MG Strategy+ - Foundation LogoSEC

MG Strategy+

Cybersecurity Data Services

Join Now-Sign Up
Log In

SEC

Editor Paper Extracts
Editor Picks Articles
Editor Picks Maps
Editor Picks Reports
MGS+ EPCM Workgroup
MGS+ ICS Workgroup
MGS+ Operational Efficiencies Workgroup
MGS+ Partners
Uncategorized

001 MGS Alerts Advisories

89.07267
Modified (2)Adware/DataCollector_Utilcode!AndroidAdware/MobiDash!Android ... read more
Microsoft Windows Local Privilege Escalation [CVE-2011-4695]
A vulnerability was found in Microsoft Windows (Operating System) (affected version unknown). It has been declared as critical. There is no information about possible countermeasures known. It may be suggested ... read more
89.07266
Newly Added (1)Android/Agent.CVE!trModified (3)Adware/MobiDash!AndroidAndroid/Agent.CDL!trAndroid/Cerberus.G!tr.spy ... read more
89.07264
Modified (5)Adware/DataCollector_Utilcode!AndroidAdware/MobiDash!AndroidAndroid/Agent.CDL!trAndroid/Agent.IZS!trAndroid/LockScreen_Jisut.CC!tr ... read more
89.07265
Modified (4)Adware/MobiDash!AndroidAdware/SMSFlooder_Agent!AndroidAndroid/Agent.CDL!trRiskware/Application!Android ... read more
89.07263
Modified (2)Adware/AndrMonitor!AndroidAdware/MobiDash!Android ... read more
89.07262
Modified (5)Adware/AndrMonitor!AndroidAdware/MobiDash!AndroidAdware/Mobtool!AndroidAndroid/Cerberus.G!tr.spyRiskware/Application!Android ... read more
89.07261
Modified (5)Adware/MobiDash!AndroidAndroid/Agent.CDL!trAndroid/Agent.FQN!trAndroid/Agent.HQS!trAndroid/SmsSpy.UJ!tr.spy ... read more
Video: YARA Rules for Office Maldocs, (Sun, Nov 28th)
In this video, I show and explain the YARA rules I covered in diary entries "Extra Tip For Triage Of MALWARE Bazaar's Daily Malware Batches" , "Simple YARA Rules for ... read more
89.07260
Modified (5)Adware/Dowgin!AndroidAdware/Ewind!AndroidAdware/Kuguo!AndroidAdware/MobiDash!AndroidRiskware/Application!Android ... read more
CVE-2021-4020
Gravedad: NonePublicado: 27/11/2021Last revised: 27/11/2021Descripción: *** Pendiente de traducción *** janus-gateway is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') ... read more
89.07257
Modified (2)Adware/MobiDash!AndroidRiskware/Application!Android ... read more
89.07256
Newly Added (1)Android/Agent.YB!tr.dldrModified (2)Adware/MobiDash!AndroidAndroid/Cerberus.G!tr.spy ... read more
Crypto Pairing With Rust … The MIRACL Way
We are extremely privildged to partner with some amazing companies. These companies are typically small and innovative, and MIRACL is one…Continue reading on ASecuritySite: When Bob Met Alice » ... read more
89.07255
Modified (5)Adware/MobiDash!AndroidAdware/Styricka!AndroidAndroid/Agent.JAO!trAndroid/Banker.AZQ!tr.spyRiskware/Application!Android ... read more
Zoom Client for Meetings state issue [CVE-2021-34424]
A vulnerability classified as critical has been found in Zoom Client for Meetings, Rooms for Conference Room, Controllers for Zoom Rooms, VDI, SDK, Meeting SDK, Video SDK, On-Premise Meeting Connector ... read more
Wind River VxWorks 6.9/7.0 IKE double free
A vulnerability classified as critical was found in Wind River VxWorks 6.9/7.0. Affected by this vulnerability is an unknown code block of the component IKE. There is no information about ... read more
89.07254
Modified (10)Adware/Androlua!AndroidAdware/Dowgin!AndroidAdware/Ewind!AndroidAdware/KreditSpy!AndroidAdware/Kuguo!AndroidAdware/MobiDash!AndroidAdware/Styricka!AndroidAndroid/Agent.CUC!trAndroid/Agent.GIH!trAndroid/Banker.AZQ!tr.spy ... read more
