integratus systems

Exchange Platform Services

 
  • Join Now-Sign Up
  • Log In

Deloitte NASCIO Cybersecurity Study – State Governments at Risk – Cybersecurity

Canada National Security Cyber Espionage – Senate Hearing 2016 – Cybersecurity

  • Blog
  • Editor Paper Extracts
  • Editor Picks Articles
  • Editor Picks Maps
  • Editor Picks Reports
  • IS Competitive Intelligence Briefings
  • IS Intelligence Work Group
  • IS Partners
  • IS Projects Work Group
  • IS Reports
  • IS Security Work Group
  • IS Working Group Briefings
  • Uncategorized

IS Security Alerts Advisories

  • ESB-2021.0690 – [RedHat] OpenShift Container Platform 4.7.0: Multiple vulnerabilities
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.0690 OpenShift Container Platform 4.7.0 packages security update 25 February 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: ... read more
  • ESB-2021.0688 – [RedHat] thunderbird: Multiple vulnerabilities
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.0688 thunderbird security update 25 February 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: thunderbird Publisher: Red Hat ... read more
  • ESB-2021.0686 – [UNIX/Linux][Debian] nodejs: Multiple vulnerabilities
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.0686 nodejs security update 25 February 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: nodejs Publisher: Debian Operating ... read more
  • ESB-2021.0689 – [RedHat] OpenShift Container Platform 4.7: Denial of service – Remote/unauthenticated
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.0689 OpenShift Container Platform 4.7 file-integrity-operator image security update 25 February 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- ... read more
  • ESB-2021.0687 – [RedHat] firefox: Multiple vulnerabilities
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.0687 Critical: firefox security updates 25 February 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: firefox Publisher: Red ... read more
  • ESB-2021.0691 – [RedHat] OpenShift Container Platform 4.7 Products: Multiple vulnerabilities
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.0691 OpenShift Container Platform 4.7 security and bug fix updates 25 February 2021 =========================================================================== AusCERT Security Bulletin Summary ... read more
  • ESB-2021.0685 – [Debian] firefox-esr: Multiple vulnerabilities
    -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2021.0685 firefox-esr security update 25 February 2021 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: firefox-esr Publisher: Debian Operating ... read more
  • CVE-2020-9052
    ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: ... read more
  • CVE-2020-9053
    ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: ... read more
  • CVE-2020-9051
    ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2020. Notes: ... read more
  • Max Secure Max Spyware Detector 1.0.0.044 Driver MaxProc64.sys memory corruption
    A vulnerability, which was classified as critical, has been found in Max Secure Max Spyware Detector 1.0.0.044. Affected by this issue is an unknown code block in the library MaxProc64.sys ... read more
  • Oppo Phone 8.1/9/10/11 information disclosure [CVE-2020-11836]
    A vulnerability classified as problematic was found in Oppo Phone 8.1/9/10/11. Affected by this vulnerability is an unknown code. There is no information about possible countermeasures known. It may be ... read more
  • Zulip Desktop up to 5.0.0 Request permission
    A vulnerability classified as critical has been found in Zulip Desktop up to 5.0.0. Affected is an unknown part of the component Request Handler. Upgrading to version 5.0.0 eliminates this ... read more
  • Zulip Desktop up to 4.x shell.openExternal/shell.openItem Remote Privilege Escalation
    A vulnerability was found in Zulip Desktop up to 4.x. It has been rated as critical. Upgrading to version 5.0.0 eliminates this vulnerability. ... read more
  • Psyprax up to 3.2.1 Firebird Database access control
    A vulnerability was found in Psyprax up to 3.2.1 and classified as critical. Affected by this issue is some unknown processing of the component Firebird Database. Upgrading to version 3.2.2 ... read more
  • Psyprax up to 3.2.1 Lockscreen PPScreen.ini permission
