MG Strategy+

Cybersecurity Data Services

 
  • Join Now-Sign Up
  • Log In
Tag : United States

Flexera Software Country Reports: United States: United Kingdom: Nordics: France: Benelux: DACH: APAC

  The Flexera Software Country Reports tell you how much vulnerable software is present on private PCs in key countries/regions […]

  • Editor Paper Extracts
  • Editor Picks Articles
  • Editor Picks Maps
  • Editor Picks Reports
  • MGS+ EPCM Workgroup
  • MGS+ ICS Workgroup
  • MGS+ Operational Efficiencies Workgroup
  • MGS+ Partners
  • Uncategorized

001 MGS Alerts Advisories

  • Chris DeRusha Named Federal CISO
    DeRusha Worked in Obama's Administration as a Cybersecurity AdviserFormer Obama White House cybersecurity official Chris DeRusha has been appointed federal CISO by the Biden administration after having served as CISO ... read more
  • NA – CVE-2020-35124 – A cross-site scripting (XSS) vulnerability in…
    A cross-site scripting (XSS) vulnerability in the assets component of Mautic before 3.2.4 allows remote attackers to inject executable JavaScript through the Referer header of asset downloads. ... read more
  • NA – CVE-2021-3142 – ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER….
    ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2020-35128. Reason: This candidate is a reservation duplicate of CVE-2020-35128. Notes: All CVE users should reference CVE-2020-35128 ... read more
  • CVE-2021-3142
    ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2020-35128. Reason: This candidate is a reservation duplicate of CVE-2020-35128. Notes: All CVE users should reference CVE-2020-35128 instead of this ... read more
  • CVE-2020-35124
    A cross-site scripting (XSS) vulnerability in the assets component of Mautic before 3.2.4 allows remote attackers to inject executable JavaScript through the Referer header of asset downloads. ... read more
  • Malwarebytes, another victim of SolarWinds security incident perpetrators
    Publication date: 01/19/2021 Malwarebytes, the popular cybersecurity services company, has confirmed that it has suffered a cyberattack by the same threat actors that caused the security incidents stemming from ... read more
  • Malwarebytes, otra víctima de los autores del incidente de seguridad de SolarWinds
    Fecha de publicación: 19/01/2021 Malwarebytes, la popular compañía que ofrece servicios de ciberseguridad, ha confirmado haber sufrido un ciberataque protagonizado por los mismos actores de amenazas que han ocasionado ... read more
  • Mozilla: Racism, misinformation, anti-worker policies are ‘undermining’ the Internet
    Mozilla’s latest Internet Health report reveals an online world becoming fragmented by critical social issues. ... read more
  • Citrix's $2.3 million settlement offer for employees impacted by data breach approved
    Hackers lurked undetected in company systems for five months. ... read more
  • CSO's ultimate guide to security and privacy laws, regulations, and compliance
    CSO's ultimate guide to security and privacy laws, regulations, and compliance Security and privacy laws, regulations, and compliance: The complete guide This directory includes laws, regulations and industry guidelines ... read more
  • Dead System Admin's Credentials Used for Ransomware Attack
    Sophos: 'Ghost' Accounts Present a Potential Security DangerThe operators of the Nefilim ransomware used the credentials of a deceased system administrator to plant their crypto-locking malware in about 100 vulnerable ... read more
  • [webapps] WordPress Plugin SuperForms 4.9 – Arbitrary File Upload to Remote Code Execution
    WordPress Plugin SuperForms 4.9 - Arbitrary File Upload to Remote Code Execution ... read more
  • 83.615
    Newly Added (1)Android/Boogr.EQN!trModified (5)Adware/Agent!AndroidAdware/HiddenAd!AndroidAdware/MobiDash!AndroidAdware/Notifyer!AndroidAndroid/Agent.BSS!tr ]]> ... read more
  • [dos] jQuery UI 1.12.1 – Denial of Service (DoS)
    jQuery UI 1.12.1 - Denial of Service (DoS) ... read more
  • [webapps] Umbraco CMS 7.12.4 – Remote Code Execution (Authenticated)
    Umbraco CMS 7.12.4 - Remote Code Execution (Authenticated) ... read more
  • [webapps] Fuel CMS 1.4.1 – Remote Code Execution (2)
    Fuel CMS 1.4.1 - Remote Code Execution (2) ... read more
  • [webapps] CMSUno 1.6.2 – 'lang/user' Remote Code Execution (Authenticated)
    CMSUno 1.6.2 - 'lang/user' Remote Code Execution (Authenticated) ... read more
  • [webapps] OpenEMR 5.0.1 – Remote Code Execution (Authenticated) (2)
    OpenEMR 5.0.1 - Remote Code Execution (Authenticated) (2) ... read more
  • Trojan.Win64.COMBACKER.YABA-A
