Aggregator

A vulnerability, which was classified as critical, has been found in Autodesk Design Review 2011/2012/2013/2018. Affected by this issue is some unknown functionality of the component DLL Loader. Performing a manipulation results in untrusted search path. This vulnerability is reported as CVE-2019-7362. The attack requires a local approach. No exploit exists. It is advisable to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Autodesk Design Review 2011/2012/2013/2018. This affects an unknown part. Executing a manipulation can lead to use after free. This vulnerability appears as CVE-2019-7363. The attack requires local access. There is no available exploit. You should upgrade the affected component.

A vulnerability, which was classified as critical, was found in Autodesk Design Review 2011/2012/2013/2017/2018. This affects an unknown function of the component DWF File Handler. Such manipulation leads to memory corruption. This vulnerability is documented as CVE-2021-40167. The attack can be executed remotely. There is not any exploit available. You should upgrade the affected component.

A vulnerability described as critical has been identified in Nokia Infinera DNA. The affected element is an unknown function. Executing a manipulation can lead to sql injection. This vulnerability is tracked as CVE-2025-10258. The attack can be launched remotely. No exploit exists.

As the compliance deadline quickly approaches for changes to align the federal rules for the confidentiality of substance use disorder records with HIPAA, entities that participate in so-called Part 2 programs still face critical unanswered questions, said attorney Aleksandra Vold of BakerHostetler.

Leaked Financial and Admissions Data Includes Contact Details for 'Top Donors'
Harvard University has been named as a victim and doxed by hack-and-leak group ShinyHunters, apparently as a result of the cybercrime group's ongoing "live phishing" attacks that often attempt to trick IT help desks into giving attackers direct access to a victim's network and cloud-based data.

Acquisition Adds Okta and Ping Coverage to Semperis' Identity Security Platform
Semperis has acquired MightyID to extend its identity-first security and cyber resilience strategy beyond Active Directory and Entra ID into Okta and Ping. CEO Mickey Bresman says the deal addresses customer demand for multi-identity provider protection backup recovery and migration.

Southern Connecticut State University CIO Tom Armstrong on Modernization Priorities
Like other schools, Southern Connecticut State University is under pressure to modernize legacy systems, strengthen security and adopt AI. CIO Tom Armstrong must balance expanding research ambitions, student expectations and operational efficiency in an increasingly complex risk environment.

Funding at $1B Valuation Targets AI-Driven Investigations and Compliance Tools
TRM Labs has secured $70 million in Series C funding led by Blockchain Capital reaching a $1 billion valuation. CEO Esteban Castano says the money will boost AI-powered investigations, compliance automation and intelligence as criminals use AI to scale cybercrime faster than defenders can respond.

A vulnerability marked as problematic has been reported in web2py up to 2.27.1-stable+timestamp.2023.11.16.08.03.57. Impacted is an unknown function. Performing a manipulation results in open redirect. This vulnerability is identified as CVE-2026-25198. The attack can be initiated remotely. There is not any exploit available. It is suggested to install a patch to address this issue.

A vulnerability was found in Autodesk AutoCAD. It has been rated as critical. This impacts an unknown function of the component Image Processing. The manipulation leads to use after free. This vulnerability is traded as CVE-2021-40166. It is possible to initiate the attack remotely. There is no exploit available. Upgrading the affected component is advised.

A vulnerability was found in Autodesk AutoCAD and classified as critical. The affected element is an unknown function of the component Image Processing. Such manipulation leads to memory corruption. This vulnerability is documented as CVE-2021-40163. The attack can be executed remotely. There is not any exploit available. It is suggested to upgrade the affected component.

A vulnerability was found in Autodesk AutoCAD. It has been classified as critical. The impacted element is an unknown function of the component Image Processing. Performing a manipulation results in heap-based buffer overflow. This vulnerability is reported as CVE-2021-40164. The attacker must have access to the local network to execute the attack. No exploit exists. Upgrading the affected component is recommended.

A vulnerability was found in Autodesk AutoCAD. It has been declared as critical. This affects an unknown function of the component Image Processing. Executing a manipulation can lead to buffer overflow. This vulnerability appears as CVE-2021-40165. The attack may be performed from remote. There is no available exploit. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Autodesk AutoCAD. This issue affects some unknown processing of the component Image Processing. The manipulation results in buffer overflow. This vulnerability is cataloged as CVE-2021-40162. The attack may be launched remotely. There is no exploit available. You should upgrade the affected component.

A vulnerability was found in Intel CPU. It has been classified as critical. The affected element is an unknown function of the component UEFI Firmware. Performing a manipulation results in race condition. This vulnerability is cataloged as CVE-2023-41833. The attack must be initiated from a local position. There is no exploit available. Upgrading the affected component is recommended.

A vulnerability labeled as critical has been found in rhboot shim 15.8. This issue affects some unknown processing of the component HTTP Boot Support. Executing a manipulation can lead to origin validation error. This vulnerability is handled as CVE-2023-40547. The attack can only be done within the local network. There is not any exploit available. The affected component should be upgraded.

A vulnerability marked as problematic has been reported in TeamViewer up to 13.1.1548. This vulnerability affects unknown code of the file TeamViewer.exe of the component Password Storage. This manipulation causes information disclosure (Password). This vulnerability is handled as CVE-2018-14333. It is possible to launch the attack on the local host. There is not any exploit available. It is suggested to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Oracle Java SE 6u95/7u80/8u45. This affects an unknown function of the component 2D. Performing a manipulation results in denial of service. This vulnerability was named CVE-2015-2637. The attack may be initiated remotely. There is no available exploit. It is advisable to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Microsoft Windows. The affected element is an unknown function of the component Secure Kernel Mode. Performing a manipulation results in improper access controls. This vulnerability is cataloged as CVE-2024-21302. The attack must be initiated from a local position. There is no exploit available. It is advisable to upgrade the affected component.