Pinned toot

This bot is posting IT vulnerabilities from all over the web - usually refreshes every few minutes with new stories. If you would like to see more sites included, write to the maintainer @emanuel - you might also be interested in @itsecbot

CVE-2021-35235 - The ASP.NET debug feature is enabled by default in Kiwi Syslog Server 9.7.2 and previous ... - web.nvd.nist.gov/view/vuln/det

CVE-2011-4126 - Race condition issues were found in Calibre at devices/linux_mount_helper.c allowing unpr... - web.nvd.nist.gov/view/vuln/det

CVE-2021-35233 - The HTTP TRACK & TRACE methods were enabled in Kiwi Syslog Server 9.7.1 and earlier. ... - web.nvd.nist.gov/view/vuln/det

CVE-2021-37129 - There is an out of bounds write vulnerability in some Huawei products. The vulnerability ... - web.nvd.nist.gov/view/vuln/det

CVE-2021-37127 - There is a signature management vulnerability in some huawei products. An attacker can fo... - web.nvd.nist.gov/view/vuln/det

CVE-2021-37130 - There is a path traversal vulnerability in Huawei FusionCube 6.0.2.The vulnerability is d... - web.nvd.nist.gov/view/vuln/det

CVE-2011-4574 - PolarSSL versions prior to v1.1 use the HAVEGE random number generation algorithm. At its... - web.nvd.nist.gov/view/vuln/det

CVE-2021-32951 - WebAccess/NMS (Versions prior to v3.0.3_Build6299) has an improper authentication vulnera... - web.nvd.nist.gov/view/vuln/det

CVE-2021-26610 - The move_uploaded_file function in godomall5 does not perform an integrity check of exten... - web.nvd.nist.gov/view/vuln/det

CVE-2021-37131 - There is a CSV injection vulnerability in ManageOne, iManager NetEco and iManager NetEco ... - web.nvd.nist.gov/view/vuln/det

CVE-2021-23877 - Privilege escalation vulnerability in the Windows trial installer of McAfee Total Protect... - web.nvd.nist.gov/view/vuln/det

CVE-2020-22864 - A cross site scripting (XSS) vulnerability in the Insert Video function of Froala WYSIWYG... - web.nvd.nist.gov/view/vuln/det

CVE-2021-41866 - MyBB before 1.8.28 allows stored XSS because the displayed Template Name value in the Adm... - web.nvd.nist.gov/view/vuln/det

CVE-2020-10782 (ansible_tower) - An exposure of sensitive information flaw was found in Ansible version 3.7.0. Sensitive i... - web.nvd.nist.gov/view/vuln/det

CVE-2020-10754 (fedora, networkmanager) - It was found that nmcli, a command line interface to NetworkManager did not honour 802-1x... - web.nvd.nist.gov/view/vuln/det

CVE-2020-10737 (oddjob) - A race condition was found in the mkhomedir tool shipped with the oddjob package in versi... - web.nvd.nist.gov/view/vuln/det

CVE-2020-11056 (sprout_forms) - In Sprout Forms before 3.9.0, there is a potential Server-Side Template Injection vulnera... - web.nvd.nist.gov/view/vuln/det

CVE-2020-11035 (fedora, glpi) - In GLPI after version 0.83.3 and before version 9.4.6, the CSRF tokens are generated usin... - web.nvd.nist.gov/view/vuln/det

CVE-2020-11024 (moonlight) - In Moonlight iOS/tvOS before 4.0.1, the pairing process is vulnerable to a man-in-the-mid... - web.nvd.nist.gov/view/vuln/det

CVE-2020-11012 (minio) - MinIO versions before RELEASE.2020-04-23T00-58-49Z have an authentication bypass issue in... - web.nvd.nist.gov/view/vuln/det

Show older
Mastodon @ schleuss.online

This instance has a focus on retro video games and game collector discussion. Please, no #NSFW and other 18+ discussion on this instance. See rules for more details