Microsoft Exchange Server 2016 and 2019 Remote Code Execution Vulnerability

On April 13th 2021 Microsoft released a software update to mitigate significant vulnerabilities that affect on-premises Exchange Servers 2013, 2016,

Read more

D-Link DIR-802 Command Injection Vulnerability [CVE-2021-29379]

CVE number – CVE-2021-29379 D-Link have been made aware of a Command Injection Vulnerability in the device’s UPNP feature of

Read more

Multiple Vulnerabilities in OpenSSL [CVE-2021-3450 and CVE-2021-3449]

CVE numbers = CVE-2021-3450 and CVE-2021-3449 Exploitation of these vulnerabilities could allow an attacker to use a valid non-certificate authority

Read more

Cisco Small Business Routers Management Interface Remote Command Execution Vulnerability [CVE-2021-1459]

CVE number = CVE-2021-1459 A vulnerability in the web-based management interface of Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers

Read more

Cisco SD-WAN vManage Software – Multiple Vulnerabilities

CVE numbers = CVE-2021-1137, CVE-2021-1479 and CVE-2021-1480 Multiple vulnerabilities in Cisco SD-WAN vManage Software could allow an unauthenticated, remote attacker to

Read more

Citrix Patches three DoS Vulnerabilities in Hypervisor

Two security issues have been identified in Citrix Hypervisor (formerly Citrix XenServer) that may allow privileged code in a guest

Read more

Vulnerability in ‘netmask’ npm package [CVE-2021-28918]

CVE number – CVE-2021-28918 A vulnerability has been found in the netmask npm package that could expose private networks and

Read more

Apache SpamAssassin malicious rule configuration [CVE-2020-1946]

CVE number – CVE-2020-1946 Apache SpamAssassin 3.4.5 was recently released [1], and fixes an issue of security note where malicious

Read more

F5 iControl REST unauthenticated remote command execution vulnerability [CVE-2021-22986]

CVE number = CVE-2021-22986 The iControl REST interface has an unauthenticated remote command execution vulnerability. This vulnerability allows for unauthenticated

Read more

F5 Advanced WAF/ASM buffer-overflow vulnerability (CVE-2021-22992)

A malicious HTTP response to an Advanced WAF/ASM virtual server with Login Page configured in its policy may trigger a

Read more
%d bloggers like this: