Month: October 2021
-
Week in review: Popular npm package hijacked, zero trust security key tenets, wildcard certificate risks
Here’s an overview of some of last week’s most interesting news, articles and interviews: Apple fixes security feature bypass in macOS …
-
CVE-2021-33259 – Several web interfaces in D-Link DIR-868LW 1.12b have no authentication requirements for a …
Several web interfaces in D-Link DIR-868LW 1.12b have no authentication requirements for access, allowing for attackers to obtain users’ …
-
CVE-2020-36381 – An issue was discovered in the singleCrunch function in shenzhim aaptjs 1.3.1, allows atta …
An issue was discovered in the singleCrunch function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath …
-
CVE-2020-36380 – An issue was discovered in the crunch function in shenzhim aaptjs 1.3.1, allows attackers …
An issue was discovered in the crunch function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath …
-
CVE-2020-36379 – An issue was discovered in the remove function in shenzhim aaptjs 1.3.1, allows attackers …
An issue was discovered in the remove function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath …
-
CVE-2020-36378 – An issue was discovered in the packageCmd function in shenzhim aaptjs 1.3.1, allows attack …
An issue was discovered in the packageCmd function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath …
-
CVE-2020-36377 – An issue was discovered in the dump function in shenzhim aaptjs 1.3.1, allows attackers to …
An issue was discovered in the dump function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath …
-
CVE-2020-36376 – An issue was discovered in the list function in shenzhim aaptjs 1.3.1, allows attackers to …
An issue was discovered in the list function in shenzhim aaptjs 1.3.1, allows attackers to execute arbitrary code via the filePath …
-
CVE-2020-26707 – An issue was discovered in the add function in Shenzhim AAPTJS 1.3.1 which allows attacker …
An issue was discovered in the add function in Shenzhim AAPTJS 1.3.1 which allows attackers to execute arbitrary code via the filePath …
-
CVE-2020-26705 – The parseXML function in Easy-XML 0.5.0 was discovered to have a XML External Entity (XXE) …
The parseXML function in Easy-XML 0.5.0 was discovered to have a XML External Entity (XXE) vulnerability which allows for an attacker to …
-
CVE-2020-25912 – A XML External Entity (XXE) vulnerability was discovered in symphonylibtoolkitclass.xml …
A XML External Entity (XXE) vulnerability was discovered in symphonylibtoolkitclass.xmlelement.php in Symphony 2.7.10 which can lead to …
-
CVE-2020-25911 – A XML External Entity (XXE) vulnerability was discovered in the modRestServiceRequest comp …
A XML External Entity (XXE) vulnerability was discovered in the modRestServiceRequest component in MODX CMS 2.7.3 which can lead to an …
●●●