Month: January 2020
-
CVE-2014-1598 – centurystar 7.12 ActiveX Control has a Stack Buffer Overflow …
centurystar 7.12 ActiveX Control has a Stack Buffer …
-
CVE-2014-1454 – Pearson eSIS (Enterprise Student Information System) message board has stored XSS due to i …
Pearson eSIS (Enterprise Student Information System) message board has stored XSS due to improper validation of user …
-
CVE-2020-6170 – An authentication bypass vulnerability on Genexis Platinum-4410 v2.1 P4410-V2 1.28 devices …
An authentication bypass vulnerability on Genexis Platinum-4410 v2.1 P4410-V2 1.28 devices allows attackers to obtain cleartext credentials …
-
CVE-2019-20361 – There was a flaw in the WordPress plugin, Email Subscribers & Newsletters before 4.3.1 …
There was a flaw in the WordPress plugin, Email Subscribers & Newsletters before 4.3.1, that allowed SQL statements to be passed to the …
-
CVE-2019-20360 – A flaw in Give before 2.5.5, a WordPress plugin, allowed unauthenticated users to bypass A …
A flaw in Give before 2.5.5, a WordPress plugin, allowed unauthenticated users to bypass API authentication methods and access personally …
-
CVE-2020-6163 – The WikibaseMediaInfo extension 1.35 for MediaWiki allows XSS because of improper template …
The WikibaseMediaInfo extension 1.35 for MediaWiki allows XSS because of improper template syntax within the PropertySuggestionsWidget …
-
CVE-2014-5209 – An Information Disclosure vulnerability exists in NTP 4.2.7p25 private (mode 6/7) messages …
An Information Disclosure vulnerability exists in NTP 4.2.7p25 private (mode 6/7) messages via a GET_RESTRICT control message, which could …
-
Broadcom sells Symantec’s Cyber Security Services business to Accenture
Accenture has announced its intentions to acquire Symantec’s Cyber Security Services business from Broadcom Inc. Broadcom scooped up the …
-
DHS Warns of Potential Iranian Cyberattacks
DHS Warns of Potential Iranian Cyberattacks Concerns about an Iranian cyber response to the recent American military strike in Baghdad grew …
-
That Pulse Secure VPN you’re using to protect your data? Better get it patched – or it’s going to be ransomware time
Hackers are taking advantage of unpatched enterprise VPN setups ‒ specifically, a long-known bug in Pulse Secure’s code ‒ to spread …
-
Insight Partners Acquires Armis at $1.1B Valuation
Enterprise Internet of Things security company Armis has agreed to be acquired by US private equity firm Insight Partners for a valuation …
-
Tricky Phish Angles for Persistence, Not Passwords
Late last year saw the re-emergence of a nasty phishing tactic that allows the attacker to gain full access to a user’s data stored in …
●●●