Security
Headlines
HeadlinesLatestCVEs

Headline

Cisco SD-WAN Security Bug Allows Root Code Execution

The high-severity bug, tracked as CVE-2021-1529, is an OS command-injection flaw.

Threatpost
#Malware#Web Security#Government#Malware#Web Security#Cloud Security#Vulnerabilities#cisco

Related news

CVE-2021-25508: Samsung Mobile Security

Improper privilege management vulnerability in API Key used in SmartThings prior to 1.7.73.22 allows an attacker to abuse the API key without limitation.

CVE-2021-22458: 文档中心

A component of the HarmonyOS has a Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability. Local attackers may exploit this vulnerability to cause arbitrary code execution.

SQL injection flaw in billing software app tied to US ransomware infection

BillQuick customers blindsided by recently patched web security flaw

Siemens SCALANCE

This advisory contains mitigations for Cross-site Request Forgery, OS Command Injection, Classic Buffer Overflow, Command Injection, Path Traversal, and Missing Encryption of Sensitive Data vulnerabilities in the Siemens SCALANCE software management platform.

CVE-2021-31605: OpenVPN Monitor 1.1.3 Command Injection ≈ Packet Storm

furlongm openvpn-monitor through 1.1.3 allows %0a command injection via the OpenVPN management interface socket. This can shut down the server via signal%20SIGTERM.

Critical Cisco Bugs Allow Code Execution on Wireless, SD-WAN

Unauthenticated cyberattackers can also wreak havoc on networking device configurations.

Apple Patches 3 More Zero-Days Under Active Attack

One of the bugs, which affects macOS as well as older versions of iPhones, could allow an attacker to execute arbitrary code with kernel privileges.

CVE-2006-4472: Joomla Content Management System (CMS) - try it! It's free!

Multiple unspecified vulnerabilities in Joomla! before 1.0.11 allow attackers to bypass user authentication via unknown vectors involving the (1) do_pdf command and the (2) emailform com_content task.

Threatpost: Latest News

Student Loan Breach Exposes 2.5M Records