integratus systems

Exchange Platform Services

 
  • Join Now-Sign Up
  • Log In
Tag : Cyber Security

Cyber Security is Outdated Without Cyber Intelligence

Internet security is a challenge for any company. The Internet is and will be at the core of your business; […]

  • Blog
  • Editor Paper Extracts
  • Editor Picks Articles
  • Editor Picks Maps
  • Editor Picks Reports
  • IS Competitive Intelligence Briefings
  • IS Intelligence Work Group
  • IS Partners
  • IS Projects Work Group
  • IS Reports
  • IS Security Work Group
  • IS Working Group Briefings
  • Uncategorized

IS Security Alerts Advisories

  • Gitea up to 1.13.1 denial of service [CVE-2021-3382]
    A vulnerability, which was classified as problematic, has been found in Gitea up to 1.13.1. This issue affects an unknown part. There is no information about possible countermeasures known. It ... read more
  • IObit Advanced SystemCare 13.2 Device Driver AscRegistryFilter.sys dwIoControlCode denial of service
    A vulnerability, which was classified as problematic, was found in IObit Advanced SystemCare 13.2. Affected is an unknown code in the library AscRegistryFilter.sys of the component Device Driver Handler. Applying ... read more
  • New Media Smarty up to 9.9 data.mdb inadequate encryption
    A vulnerability has been found in New Media Smarty up to 9.9 (Customer Relationship Management System) and classified as problematic. Affected by this vulnerability is an unknown code block of ... read more
  • Senate SolarWinds Hearing: 4 Key Issues Raised
    Issues Include Attackers' Use of Amazon's InfrastructureThe Senate Intelligence Committee's hearing about the supply chian attack that affected SolarWinds and dozens of other companies and federal agencies answered some questions ... read more
  • Cybersecurity Agencies Warn of Accellion Vulnerability Exploits
    Latest Victims Include Australia's Transport for New South Wales and Canada's BombardierThe cybersecurity agencies of five countries have issued a joint advisory warning that hackers are exploiting vulnerabilities in the ... read more
  • IBM PowerHA 7.2 Discovery information disclosure
    A vulnerability classified as problematic has been found in IBM PowerHA 7.2. This affects an unknown functionality of the component Discovery Handler. There is no information about possible countermeasures known. ... read more
  • typora 0.9.67 cross site scripting [CVE-2020-18737]
    A vulnerability was found in typora 0.9.67. It has been rated as problematic. Affected by this issue is an unknown function. There is no information about possible countermeasures known. It ... read more
  • Opmantek Open-AudIT 4.0.1 SQL Statement cross site scripting
    A vulnerability was found in Opmantek Open-AudIT 4.0.1. It has been declared as problematic. Affected by this vulnerability is some unknown processing of the component SQL Statement Handler. There is ... read more
  • Question2Answer Q2A Ultimate SEO 1.3 cross site scripting [CVE-2021-3258]
    A vulnerability classified as problematic was found in Question2Answer Q2A Ultimate SEO 1.3. This vulnerability affects some unknown functionality. Upgrading eliminates this vulnerability. The upgrade is hosted for download at ... read more
  • More than 6,700 VMware servers exposed online and vulnerable to major new bug
    Proof-of-concept exploit code has been published online earlier today, and active scans for vulnerable VMware systems have been detected already. ... read more
  • CVE-2021-1230
    A vulnerability with the Border Gateway Protocol (BGP) for Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, remote attacker to cause a ... read more
  • CVE-2021-1393
    Multiple vulnerabilities in Cisco Application Services Engine could allow an unauthenticated, remote attacker to gain privileged access to host-level operations or to learn device-specific information, create diagnostic files, and make ... read more
  • CVE-2021-1229
    A vulnerability in ICMP Version 6 (ICMPv6) processing in Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a slow system memory leak, which over time could lead ... read more
  • CVE-2021-1228
    A vulnerability in the fabric infrastructure VLAN connection establishment of Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) Mode could allow an unauthenticated, adjacent attacker to bypass ... read more
  • CVE-2021-1387
    A vulnerability in the network stack of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on an affected device. This vulnerability ... read more
  • CVE-2021-1396