    A vulnerability was found in Psyprax up to 3.2.1. It has been classified as critical. This affects an unknown function of the file %PROGRAMDATA%Psyprax32PPScreen.ini of the component Lockscreen Handler. Upgrading ... read more
  • Psyprax up to 3.2.1 Password inadequate encryption
    A vulnerability was found in Psyprax up to 3.2.1. It has been declared as problematic. This vulnerability affects an unknown functionality of the component Password Handler. Upgrading to version 3.2.2 ... read more
  • Gitea up to 1.13.1 denial of service [CVE-2021-3382]
    A vulnerability, which was classified as problematic, has been found in Gitea up to 1.13.1. This issue affects an unknown part. There is no information about possible countermeasures known. It ... read more
  • IObit Advanced SystemCare 13.2 Device Driver AscRegistryFilter.sys dwIoControlCode denial of service
    A vulnerability, which was classified as problematic, was found in IObit Advanced SystemCare 13.2. Affected is an unknown code in the library AscRegistryFilter.sys of the component Device Driver Handler. Applying ... read more
  • New Media Smarty up to 9.9 data.mdb inadequate encryption
    A vulnerability has been found in New Media Smarty up to 9.9 (Customer Relationship Management System) and classified as problematic. Affected by this vulnerability is an unknown code block of ... read more
  • Senate SolarWinds Hearing: 4 Key Issues Raised
    Issues Include Attackers' Use of Amazon's InfrastructureThe Senate Intelligence Committee's hearing about the supply chian attack that affected SolarWinds and dozens of other companies and federal agencies answered some questions ... read more
  • Cybersecurity Agencies Warn of Accellion Vulnerability Exploits
    Latest Victims Include Australia's Transport for New South Wales and Canada's BombardierThe cybersecurity agencies of five countries have issued a joint advisory warning that hackers are exploiting vulnerabilities in the ... read more
  • typora 0.9.67 cross site scripting [CVE-2020-18737]
    A vulnerability was found in typora 0.9.67. It has been rated as problematic. Affected by this issue is an unknown function. There is no information about possible countermeasures known. It ... read more
  • Opmantek Open-AudIT 4.0.1 SQL Statement cross site scripting
    A vulnerability was found in Opmantek Open-AudIT 4.0.1. It has been declared as problematic. Affected by this vulnerability is some unknown processing of the component SQL Statement Handler. There is ... read more
  • Question2Answer Q2A Ultimate SEO 1.3 cross site scripting [CVE-2021-3258]
    A vulnerability classified as problematic was found in Question2Answer Q2A Ultimate SEO 1.3. This vulnerability affects some unknown functionality. Upgrading eliminates this vulnerability. The upgrade is hosted for download at ... read more
  • IBM PowerHA 7.2 Discovery information disclosure
    A vulnerability classified as problematic has been found in IBM PowerHA 7.2. This affects an unknown functionality of the component Discovery Handler. There is no information about possible countermeasures known. ... read more
  • More than 6,700 VMware servers exposed online and vulnerable to major new bug
    Proof-of-concept exploit code has been published online earlier today, and active scans for vulnerable VMware systems have been detected already. ... read more
  • CVE-2021-1393
    Multiple vulnerabilities in Cisco Application Services Engine could allow an unauthenticated, remote attacker to gain privileged access to host-level operations or to learn device-specific information, create diagnostic files, and make ... read more
  • CVE-2021-1229
    A vulnerability in ICMP Version 6 (ICMPv6) processing in Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a slow system memory leak, which over time could lead ... read more
  • CVE-2021-1228
    A vulnerability in the fabric infrastructure VLAN connection establishment of Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode could allow an unauthenticated, adjacent attacker to bypass ... read more
  • CVE-2021-1387
    A vulnerability in the network stack of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability ... read more
  • CVE-2021-1396
    Multiple vulnerabilities in Cisco Application Services Engine could allow an unauthenticated, remote attacker to gain privileged access to host-level operations or to learn device-specific information, create diagnostic files, and make ... read more
  • CVE-2021-1450
    A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an ... read more
  • CVE-2021-1367
    A vulnerability in the Protocol Independent Multicast (PIM) feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected ... read more
  • CVE-2021-1361
    A vulnerability in the implementation of an internal file management service for Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode that are running ... read more
  • CVE-2021-1231
    A vulnerability in the Link Layer Discovery Protocol (LLDP) for Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, adjacent attacker to disable switching ... read more
  • CVE-2021-1388
    A vulnerability in an API endpoint of Cisco ACI Multi-Site Orchestrator (MSO) installed on the Application Services Engine could allow an unauthenticated, remote attacker to bypass authentication on an affected ... read more
  • CVE-2021-1368
    A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with administrative privileges ... read more
  • CVE-2021-1227
    A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. This vulnerability ... read more
  • CVE-2021-1230
    A vulnerability with the Border Gateway Protocol (BGP) for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to cause a ... read more
  • Redwood Report2Web 4.3.4.5/4.5.3 signIn.do urll cross site scripting
    A vulnerability has been found in Redwood Report2Web 4.3.4.5/4.5.3 (Reporting Software) and classified as problematic. This vulnerability affects an unknown part of the file signIn.do. There is no information about ... read more
  • Redwood Report2Web 4.3.4.5/4.5.3 default.htm turl injection
    A vulnerability was found in Redwood Report2Web 4.3.4.5/4.5.3 (Reporting Software) and classified as critical. This issue affects an unknown code of the file help/Online_Help/NetHelp/default.htm. There is no information about possible ... read more
  • October CMS up to 471 Auth/Manager.php improper authentication
    A vulnerability was found in October CMS up to 471 (Content Management System). It has been classified as critical. Affected is an unknown code block of the file Auth/Manager.php. Applying ... read more
  • CVE-2020-36247 (open_ondemand)
    Open OnDemand before 1.5.7 and 1.6.x before 1.6.22 allows CSRF. ... read more
  • CVE-2019-25024 (openrepeater)
    OpenRepeater (ORP) before 2.2 allows unauthenticated command injection via shell metacharacters in the functions/ajax_system.php post_service parameter. ... read more
  • CVE-2021-26747 (wf2411_firmware, wf2780_firmware)
    Netis WF2780 2.3.40404 and WF2411 1.1.29629 devices allow Shell Metacharacter Injection into the ping command, leading to remote code execution. ... read more
  • CVE-2020-36233 (bitbucket)
    The Microsoft Windows Installer for Atlassian Bitbucket Server and Data Center before version 6.10.9, 7.x before 7.6.4, and from version 7.7.0 before 7.10.1 allows local attackers to escalate privileges because ... read more
  • CVE-2019-18243 (ifix)
    HMI/SCADA iFIX (Versions 6.1 and prior) allows a local authenticated user to modify system-wide iFIX configurations through the registry. This may allow privilege escalation. ... read more
  • CVE-2019-18255 (ifix)
    HMI/SCADA iFIX (Versions 6.1 and prior) allows a local authenticated user to modify system-wide iFIX configurations through section objects. This may allow privilege escalation. ... read more
  • CVE-2021-26911 (canary_mail, mailcore2)
    core/imap/MCIMAPSession.cpp in Canary Mail before 3.22 has Missing SSL Certificate Validation for IMAP in STARTTLS mode. ... read more
Older posts

integratus systems © 2021

KAVI IS iCOMMEX Platform v 02.25 Wednesday, February 24, 2021

  • Exchange Members |
  • Exchange Services |
  • Exchange Products |
  • Exchange Pricing |
  • Blog |
  • Disclaimer |
  • Terms |
  • Privacy |
  • Forgot Password ? |
  • About-Connect

Login

Login to integratus systems Exchange Platform Services

Forgot password?
Register Now

Hello

  • Your Account Type is
  • Your Mail Id is
  • Your Username is

Security Briefing Search

PDF Library Search

infosec Search

Reset Password

Reset Password

You have no permission to access this content