Hide My WP Plugin up to 6.2.3 on WordPress hmwp_get_user_ip sql injection
A vulnerability was found in Hide My WP Plugin up to 6.2.3 on WordPress (WordPress Plugin). It has been classified as critical. This affects the function hmwp_get_user_ip. Applying a patch ... read more
Barcode up to 2.6.0 on GLPI front/send.php path traversal
A vulnerability was found in Barcode up to 2.6.0 on GLPI and classified as critical. Affected by this issue is an unknown function of the file front/send.php. Upgrading to version ... read more
Symfony up to 4.4.33/5.3.11 Serializer csv injection
A vulnerability has been found in Symfony up to 4.4.33/5.3.11 and classified as critical. Affected by this vulnerability is some unknown processing of the component Serializer. Upgrading to version 4.4.34 ... read more
Symfony up to 5.3.11 HTTP Kernel request smuggling
A vulnerability, which was classified as problematic, has been found in Symfony up to 5.3.11. This issue affects an unknown code of the component HTTP Kernel. Upgrading to version 5.3.12 ... read more
Symfony up to 5.3.11 SecurityBundle session fixiation
A vulnerability, which was classified as critical, was found in Symfony up to 5.3.11. Affected is an unknown code block of the component SecurityBundle. Upgrading to version 5.3.12 eliminates this ... read more
Hide My WP Plugin up to 6.2.3 on WordPress access control [CVE-2021-36917]
A vulnerability was found in Hide My WP Plugin up to 6.2.3 on WordPress (WordPress Plugin). It has been declared as critical. This vulnerability affects some unknown functionality. Applying a ... read more
Zoom Client for Meetings buffer overflow [CVE-2021-34423]
A vulnerability was found in Zoom Client for Meetings, Rooms for Conference Room, Controllers for Zoom Rooms, VDI, SDK, Meeting SDK, Video SDK, On-Premise Meeting Connector Controller, On-Premise Meeting Connector ... read more
89.07253
Modified (54)Adware/AdTraff!AndroidAdware/AdsWo!AndroidAdware/Agent!AndroidAdware/AirPush!AndroidAdware/Anzhu!AndroidAdware/Apofer!AndroidAdware/Autoins!AndroidAdware/Batmob!AndroidAdware/Cerberus!AndroidAdware/Commplat!AndroidAdware/DataCollector!AndroidAdware/Dianru!AndroidAdware/Domob!AndroidAdware/Dowgin!AndroidAdware/Dromon!AndroidAdware/Ewind!AndroidAdware/Feiad!AndroidAdware/Frupi!AndroidAdware/Goodad!AndroidAdware/HiddenAd!AndroidAdware/Inmobi!AndroidAdware/Jiead!AndroidAdware/Kuguo!AndroidAdware/KyView!AndroidAdware/LdPinch!AndroidAdware/LeadBolt!AndroidAdware/MobiDash!AndroidAdware/Mobtool!AndroidAdware/Obfus!AndroidAdware/Ocikq!AndroidAdware/Pandaad!AndroidAdware/Plangton!AndroidAdware/Plankton!AndroidAdware/PushAd!AndroidAdware/Qumi!AndroidAdware/RecmAds!AndroidAdware/SMSFlooder_Agent!AndroidAdware/SMSreg!AndroidAdware/Styricka!AndroidAdware/Uuser!AndroidAdware/Viser!AndroidAdware/Wap3!AndroidAdware/Waps!AndroidAdware/Xynyin!AndroidAdware/Youmi!AndroidAndroid/Agent.GIH!trRiskware/Abarw!AndroidRiskware/Android_Adwo!AndroidRiskware/Application!AndroidRiskware/Dnotua!AndroidRiskware/NeoSMS!AndroidRiskware/Skymobi!AndroidRiskware/SmsReg!AndroidRiskware/SpyLoan!Android ... read more
PowerCMS up to 2.x/3.295/4.49/5.19 XMLRPC API os command injection
A vulnerability was found in PowerCMS up to 2.x/3.295/4.49/5.19 and classified as critical. This issue affects an unknown code block of the component XMLRPC API. There is no information about ... read more
BitDefender Endpoint Security Tools/GravityZone EPPUpdateService server-side request forgery
A vulnerability classified as critical has been found in BitDefender Endpoint Security Tools and GravityZone (the affected version unknown). This affects some unknown functionality of the component EPPUpdateService. Upgrading eliminates ... read more
IBM Planning Analytics 2.0 csv injection [CVE-2021-38873]
A vulnerability classified as critical was found in IBM Planning Analytics 2.0. This vulnerability affects an unknown part. Upgrading eliminates this vulnerability. ... read more
Redash up to 10.0.0 insecure default initialization of resource
A vulnerability was found in Redash up to 10.0.0. It has been rated as critical. Affected by this issue is an unknown functionality. Applying the patch ce60d20c4e3d1537581f2f70f1308fe77ab6a214 is able to ... read more
MongoDB 5.0.2 Aggregation Request assertion
A vulnerability was found in MongoDB 5.0.2 (Database Software). It has been declared as problematic. Affected by this vulnerability is an unknown function of the component Aggregation Request Handler. Upgrading ... read more
EC-CUBE up to 2.17.1 cross-site request forgery [CVE-2021-20842]
A vulnerability was found in EC-CUBE up to 2.17.1 (E-Commerce Management Software). It has been classified as problematic. Affected is some unknown processing. There is no information about possible countermeasures ... read more
89.07252
Modified (8)Adware/Dowgin!AndroidAdware/Ewind!AndroidAdware/MobiDash!AndroidAdware/Secapk!AndroidAndroid/Agent.CIH!trAndroid/Banker.AYT!tr.spyAndroid/SpyC23.A!trRiskware/Application!Android ... read more
rwtxt up to 1.8.5 cross site scripting [CVE-2021-20848]
A vulnerability has been found in rwtxt up to 1.8.5 and classified as problematic. This vulnerability affects an unknown code. Upgrading to version 1.8.6 eliminates this vulnerability. ... read more
Booking Package up to 1.5.10 cross site scripting [CVE-2021-20840]
A vulnerability, which was classified as problematic, has been found in Booking Package up to 1.5.10. Affected by this issue is some unknown functionality. Upgrading to version 1.5.11 eliminates this ... read more
Mercari App up to 4.49.0 on Android Custom URL Scheme improper authorization
A vulnerability classified as critical was found in Mercari App up to 4.49.0 on Android (Android App Software). Affected by this vulnerability is an unknown functionality of the component Custom ... read more
Yamaha RTX830/NVR510/NVR700W/RTX1210 Web Page cross site scripting
A vulnerability classified as problematic has been found in Yamaha RTX830, NVR510, NVR700W and RTX1210 (version unknown). Affected is an unknown function of the component Web Page Handler. Upgrading eliminates ... read more
EC-CUBE up to 2.17.1 System Setting access control
A vulnerability was found in EC-CUBE up to 2.17.1 (E-Commerce Management Software). It has been rated as critical. This issue affects some unknown processing of the component System Setting Handler. ... read more
Yamaha RTX830/NVR510/NVR700W/RTX1210 Web GUI cross site scripting
A vulnerability, which was classified as problematic, was found in Yamaha RTX830, NVR510, NVR700W and RTX1210 (the affected version unknown). This affects an unknown part of the component Web GUI. ... read more
Backdoor.Win32.Coredoor.10.a Service Port 21000 information disclosure
A vulnerability classified as problematic was found in Backdoor.Win32.Coredoor.10.a (Remote Access Software) (the affected version is unknown). This vulnerability affects an unknown code of the component Service Port 21000. Proper ... read more
Email-Worm.Win32.Deltad permission
