Security
Headlines
HeadlinesLatestCVEs

Headline

Fugue Adds Kubernetes Security Checks to Secure Infrastructure-As-Code

Developers can apply proper security controls as they programmatically deploy Kubernetes clusters.

DARKReading

Related news

CVE-2021-22470: 文档中心

A component of the HarmonyOS has a Privileges Controls vulnerability. Local attackers may exploit this vulnerability to expand the Recording Trusted Domain.

CVE-2021-22456: 文档中心

A component of the HarmonyOS has a Data Processing Errors vulnerability. Local attackers may exploit this vulnerability to cause Kernel System unavailable.

CVE-2021-22454: 文档中心

A component of the HarmonyOS has a External Control of System or Configuration Setting vulnerability. Local attackers may exploit this vulnerability to cause core dump.

CVE-2021-22465: 文档中心

A component of the HarmonyOS has a Heap-based Buffer Overflow vulnerability. Local attackers may exploit this vulnerability to cause Kernel System unavailable.

CVE-2021-37124: Security Advisory - Path Traversal Vulnerability in Huawei PC Product

There is a path traversal vulnerability in Huawei PC product. Because the product does not filter path with special characters,attackers can construct a file path with special characters to exploit this vulnerability. Successful exploitation could allow the attacker to transport a file to certain path.Affected product versions include:PC Smart Full Scene 11.1 versions PCManager 11.1.1.97.

Fugue Adds Kubernetes Security Checks to Secure Infrastructure-as-Code

Developers can apply proper security controls as they programmatically deploy Kubernetes clusters.

IDrive Remote Desktop Offers Protection from RDP Cyberattacks and Vulnerabilities

Remote Desktop aims to solve vulnerability issues with RDP by implementing robust access and security controls.

Dolibarr ERP / CRM 14.0.2 Cross Site Scripting / Privilege Escalation

Dolibarr ERP and CRM 14.0.2 suffers from a persistent cross site scripting vulnerability that enables privilege escalation.

CVE-2021-38124: Portal

Remote Code Execution vulnerability in Micro Focus ArcSight Enterprise Security Manager (ESM) product, affecting versions 7.0.2 through 7.5. The vulnerability could be exploited resulting in remote code execution.

CVE-2021-40310: OpenSIS 8.0 'cp_id_miss_attn' - Reflected Cross-Site Scripting (XSS) PoC

OpenSIS Community Edition version 8.0 is affected by a cross-site scripting (XSS) vulnerability in the TakeAttendance.php via the cp_id_miss_attn parameter.

CVE-2021-40868: Cloudron 6.2 Cross Site Scripting ≈ Packet Storm

In Cloudron 6.2, the returnTo parameter on the login page is vulnerable to Reflected XSS.

CVE-2021-22528: Cross-Site Scripting Vulnerability (CVE-2021-22528)

Reflected Cross Site Scripting (XSS) vulnerability in NetIQ Access Manager prior to 5.0.1 and 4.5.4

DARKReading: Latest News

Iranian APT Group Targets IP Cameras, Extends Attacks Beyond Israel