VU#240785: Atlassian Bitbucket on Windows is vulnerable to privilege escalation due to weak ACLs
Overview
Atlassian Bitbucket on Windows fails to properly set ACLs, which can allow an unprivileged Windows...
VU#466044: Siemens Totally Integrated Automation Portal vulnerable to privilege escalation due to Node.js paths
Overview
Siemens Totally Integrated Administrator (TIA) fails to properly set the module search path to be...
VU#794544: Heap-Based Buffer Overflow in Sudo
Overview
A heap-based overflow has been discovered in sudo, which may allow a local attacker to...
VU#125331: Adobe ColdFusion is vulnerable to privilege escalation due to weak ACLs
Overview
Adobe ColdFusion fails to properly set ACLs, which can allow an unprivileged Windows user to...
VU#434904: Dnsmasq is vulnerable to memory corruption and cache poisoning
Overview
Dnsmasq is vulnerable to a set of memory corruption issues handling DNSSEC data and a...
VU#843464: SolarWinds Orion API authentication bypass allows remote comand execution
Overview
The SolarWinds Orion API is vulnerable to authentication bypass that could allow a remote attacker...
VU#429301: Veritas Backup Exec is vulnerable to privilege escalation due to OPENSSLDIR location
Overview
Veritas Backup Exec contains a privilege escalation vulnerability due to the use of an OPENSSLDIR...
VU#815128: Embedded TCP/IP stacks have memory corruption vulnerabilities
Overview
Multiple open-source embedded TCP/IP stacks, commonly used in Internet of Things (IoT) and embedded devices,...
VU#724367: VMware Workspace ONE Access and related components are vulnerable to command injection
Overview
VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector are vulnerable to...
VU#231329: Replay Protected Memory Block (RPMB) protocol does not adequately defend against replay attacks
Overview
The Replay Protected Memory Block (RPMB) protocol found in several storage specifications does not securely...
VU#760767: Macrium Reflect is vulnerable to privilege escalation due to OPENSSLDIR location
Overview
Macrium Reflect contains a privilege escalation vulnerability due to the use of an OPENSSLDIR variable...
VU#208577: Chocolatey Boxstarter vulnerable to privilege escalation due to weak ACLs
Overview
Chocolatey Boxstarter fails to properly set ACLs, which can allow an unprivileged Windows user to...
VU#114757: Acronis backup software contains multiple privilege escalation vulnerabilities
Overview
Acronis True Image, Cyber Backup, and Cyber Protection all contain privilege escalation vulnerabilities, which can...
VU#490028: Microsoft Windows Netlogon Remote Protocol (MS-NRPC) uses insecure AES-CFB8 initialization vector
Overview
The Microsoft Windows Netlogon Remote Protocol (MS-NRPC) reuses a known, static, zero-value initialization vector (IV)...
VU#896979: IPTV encoder devices contain multiple vulnerabilities
Overview
Multiple vulnerabilities exist in various Video Over IP (Internet Protocol) encoder devices, also known as...
Search crimes – how the Gootkit gang poisons Google searches
When a search result looks too good to be true - it IS too good to be true!
Dairy Giant Lactalis Targeted by Hackers
France-based dairy giant Lactalis revealed last week that it was targeted by hackers, but claimed that it had found no evidence of a data breach.
The company said a malicious third party attempted to breach its computer network, but it...
Crypto firm Tether says it won’t pay $24 million ransom after being threatened with document leak
Controversial cryptocurrency developer Tether says it will not give in to extortionists who are demanding a 500 Bitcoin ransom payment (currently worth approximately US $24 million).
Mysterious Macintosh Malware
This is weird:
Once an hour, infected Macs check a control server to see if there are any new commands the malware should run or binaries to execute. So far, however, researchers have yet to observe delivery of any payload...
What Did I Just Read? A Conversation With the Authors of '2034'
Elliot Ackerman and Admiral James Stavridis discuss their inspirations, personal experiences, and what keeps them up at night.
