMS version 2.9.4 and below,…
In NavigateCMS version 2.9.4 and below, function in `structure.php` is vulnerable to sql injection on parameter `children_order`, which results in arbitrary sql query execution in the backend ... read more
NA – CVE-2021-37475 – In NavigateCMS version 2.9.4 and below,…
In NavigateCMS version 2.9.4 and below, function in `templates.php` is vulnerable to sql injection on parameter `template-properties-order`, which results in arbitrary sql query execution in the ... read more
NA – CVE-2021-36563 – The CheckMK management web console (versions…
The CheckMK management web console (versions 1.5.0 to 2.0.0) does not sanitise user input in various parameters of the WATO module. This allows an attacker to open a backdoor on ... read more
NA – CVE-2021-37476 – In NavigateCMS version 2.9.4 and below,…
In NavigateCMS version 2.9.4 and below, function in `product.php` is vulnerable to sql injection on parameter `id` through a post request, which results in arbitrary sql query execution in the ... read more
NA – CVE-2021-32794 – ArchiSteamFarm is a C# application with primary…
ArchiSteamFarm is a C# application with primary purpose of idling Steam cards from multiple accounts simultaneously. Due to a bug in ASF code `POST /Api/ASF` ASF API endpoint responsible for ... read more
NA – CVE-2021-37473 – In NavigateCMS version 2.9.4 and below,…
In NavigateCMS version 2.9.4 and below, function in `product.php` is vulnerable to sql injection on parameter `products-order` through a post request, which results in arbitrary sql query execution ... read more
NA – CVE-2021-37392 – In RPCMS v1.8 and below, the “nickname”…
In RPCMS v1.8 and below, the "nickname" variable is not properly sanitized before being displayed on page. When the API functions are enabled, the attacker can use API to update ... read more
NA – CVE-2021-37478 – In NavigateCMS version 2.9.4 and below,…
In NavigateCMS version 2.9.4 and below, function `block` is vulnerable to sql injection on parameter `block-order`, which results in arbitrary sql query execution in the backend database. ... read more
NA – CVE-2021-37393 – In RPCMS v1.8 and below, the “nickname”…
In RPCMS v1.8 and below, the "nickname" variable is not properly sanitized before being displayed on page. Attacker can use "update password" function to inject XSS payloads into nickname variable, ... read more
NA – CVE-2021-37394 – In RPCMS v1.8 and below, attackers can interact…
In RPCMS v1.8 and below, attackers can interact with API and change variable "role" to "admin" to achieve admin user registration. ... read more
CVE-2021-37555
TX9 Automatic Food Dispenser v3.2.57 devices allow access to a shell as root/superuser, a related issue to CVE-2019-16734. To connect, the telnet service is used on port 23 with the ... read more
CVE-2020-18172
A code injection vulnerability in the SeDebugPrivilege component of Trezor Bridge 2.0.27 allows attackers to escalate privileges. ... read more
CVE-2020-18169
A vulnerability in the Windows installer XML (WiX) toolset of TechSmith Snagit 19.1.1.2860 allows attackers to escalate privileges. ... read more
CVE-2020-23243
Cross Site Scripting (XSS) vulnerability in NavigateCMS NavigateCMS 2.9 via the name="wrong_path_redirect" feature. ... read more
CVE-2020-23240
Cross Site Scripting (XSS) vulnerablity in CMS Made Simple 2.2.14 via the Logic field in the Content Manager feature. ... read more
CVE-2020-23234
Cross Site Scripting (XSS) vulnerabiity exists in LavaLite CMS 5.8.0 via the Menu Blocks feature, which can be bypassed by using HTML event handlers, such as "ontoggle,". ... read more
CVE-2020-18173
A DLL injection vulnerability in 1password.dll of 1Password 7.3.712 allows attackers to execute arbitrary code. ... read more
CVE-2020-17952
A remote code execution (RCE) vulnerability in /library/think/App.php of Twothink v2.0 allows attackers to execute arbitrary PHP code. ... read more
CVE-2020-18174
A process injection vulnerability in setup.exe of AutoHotkey 1.1.32.00 allows attackers to escalate privileges. ... read more
CVE-2020-18170
An issue in the SeChangeNotifyPrivilege component of Abloy Key Manager Version 7.14301.0.0 allows attackers to escalate privileges via a change in permissions. ... read more
CVE-2020-23242
Cross Site Scripting (XSS) vulnerability in NavigateCMS 2.9 when performing a Create or Edit via the Tools feature. ... read more
CVE-2020-18171
TechSmith Snagit 19.1.0.2653 uses Object Linking and Embedding (OLE) which can allow attackers to obfuscate and embed crafted files used to escalate privileges. ... read more
CVE-2021-32795
ArchiSteamFarm is a C# application with primary purpose of idling Steam cards from multiple accounts simultaneously. In versions prior to 4.3.1.0 a Denial of Service (aka DoS) vulnerability which allows ... read more

integratus systems © 2021

KAVI IS iCOMMEX Platform v 02.25 Tuesday, July 27, 2021

Exchange Members |
Exchange Services |
Exchange Products |
Exchange Pricing |
Blog |
Disclaimer |
Terms |
Privacy |
Forgot Password ? |
About-Connect

Login

Login to integratus systems Exchange Platform Services

Forgot password?

Register Now

Hello

Your Account Type is
Your Mail Id is
Your Username is

Security Briefing Search

PDF Library Search

IS Reports Search

Reset Password

Reset Password

You have no permission to access this content