MG Strategy+

Cybersecurity Data Services

 
  • Join Now-Sign Up
  • Log In
MG Strategy+ Support Pdf Tool

001 MGS Alerts Advisories

  • Fallo de autenticación en OmniCore RobotWare de ABB
    Fecha de publicación: 09/12/2021 Importancia: Crítica Recursos afectados: RobotWare, versiones anteriores a 7.3.2. Descripción: Se ha identificado una vulnerabilidad crítica en OmniCore RobotWare, que podría permitir a ... read more
  • CVE-2021-36167
    An improper authorization vulnerabiltiy [CWE-285] in FortiClient Windows versions 7.0.0 and 6.4.6 and below and 6.2.8 and below may allow an unauthenticated attacker to bypass the webfilter control via modifying ... read more
  • CVE-2021-43068
    A improper authentication in Fortinet FortiAuthenticator version 6.4.0 allows user to bypass the second factor of authentication via a RADIUS login portal. ... read more
  • CVE-2021-42759
    A violation of secure design principles in Fortinet Meru AP version 8.6.1 and below, version 8.5.5 and below allows attacker to execute unauthorized code or commands via crafted cli commands. ... read more
  • CVE-2021-43204
    A improper control of a resource through its lifetime in Fortinet FortiClientWindows version 6.4.1 and 6.4.0, version 6.2.9 and below, version 6.0.10 and below allows attacker to cause a complete ... read more
  • CVE-2021-36194
    Multiple stack-based buffer overflows in the API controllers of FortiWeb 6.4.1, 6.4.0, and 6.3.0 through 6.3.15 may allow an authenticated attacker to achieve arbitrary code execution via specially crafted requests. ... read more
  • CVE-2021-43410
    Apache Airavata Django Portal allows CRLF log injection because of lack of escaping log statements. In particular, some HTTP request parameters are logged without first being escaped. Versions affected: master ... read more
  • CVE-2021-36189
    A missing encryption of sensitive data in Fortinet FortiClientEMS version 7.0.1 and below, version 6.4.4 and below allows attacker to information disclosure via inspecting browser decrypted data ... read more
  • CVE-2021-43065
    A incorrect permission assignment for critical resource in Fortinet FortiNAC version 9.2.0, version 9.1.3 and below, version 8.8.9 and below allows attacker to gain higher privileges via the access to ... read more
  • CVE-2021-43071
    A heap-based buffer overflow in Fortinet FortiWeb version 6.4.1 and 6.4.0, version 6.3.15 and below, version 6.2.6 and below allows attacker to execute unauthorized code or commands via crafted HTTP ... read more
  • 89.07602
    Modified (2)Adware/MobiDash!AndroidAndroid/Agent.YG!tr.dldr ... read more
  • Múltiples vulnerabilidades en productos de Hitachi Energy
    Publication date: 12/09/2021 Importance: Crítica Affected resources: XMC20: Todas las versiones anteriores a R15A; FOX61x: Todas las versiones anteriores a R15A; RTU500 Series CMU con las versiones ... read more
  • Fallo de autenticación en OmniCore RobotWare de ABB
    Publication date: 12/09/2021 Importance: Crítica Affected resources: RobotWare, versiones anteriores a 7.3.2. Description: Se ha identificado una vulnerabilidad crítica en OmniCore RobotWare, que podría permitir a un ... read more
  • Múltiples vulnerabilidades en productos de Helmholz
    Publication date: 12/09/2021 Importance: Alta Affected resources: shDialup; myREX24; myREX24-virtual. Description: Noam Moshe de Claroty y LEWA Attendorn GmbH, todos ellos coordinados por el CERT@VDE, informaron ... read more
  • Open Design Alliance PRC SDK prior 2022.11 U3D File return out-of-bounds write
    A vulnerability, which was classified as critical, has been found in Open Design Alliance PRC SDK. This issue affects some unknown functionality of the component U3D File Handler. Upgrading to ... read more
  • M-Files Web prior 20.10.9524.1 HTTP Request Request-Range denial of service
    A vulnerability classified as problematic was found in M-Files Web. This vulnerability affects an unknown functionality of the component HTTP Request Handler. Upgrading to version 20.10.9524.1 eliminates this vulnerability. ... read more
  • [local] MTPutty 1.0.1.21 – SSH Password Disclosure
    MTPutty 1.0.1.21 - SSH Password Disclosure ... read more
  • [remote] Raspberry Pi 5.10 – Default Credentials
    Raspberry Pi 5.10 - Default Credentials ... read more
  • [webapps] Chikitsa Patient Management System 2.0.2 – 'backup' Remote Code Execution (RCE) (Authenticated)
    Chikitsa Patient Management System 2.0.2 - 'backup' Remote Code Execution (RCE) (Authenticated) ... read more
  • [webapps] LimeSurvey 5.2.4 – Remote Code Execution (RCE) (Authenticated)
    LimeSurvey 5.2.4 - Remote Code Execution (RCE) (Authenticated) ... read more
  • Kaseya Unitrends Backup Appliance prior 10.5.5 SNMP hard-coded credentials
    A vulnerability classified as critical has been found in Kaseya Unitrends Backup Appliance (Backup Software). This affects an unknown function of the component SNMP. Upgrading to version 10.5.5 eliminates this ... read more
  • Kaseya Unitrends Backup Appliance prior 10.5.5 HTTP Request format string
    A vulnerability was found in Kaseya Unitrends Backup Appliance (Backup Software). It has been rated as critical. Affected by this issue is some unknown processing of the component HTTP Request ... read more
  • [webapps] Chikitsa Patient Management System 2.0.2 – Remote Code Execution (RCE) (Authenticated)
    Chikitsa Patient Management System 2.0.2 - Remote Code Execution (RCE) (Authenticated) ... read more
  • Múltiples vulnerabilidades en controladores robóticos FANUC
    Fecha de publicación: 09/12/2021 Importancia: Alta Recursos afectados: R-30iA, R-30iA; v7: v7.20, v7.30, v7.40, v7.43, v7.50, v.763, v7.70. R-30iB, R-30iB Mate, R-30iB Compact; v8: v8.10, v8.13, v8.20, ... read more
  • Múltiples vulnerabilidades en productos de Hitachi Energy
    Fecha de publicación: 09/12/2021 Importancia: Crítica Recursos afectados: XMC20: Todas las versiones anteriores a R15A; FOX61x: Todas las versiones anteriores a R15A; RTU500 Series CMU con las ... read more
  • Múltiples vulnerabilidades en productos de Helmholz
    Fecha de publicación: 09/12/2021 Importancia: Alta Recursos afectados: shDialup; myREX24; myREX24-virtual. Descripción: Noam Moshe de Claroty y LEWA Attendorn GmbH, todos ellos coordinados por el CERT@VDE, ... read more
  • 89.07601
    Newly Added (1)Android/Banker.BHI!tr.spyModified (2)Adware/Pandaad!AndroidAndroid/Agent.YG!tr.dldr ... read more
  • Kaseya Unitrends Backup Appliance prior 10.5.5 Unitrends Windows Agent permission
    A vulnerability was found in Kaseya Unitrends Backup Appliance (Backup Software) and classified as critical. This issue affects an unknown part of the component Unitrends Windows Agent. Upgrading to version ... read more
  • Kaseya Unitrends Backup Appliance up to 10.5.4 Samba access control
    A vulnerability was found in Kaseya Unitrends Backup Appliance up to 10.5.4 (Backup Software). It has been classified as critical. Affected is an unknown code of the component Samba. Upgrading ... read more
  • Kaseya Unitrends Backup Appliance prior 10.5.5 vaultServer access control
    A vulnerability was found in Kaseya Unitrends Backup Appliance (Backup Software). It has been declared as critical. Affected by this vulnerability is an unknown code block of the component vaultServer. ... read more
  • Múltiples vulnerabilidades en controladores robóticos FANUC
    Publication date: 12/09/2021 Importance: Alta Affected resources: R-30iA, R-30iA; v7: v7.20, v7.30, v7.40, v7.43, v7.50, v.763, v7.70. R-30iB, R-30iB Mate, R-30iB Compact; v8: v8.10, v8.13, v8.20, v8.23, ... read more
  • Open Design Alliance Drawings SDK prior 2022.11 JPG File Parser out-of-bounds write
    A vulnerability classified as critical was found in Open Design Alliance Drawings SDK. Affected by this vulnerability is some unknown processing of the component JPG File Parser. Upgrading to version ... read more
  • Open Design Alliance Drawings SDK prior 2022.11 DGN File Parser out-of-bounds write
    A vulnerability, which was classified as critical, has been found in Open Design Alliance Drawings SDK. Affected by this issue is an unknown function of the component DGN File Parser. ... read more
  • Open Design Alliance Drawings Explorer prior 2022.11 TIF File out-of-bounds write
    A vulnerability has been found in Open Design Alliance Drawings Explorer and classified as critical. This vulnerability affects some unknown functionality of the component TIF File Handler. Upgrading to version ... read more
  • Open Design Alliance Drawings SDK prior 2022.11 DWF File use after free
    A vulnerability, which was classified as critical, was found in Open Design Alliance Drawings SDK. This affects an unknown functionality of the component DWF File Handler. Upgrading to version 2022.11 ... read more
  • Mehrere kritische Schwachstellen in SonicWall SMA 100 Series Appliances – Updates verfügbar
    09. Dezember 2021 Beschreibung SonicWall hat ein Security-Advisory zu mehreren, zum Teil kritischen, Schwachstellen in Appliances der SMA 100 Serie veröffentlicht. Derzeit gibt es laut SonicWall keine Hinweise darauf, dass ... read more