    Threat type: Trojan Aliases: Trojan.Win64.Agent (IKARUS), Trojan:Win64/Comebacker.A!dha (MICROSOFT) Platforms: Windows Overall Risk Rating: Low Damage Potential: Medium Distribution Potential: Low Reported Infection: Low Information Exposure: Low Overview: This Trojan arrives ... read more
  • 83.614
    Modified (4)Adware/Agent!AndroidAdware/FireAd!AndroidAdware/MobiDash!AndroidAdware/Plague!Android ]]> ... read more
  • Introducing data breach guidance for individuals and families
    Unpicking the NCSC's new data breach guidance released to coincide with International Data Privacy Day. ... read more
  • Denegación de servicio en 4CCT
    Fecha de publicación: 28/01/2021 Importancia: Alta Recursos afectados: 4CCT-EA6-334126BF, versión de firmware 3.23.80.27.36371. Descripción: INCIBE ha coordinado la publicación de una vulnerabilidad en el dispositivo ZIV 4CCT, ... read more
  • Autenticación inapropiada en 4CCT
    Fecha de publicación: 28/01/2021 Importancia: Alta Recursos afectados: 4CCT-EA6-334126BF, versión de firmware 3.23.77.8.33251. Descripción: INCIBE ha coordinado la publicación de una vulnerabilidad en el dispositivo ZIV 4CCT, ... read more
  • [webapps] EgavilanMedia PHPCRUD 1.0 – 'Full Name' Stored Cross Site Scripting
    EgavilanMedia PHPCRUD 1.0 - 'Full Name' Stored Cross Site Scripting ... read more
  • 注意喚起: sudoの脆弱性(CVE-2021-3156)に関する注意喚起 (更新)
    ... read more
  • GoDaddy node-config-shield bis 0.2.1 auf Node.js set Command scripts/cli.js erweiterte Rechte [Infragegestellt]
    Eine kritische Schwachstelle wurde in GoDaddy node-config-shield bis 0.2.1 auf Node.js (JavaScript Library) gefunden. Davon betroffen ist unbekannter Code der Datei scripts/cli.js der Komponente set Command Handler. Ein Aktualisieren auf ... read more
  • Atlassian Bamboo bis 7.2.1 Endpoint /chart Information Disclosure
    Eine Schwachstelle wurde in Atlassian Bamboo bis 7.2.1 gefunden. Sie wurde als problematisch eingestuft. Hierbei geht es um unbekannter Programmcode der Datei /chart der Komponente Endpoint. Ein Upgrade auf die ... read more
  • Accfly Wireless Security IR Camera System 720P bis 4.15.77 Update Procedure CFtpProtocol::FtpLogin Pufferüberlauf
    In Accfly Wireless Security IR Camera System 720P bis 4.15.77 wurde eine Schwachstelle gefunden. Sie wurde als kritisch eingestuft. Dabei geht es um die Funktion CFtpProtocol::FtpLogin der Komponente Update Procedure ... read more
  • Accfly Wireless Security IR Camera System 720P bis 4.15.77 Message SubOprMsg Pufferüberlauf
    Es wurde eine Schwachstelle in Accfly Wireless Security IR Camera System 720P bis 4.15.77 gefunden. Sie wurde als kritisch eingestuft. Es geht dabei um die Funktion CNetClientGuard::SubOprMsg der Komponente Message ... read more
  • Accfly Wireless Security IR Camera System 720P bis 4.15.77 Message CNetClientTalk::OprMsg Pufferüberlauf
    Eine Schwachstelle wurde in Accfly Wireless Security IR Camera System 720P bis 4.15.77 entdeckt. Sie wurde als kritisch eingestuft. Es geht hierbei um die Funktion CNetClientTalk::OprMsg der Komponente Message Handler. ... read more
  • Accfly Wireless Security IR Camera 720P bis 4.15.77 Message ServerIP_Proto_Set Pufferüberlauf
    In Accfly Wireless Security IR Camera 720P bis 4.15.77 wurde eine Schwachstelle entdeckt. Sie wurde als kritisch eingestuft. Es geht um die Funktion CNetClientManage::ServerIP_Proto_Set der Komponente Message Handler. Es sind ... read more
  • WinSCP bis 5.17.9 URL erweiterte Rechte
    Es wurde eine Schwachstelle in WinSCP bis 5.17.9 (Connectivity Software) entdeckt. Sie wurde als kritisch eingestuft. Betroffen hiervon ist ein unbekannter Ablauf der Komponente URL Handler. Ein Aktualisieren auf die ... read more
  • DzzOffice bis 2.02.1 attach/ajax.php editorid Cross Site Scripting
    Es wurde eine problematische Schwachstelle in DzzOffice bis 2.02.1 ausgemacht. Hiervon betroffen ist ein unbekannter Codeblock der Datei attach/ajax.php. Es sind keine Informationen bezüglich Gegenmassnahmen bekannt. Der Einsatz eines alternativen ... read more
  • GNU C Library bis 2.32 ISO-2022-JP-3 Encoding Denial of Service
    Eine problematische Schwachstelle wurde in GNU C Library bis 2.32 (Software Library) ausgemacht. Betroffen davon ist ein unbekannter Prozess der Komponente ISO-2022-JP-3 Encoding Handler. Die Schwachstelle lässt sich durch das ... read more
  • Monitorix 3.13.0 Basic Authentication schwache Authentisierung
    In Monitorix 3.13.0 wurde eine kritische Schwachstelle ausgemacht. Betroffen ist eine unbekannte Verarbeitung der Komponente Basic Authentication Handler. Ein Aktualisieren auf die Version 3.13.1 vermag dieses Problem zu lösen. Eine ... read more
  • Autenticación inapropiada en 4CCT
    Publication date: 01/28/2021 Importance: Alta Affected resources: 4CCT-EA6-334126BF, versión de firmware 3.23.77.8.33251. Description: INCIBE ha coordinado la publicación de una vulnerabilidad en el dispositivo ZIV 4CCT, con ... read more
  • Denegación de servicio en 4CCT
    Publication date: 01/28/2021 Importance: Alta Affected resources: 4CCT-EA6-334126BF, versión de firmware 3.23.80.27.36371. Description: INCIBE ha coordinado la publicación de una vulnerabilidad en el dispositivo ZIV 4CCT, con ... read more
  • NA – CVE-2020-25784 – An issue was discovered on Accfly Wireless…
    An issue was discovered on Accfly Wireless Security IR Camera System 720P with software versions v3.10.73 through v4.15.77. There is an unauthenticated stack-based buffer overflow in the function ... read more
  • NA – CVE-2020-0237 – ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER….
    ** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: ... read more
  • NA – CVE-2020-25782 – An issue was discovered on Accfly Wireless…
    An issue was discovered on Accfly Wireless Security IR Camera 720P System with software versions v3.10.73 through v4.15.77. There is an unauthenticated stack-based buffer overflow in the function ... read more
  • NA – CVE-2020-25785 – An issue was discovered on Accfly Wireless…
    An issue was discovered on Accfly Wireless Security IR Camera System 720P with software versions v3.10.73 through v4.15.77. There is an unauthenticated stack-based buffer overflow in the function ... read more
  • NA – CVE-2021-26067 – Affected versions of Atlassian Bamboo allow an…
    Affected versions of Atlassian Bamboo allow an unauthenticated remote attacker to view a stack trace that may reveal the path for the home directory in disk and if certain files ... read more
  • NA – CVE-2020-25783 – An issue was discovered on Accfly Wireless…
    An issue was discovered on Accfly Wireless Security IR Camera System 720P with software versions v3.10.73 through v4.15.77. There is an unauthenticated heap-based buffer overflow in the function ... read more
  • GoDaddy node-config-shield up to 0.2.1 on Node.js set Command scripts/cli.js access control [Disputed]
    A vulnerability was found in GoDaddy node-config-shield up to 0.2.1 on Node.js (JavaScript Library) and classified as critical. This issue affects an unknown code block of the file scripts/cli.js of ... read more
  • Accfly Wireless Security IR Camera System 720P up to 4.15.77 Update Procedure CFtpProtocol::FtpLogin stack-based overflow
    A vulnerability has been found in Accfly Wireless Security IR Camera System 720P up to 4.15.77 and classified as critical. Affected by this vulnerability is the function CFtpProtocol::FtpLogin of the ... read more
  • Atlassian Bamboo up to 7.2.1 Endpoint /chart information disclosure
    A vulnerability was found in Atlassian Bamboo up to 7.2.1 and classified as problematic. Affected by this issue is an unknown function of the file /chart of the component Endpoint. ... read more
  • Accfly Wireless Security IR Camera System 720P up to 4.15.77 Message SubOprMsg stack-based overflow
    A vulnerability, which was classified as critical, was found in Accfly Wireless Security IR Camera System 720P up to 4.15.77. Affected is the function CNetClientGuard::SubOprMsg of the component Message Handler. ... read more
  • Accfly Wireless Security IR Camera System 720P up to 4.15.77 Message CNetClientTalk::OprMsg heap-based overflow
    A vulnerability, which was classified as critical, has been found in Accfly Wireless Security IR Camera System 720P up to 4.15.77. This issue affects the function CNetClientTalk::OprMsg of the component ... read more
  • Accfly Wireless Security IR Camera 720P up to 4.15.77 Message ServerIP_Proto_Set stack-based overflow
    A vulnerability classified as critical was found in Accfly Wireless Security IR Camera 720P up to 4.15.77. This vulnerability affects the function CNetClientManage::ServerIP_Proto_Set of the component Message Handler. There is ... read more
  • GNU C Library up to 2.32 ISO-2022-JP-3 Encoding denial of service
    A vulnerability was found in GNU C Library up to 2.32 (Software Library). It has been rated as problematic. Affected by this issue is an unknown functionality of the component ... read more
Older posts

MG Strategy+ Industrial Control Systems Group @2019

KAVI MGS iSTRACIN Platform v 02.25 Thursday, January 28, 2021

  • Disclaimer |
  • Terms |
  • Privacy
  • About-Services |
  • Blog-Reports
  • YouTube
  • Pinterest
  • LinkedIn
  • Twitter
  • LinkedIn
  • Twitter
  • Connect-Contact

Login

Login to integratus systems Exchange Platform Services

Forgot password?
Register Now

Hello

  • Your Account Type is
  • Your Mail Id is
  • Your Username is

PDF Library Search

Security Briefing Search

United States Search

Reset Password

Reset Password

You have no permission to access this content