    Multiple vulnerabilities in Cisco Application Services Engine could allow an unauthenticated, remote attacker to gain privileged access to host-level operations or to learn device-specific information, create diagnostic files, and make ... read more
  • CVE-2021-1450
    A vulnerability in the interprocess communication (IPC) channel of Cisco AnyConnect Secure Mobility Client could allow an authenticated, local attacker to cause a denial of service (DoS) condition on an ... read more
  • CVE-2021-1367
    A vulnerability in the Protocol Independent Multicast (PIM) feature of Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected ... read more
  • CVE-2021-1361
    A vulnerability in the implementation of an internal file management service for Cisco Nexus 3000 Series Switches and Cisco Nexus 9000 Series Switches in standalone NX-OS mode that are running ... read more
  • CVE-2021-1231
    A vulnerability in the Link Layer Discovery Protocol (LLDP) for Nexus 9000 Series Fabric Switches in Application Centric Infrastructure (ACI) mode could allow an unauthenticated, adjacent attacker to disable switching ... read more
  • CVE-2021-1388
    A vulnerability in an API endpoint of Cisco ACI Multi-Site Orchestrator (MSO) installed on the Application Services Engine could allow an unauthenticated, remote attacker to bypass authentication on an affected ... read more
  • CVE-2021-1368
    A vulnerability in the Unidirectional Link Detection (UDLD) feature of Cisco FXOS Software and Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to execute arbitrary code with administrative privileges ... read more
  • CVE-2021-1227
    A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an unauthenticated, remote attacker to conduct a cross-site request forgery (CSRF) attack on an affected system. This vulnerability ... read more
  • Redwood Report2Web 4.3.4.5/4.5.3 signIn.do urll cross site scripting
    A vulnerability has been found in Redwood Report2Web 4.3.4.5/4.5.3 (Reporting Software) and classified as problematic. This vulnerability affects an unknown part of the file signIn.do. There is no information about ... read more
  • Redwood Report2Web 4.3.4.5/4.5.3 default.htm turl injection
    A vulnerability was found in Redwood Report2Web 4.3.4.5/4.5.3 (Reporting Software) and classified as critical. This issue affects an unknown code of the file help/Online_Help/NetHelp/default.htm. There is no information about possible ... read more
  • October CMS up to 471 Auth/Manager.php improper authentication
    A vulnerability was found in October CMS up to 471 (Content Management System). It has been classified as critical. Affected is an unknown code block of the file Auth/Manager.php. Applying ... read more
  • CVE-2020-36247 (open_ondemand)
    Open OnDemand before 1.5.7 and 1.6.x before 1.6.22 allows CSRF. ... read more
  • CVE-2019-25024 (openrepeater)
    OpenRepeater (ORP) before 2.2 allows unauthenticated command injection via shell metacharacters in the functions/ajax_system.php post_service parameter. ... read more
  • CVE-2021-26747 (wf2411_firmware, wf2780_firmware)
    Netis WF2780 2.3.40404 and WF2411 1.1.29629 devices allow Shell Metacharacter Injection into the ping command, leading to remote code execution. ... read more
  • CVE-2020-36233 (bitbucket)
    The Microsoft Windows Installer for Atlassian Bitbucket Server and Data Center before version 6.10.9, 7.x before 7.6.4, and from version 7.7.0 before 7.10.1 allows local attackers to escalate privileges because ... read more
  • CVE-2019-18243 (ifix)
    HMI/SCADA iFIX (Versions 6.1 and prior) allows a local authenticated user to modify system-wide iFIX configurations through the registry. This may allow privilege escalation. ... read more
  • CVE-2019-18255 (ifix)
    HMI/SCADA iFIX (Versions 6.1 and prior) allows a local authenticated user to modify system-wide iFIX configurations through section objects. This may allow privilege escalation. ... read more
  • CVE-2021-26911 (canary_mail, mailcore2)
    core/imap/MCIMAPSession.cpp in Canary Mail before 3.22 has Missing SSL Certificate Validation for IMAP in STARTTLS mode. ... read more
  • Panasonic Video Insight VMS up to 7.7 code injection [CVE-2021-20623]
    A vulnerability classified as very critical was found in Panasonic Video Insight VMS up to 7.7. Affected by this vulnerability is an unknown function. Upgrading to version 7.8 eliminates this ... read more
  • Name Directory Plugin up to 1.17.4 on WordPress cross-site request forgery
    A vulnerability, which was classified as problematic, has been found in Name Directory Plugin up to 1.17.4 on WordPress (WordPress Plugin). Affected by this issue is an unknown functionality. There ... read more
