Apache Releases Security Advisory for Tomcat [CVE-2021-24122]

The Apache Software Foundation has released a security advisory to address a vulnerability affecting multiple versions of Apache Tomcat. An

Read more

Cisco Finesse OpenSocial Gadget Editor Vulnerabilities [CVE-2021-1245 & CVE-2021-1246]

CVE numbers – CVE-2021-1245 & CVE-2021-1246 Multiple vulnerabilities in the web-based management interface of Cisco Finesse could allow an unauthenticated, remote

Read more

Juniper Networks Junos OS Multiple Local Privilege Escalation vulnerabilities in SUID binaries

Multiple local privilege escalation vulnerabilities in Juniper Networks Junos OS have been reported due to the setuid bit being enabled on

Read more

Cisco Unified Communications Products Information Disclosure Vulnerability [CVE-2021-1226]

CVE number – CVE-2021-1226 A vulnerability in the audit logging component of Cisco Unified Communications Manager, Cisco Unified Communications Manager Session Management

Read more

Cisco Connected Mobile Experiences User Enumeration Vulnerability [CVE-2021-1143]

CVE number – CVE-2021-1143 A vulnerability in Cisco Connected Mobile Experiences (CMX) API authorizations could allow an authenticated, remote attacker to

Read more

Cisco AnyConnect Secure Mobility Client Arbitrary File Read Vulnerability [CVE-2021-1258]

CVE number – CVE-2021-1258 A vulnerability in the upgrade component of Cisco AnyConnect Secure Mobility Client could allow an authenticated, local

Read more

Netgear Pre-Authentication Command Injection on NMS300 [CVE-2020-35797]

Netgear has released fixes for a pre-authentication command injection security vulnerability on the following product models: NMS300, running firmware versions

Read more

Babuk Loader Ransomware

Babuk Loader is a human-operated ransomware targeting businesses worldwide. Despite appearing to be amateurishly constructed, it’s encryption functions are well-implemented, and it has already impacted

Read more

Linux Kernel io_uring Use-After-Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel. An attacker must first obtain the

Read more

Cisco Identity Services Engine Cross-Site Scripting Vulnerability [CVE-2020-3551]

CVE number = CVE-2020-3551 A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated,

Read more
%d bloggers like this: