VU#724367: VMware Workspace ONE Access and related components are vulnerable to command injection
Overview
VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector are vulnerable to...
VU#231329: Replay Protected Memory Block (RPMB) protocol does not adequately defend against replay attacks
Overview
The Replay Protected Memory Block (RPMB) protocol found in several storage specifications does not securely...
VU#760767: Macrium Reflect is vulnerable to privilege escalation due to OPENSSLDIR location
Overview
Macrium Reflect contains a privilege escalation vulnerability due to the use of an OPENSSLDIR variable...
VU#208577: Chocolatey Boxstarter vulnerable to privilege escalation due to weak ACLs
Overview
Chocolatey Boxstarter fails to properly set ACLs, which can allow an unprivileged Windows user to...
VU#114757: Acronis backup software contains multiple privilege escalation vulnerabilities
Overview
Acronis True Image, Cyber Backup, and Cyber Protection all contain privilege escalation vulnerabilities, which can...
VU#490028: Microsoft Windows Netlogon Remote Protocol (MS-NRPC) uses insecure AES-CFB8 initialization vector
Overview
The Microsoft Windows Netlogon Remote Protocol (MS-NRPC) reuses a known, static, zero-value initialization vector (IV)...
VU#896979: IPTV encoder devices contain multiple vulnerabilities
Overview
Multiple vulnerabilities exist in various Video Over IP (Internet Protocol) encoder devices, also known as...
VU#589825: Devices supporting Bluetooth BR/EDR and LE using CTKD are vulnerable to key overwrite
Overview
Devices supporting both Bluetooth BR/EDR and LE using Cross-Transport Key Derivation (CTKD) for pairing are...
VU#221785: Diebold Nixdorf ProCash 2100xe USB ATM does not adequately secure communications between CCDM and host
Overview
Diebold Nixdorf 2100xe USB automated teller machines (ATMs) are vulnerable to physical attacks on the...
VU#815655: NCR SelfServ ATM BNA contains multiple vulnerabilities
Overview
NCR SelfServ automated teller machines (ATMs) running APTRA XFS 04.02.01 and 05.01.00 are vulnerable to...
VU#116713: NCR SelfServ ATM dispenser software contains multiple vulnerabilities
Overview
NCR SelfServ automated teller machines (ATMs) running APTRA XFS 05.01.00 or older are vulnerable to...
VU#174059: GRUB2 bootloader is vulnerable to buffer overflow
Overview
The GRUB2 boot loader is vulnerable to buffer overflow, which results in arbitrary code execution...
VU#290915: F5 BIG-IP contains multiple vulnerabilities including unauthenticated remote command execution
Overview
F5 BIG-IP provides a Traffic Management User Interface (TMUI), also referred to as the Configuration...
VU#576779: Netgear httpd upgrade_check.cgi stack buffer overflow
Overview
Multiple Netgear devices contain a stack buffer overflow in the httpd web server's handling of...
VU#257161: Treck IP stacks contain multiple vulnerabilities
Overview
Treck IP stack implementations for embedded systems are affected by multiple vulnerabilities. This set of vulnerabilities was researched and reported by JSOF who calls them Ripple20.
Description
Treck IP network stack software is designed for and used in a variety of...
Top 20 Predictions Of How AI Is Going To Improve Cybersecurity In 2021
What 20 Leading Cybersecurity Experts Are Predicting For 2021
Italy Says Two Arrested for Defense Data Theft
Two people have been arrested for stealing defense data from the Italian aerospace and electronics group Leonardo, the interior ministry said on Saturday.
The company has a wide range of activities from naval electronics, network and protection systems, electronic warfare...
The US Used the Patriot Act to Justify Logging Website Users
Plus: Better Twitter two-factor, a Spotify hack, and more of the week’s top security news.
Ransomware hits helicopter maker Kopter
Data from Kopter's internal network has been published on the LockBit gang's blog, hosted on the dark web.
Ransomware gangs are now cold-calling victims if they restore from backups without paying
Tactic used since August by ransomware gangs like Sekhmet, Maze, Conti, and Ryuk.