  • Linux Kernel up to 5.10.12 VSOCK net/vmw_vsock/af_vsock.c race condition
    A vulnerability, which was classified as critical, was found in Linux Kernel up to 5.10.12 (Operating System). This affects some unknown functionality of the file net/vmw_vsock/af_vsock.c of the component VSOCK ... read more
  • Repository Connector Plugin fino 2.0.2 su Jenkins Permission cross site scripting
    In Repository Connector Plugin fino 2.0.2 su Jenkins (Jenkins Plugin) stata rilevata una vulnerabilità di livello problematico. Riguarda una funzione sconosciuta del componente Permission Handler. Informazioni riguardo una possibile contromisura ... read more
  • Active Choices Plugin fino 2.5.2 su Jenkins cross site scripting
    Una vulnerabilità di livello problematico è stata rilevata in Active Choices Plugin fino 2.5.2 su Jenkins (Jenkins Plugin). Da questa vulnerabilità è interessato una funzione sconosciuta. Informazioni riguardo una possibile ... read more
  • Configuration Slicing Plugin fino 1.51 su Jenkins cross site request forgery
    È stata rilevata una vulnerabilità di livello problematico in Configuration Slicing Plugin fino 1.51 su Jenkins (Jenkins Plugin). É interessato una funzione sconosciuta del componente Configuration Handler. Informazioni riguardo una ... read more
  • Jenkins Support Core Plugin fino 2.72 escalazione di privilegi
    In Jenkins Support Core Plugin fino 2.72 (Continuous Integration Software) è stata rilevato un punto critico di livello problematico. É interessato una funzione sconosciuta. Informazioni riguardo una possibile contromisura non ... read more
  • Artifact Repository Parameter Plugin fino 1.0.0 su Jenkins cross site scripting
    In Artifact Repository Parameter Plugin fino 1.0.0 su Jenkins (Jenkins Plugin) è stato trovato un punto critico di livello problematico. Riguarda una funzione sconosciuta. Informazioni riguardo una possibile contromisura non ... read more
  • Claim Plugin fino 2.18.1 su Jenkins cross site request forgery
    Un punto critico di livello problematico è stato rilevato in Claim Plugin fino 2.18.1 su Jenkins (Jenkins Plugin). Da questa vulnerabilità è interessato una funzione sconosciuta. Informazioni riguardo una possibile ... read more
  • Claim Plugin fino 2.18.1 su Jenkins Display Name cross site scripting
    Una vulnerabilità di livello problematico è stata rilevata in Claim Plugin fino 2.18.1 su Jenkins (Jenkins Plugin). Interessato da questa vulnerabilità è una funzione sconosciuta del componente Display Name Handler. ... read more
  • GNOME gnome-autoar up to 0.2.4 Extraction autoar-extractor.c pathname traversal
    A vulnerability was found in GNOME gnome-autoar up to 0.2.4. It has been declared as critical. This vulnerability affects an unknown code of the file autoar-extractor.c of the component Extraction ... read more
  • Electric Coin Company Zcashd up to 2.1.1 Timestamp authorization
    A vulnerability was found in Electric Coin Company Zcashd up to 2.1.1. It has been rated as problematic. This issue affects an unknown code block of the component Timestamp Handler. ... read more
  • Electric Coin Company Zcashd up to 2.1.1 Time Offset information disclosure
    A vulnerability classified as problematic has been found in Electric Coin Company Zcashd up to 2.1.1. Affected is some unknown processing of the component Time Offset Handler. Applying the patch ... read more
  • Senate hearing: SolarWinds evidence points to Russia
    ... read more
  • Guide to cloud security management and best practices
    ... read more
  • Active Choices Plugin up to 2.5.2 on Jenkins cross site scripting
    A vulnerability classified as problematic has been found in Active Choices Plugin up to 2.5.2 on Jenkins (Jenkins Plugin). Affected is an unknown code. There is no information about possible ... read more
  • Helpcom up to 9.x hard-coded key [CVE-2020-7846]
    A vulnerability was found in Helpcom up to 9.x. It has been rated as problematic. This issue affects an unknown part. Upgrading to version 10.0 eliminates this vulnerability. ... read more
Older posts

integratus systems © 2021

KAVI IS iCOMMEX Platform v 02.25 Wednesday, February 24, 2021

  • Exchange Members |
  • Exchange Services |
  • Exchange Products |
  • Exchange Pricing |
  • Blog |
  • Disclaimer |
  • Terms |
  • Privacy |
  • Forgot Password ? |
  • About-Connect

Login

Login to integratus systems Exchange Platform Services

Forgot password?
Register Now

Hello

  • Your Account Type is
  • Your Mail Id is
  • Your Username is

Security Briefing Search

PDF Library Search

Cyber Security Search

Reset Password

Reset Password

You have no permission to access this content