Security
Headlines
HeadlinesLatestCVEs

Headline

CVE-2021-42369: public-vulnerabilities/Imagicle/CVE at master · dawid-czarnecki/public-vulnerabilities

Imagicle Application Suite (for Cisco UC) before 2021.Summer.2 allows SQL injection. A low-privileged user could inject a SQL statement through the “Export to CSV” feature of the Contact Manager web GUI.

CVE
#sql#vulnerability#web#cisco

Related news

CVE-2021-34413: Security Bulletin

All versions of the Zoom Plugin for Microsoft Outlook for MacOS before 5.3.52553.0918 contain a Time-of-check Time-of-use (TOC/TOU) vulnerability during the plugin installation process. This could allow a standard user to write their own malicious application to the plugin directory, allowing the malicious application to execute in a privileged context.

CVE-2021-34413: CWE - CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition (4.5)

All versions of the Zoom Plugin for Microsoft Outlook for MacOS before 5.3.52553.0918 contain a Time-of-check Time-of-use (TOC/TOU) vulnerability during the plugin installation process. This could allow a standard user to write their own malicious application to the plugin directory, allowing the malicious application to execute in a privileged context.

Dumping RDP Credentials

Administrators typically use Remote Desktop Protocol (RDP) in order to manage Windows environments remotely. It is also typical RDP to be enabled in systems that… Continue reading → Dumping RDP Credentials

CVE: Latest News

CVE-2023-50976: Transactions API Authorization by oleiman · Pull Request #14969 · redpanda-data/redpanda
CVE-2023-6905
CVE-2023-6903
CVE-2023-6904
CVE-2023-3907