A vulnerability has been found in Email-Worm.Win32.Deltad (affected version unknown) and classified as critical. Affected by this vulnerability is an unknown function. There is no information about possible countermeasures known. ... read more
Backdoor.Win32.Coredoor.10.a Service Port 21000 improper authentication
A vulnerability, which was classified as critical, was found in Backdoor.Win32.Coredoor.10.a (Remote Access Software) (version unknown). Affected is some unknown processing of the component Service Port 21000. It is possible ... read more
janus-gateway Web Page Generation cross site scripting [CVE-2021-4020]
A vulnerability, which was classified as problematic, has been found in janus-gateway (unknown version). This issue affects an unknown code block of the component Web Page Generation Handler. Applying the ... read more
Backdoor.Win32.Coredoor.10.a Service Port 21000 Information Disclosure
In Backdoor.Win32.Coredoor.10.a - eine genaue Versionsangabe ist nicht möglich - (Remote Access Software) wurde eine Schwachstelle entdeckt. Sie wurde als problematisch eingestuft. Betroffen ist ein unbekannter Teil der Komponente Service ... read more
Backdoor.Win32.Coredoor.10.a Service Port 21000 schwache Authentisierung
Es wurde eine Schwachstelle in Backdoor.Win32.Coredoor.10.a - die betroffene Version ist unbekannt - (Remote Access Software) gefunden. Sie wurde als kritisch eingestuft. Betroffen hiervon ist unbekannter Programmcode der Komponente Service ... read more
Email-Worm.Win32.Deltad erweiterte Rechte
In Email-Worm.Win32.Deltad - die betroffene Version ist nicht bekannt - wurde eine Schwachstelle gefunden. Sie wurde als kritisch eingestuft. Es geht um unbekannter Code. Es sind keine Informationen bezüglich Gegenmassnahmen ... read more
janus-gateway Web Page Generation Cross Site Scripting [CVE-2021-4020]
Eine Schwachstelle wurde in janus-gateway - eine genaue Versionsangabe steht aus - entdeckt. Sie wurde als problematisch eingestuft. Betroffen davon ist ein unbekannter Codeteil der Komponente Web Page Generation Handler. ... read more
89.07251
Modified (7)Adware/Kuguo!AndroidAdware/MobiDash!AndroidAdware/Styricka!AndroidAndroid/Agent.CDL!trAndroid/Agent.CTI!trAndroid/Facestealer.CG!tr.spyRiskware/Application!Android ... read more
Backdoor.Win32.Coredoor.10.a Service Port 21000 rivelazione di un 'informazione
È stata rilevata una vulnerabilità di livello problematico in Backdoor.Win32.Coredoor.10.a (Remote Access Software). Da questa vulnerabilità è interessato una funzione sconosciuta del componente Service Port 21000. È possibile attenuare l'effetto ... read more
janus-gateway Web Page Generation cross site scripting [CVE-2021-4020]
In janus-gateway stata rilevata una vulnerabilità di livello problematico. É interessato una funzione sconosciuta del componente Web Page Generation Handler. Applicando la patch d3fc00ec803d6c41d8f98908732f44e7f4911a1c è possibile eliminare il problema. Il ... read more

MG Strategy+ Industrial Control Systems Group @2019

KAVI MGS iSTRACIN Platform v 02.25 Sunday, November 28, 2021

Disclaimer |
Terms |
Privacy
About-Services |
Blog-Reports
YouTube
Pinterest
LinkedIn
Twitter
LinkedIn
Twitter
Connect-Contact

Login

Login to integratus systems Exchange Platform Services

Forgot password?

Hello

Your Account Type is
Your Mail Id is
Your Username is

PDF Library Search

Security Briefing Search

Foundation Logo Search

Reset Password

Reset Password

You have no permission to access this content