  • 89.07600
    Modified (2)Adware/MobiDash!AndroidAndroid/Cerberus.G!tr ... read more
  • Kaseya Unitrends Backup Appliance prior 10.5.5 Sudo Rule access control
    A vulnerability was found in Kaseya Unitrends Backup Appliance (Backup Software). It has been classified as problematic. This affects some unknown functionality of the component Sudo Rule Handler. Upgrading to ... read more
  • Kaseya Unitrends Backup Appliance prior 10.5.5 bpserverd Daemon input validation
    A vulnerability was found in Kaseya Unitrends Backup Appliance (Backup Software) and classified as very critical. Affected by this issue is an unknown functionality of the component bpserverd Daemon. Upgrading ... read more
  • Kaseya Unitrends Backup Appliance prior 10.5.5 sql injection
    A vulnerability was found in Kaseya Unitrends Backup Appliance (Backup Software). It has been rated as very critical. This issue affects an unknown code. Upgrading to version 10.5.5 eliminates this ... read more
  • Kaseya Unitrends Backup Appliance prior 10.5.5 vaultServer buffer overflow
    A vulnerability classified as critical has been found in Kaseya Unitrends Backup Appliance (Backup Software). Affected is an unknown code block of the component vaultServer. Upgrading to version 10.5.5 eliminates ... read more
  • Kaseya Unitrends Backup Appliance prior 10.5.5 Apache User access control
    A vulnerability was found in Kaseya Unitrends Backup Appliance (Backup Software). It has been declared as critical. This vulnerability affects an unknown part of the component Apache User Handler. Upgrading ... read more
  • Phishing Direct Messages via Discord, (Thu, Dec 9th)
    With the recent conclusion of Cyber Monday and the arrival of the Christmas season, many people would be on the lookout for great deals. Cybercriminals and organized digital crime groups ... read more
  • Mozilla Firefox/Firefox ESR/Thunderbird Protocol erweiterte Rechte
    Es wurde eine Schwachstelle in Mozilla Firefox, Firefox ESR sowie Thunderbird - die betroffene Version ist nicht klar definiert - (Web Browser) ausgemacht. Sie wurde als kritisch eingestuft. Dabei betrifft ... read more
  • Mozilla Firefox bis 93.x Information Disclosure [CVE-2021-43532]
    Eine problematische Schwachstelle wurde in Mozilla Firefox bis 93.x (Web Browser) ausgemacht. Es geht hierbei um ein unbekannter Codeblock. Ein Upgrade auf die Version 94.0 vermag dieses Problem zu beheben. ... read more
  • Mozilla Firefox/Firefox ESR/Thunderbird XMLHttpRequest Information Disclosure
    In Mozilla Firefox, Firefox ESR sowie Thunderbird - eine genaue Versionsangabe ist nicht möglich - (Web Browser) wurde eine Schwachstelle ausgemacht. Sie wurde als problematisch eingestuft. Hierbei betrifft es unbekannter ... read more
  • Mozilla Firefox/Firefox ESR/Thunderbird Live Pointer Pufferüberlauf
    In Mozilla Firefox, Firefox ESR sowie Thunderbird - die betroffene Version ist nicht bekannt - (Web Browser) wurde eine Schwachstelle gefunden. Sie wurde als kritisch eingestuft. Das betrifft eine unbekannte ... read more
  • Mozilla Firefox bis 94.x WebExtensions erweiterte Rechte
    Eine Schwachstelle wurde in Mozilla Firefox bis 94.x (Web Browser) gefunden. Sie wurde als kritisch eingestuft. Dies betrifft ein unbekannter Teil der Komponente WebExtensions. Ein Upgrade auf die Version 95.0 ... read more
  • Mozilla Firefox/Firefox ESR/Thunderbird Cursor erweiterte Rechte
    Eine problematische Schwachstelle wurde in Mozilla Firefox, Firefox ESR sowie Thunderbird - die betroffene Version ist nicht genau spezifiziert - (Web Browser) entdeckt. Betroffen davon ist ein unbekannter Prozess der ... read more
  • Mozilla Firefox/Firefox ESR/Thunderbird HTTP2 Opportunistic Encryption schwache Verschlüsselung
    Es wurde eine problematische Schwachstelle in Mozilla Firefox, Firefox ESR sowie Thunderbird - die betroffene Version ist nicht klar definiert - (Web Browser) gefunden. Hiervon betroffen ist eine unbekannte Funktionalität ... read more
Older posts

MG Strategy+ Industrial Control Systems Group @2019

KAVI MGS iSTRACIN Platform v 02.25 Thursday, December 9, 2021

  • Disclaimer |
  • Terms |
  • Privacy
  • About-Services |
  • Blog-Reports
  • YouTube
  • Pinterest
  • LinkedIn
  • Twitter
  • LinkedIn
  • Twitter
  • Connect-Contact

Login

Login to integratus systems Exchange Platform Services

Forgot password?
Register Now

Hello

  • Your Account Type is
  • Your Mail Id is
  • Your Username is

PDF Library Search

Security Briefing Search

Search

Reset Password

Reset Password

You have no permission to access this content