Aggregator

CVE-2009-0301 | Grid2000 FlexCell Grid Control 5.6.9 ActiveX Control FlexCell.ocx Remote Code Execution (EDB-7868 / Nessus ID 41945)

9 months ago

A vulnerability was found in Grid2000 FlexCell Grid Control 5.6.9 and classified as critical. Affected by this issue is some unknown functionality of the file FlexCell.ocx of the component ActiveX Control. The manipulation leads to Remote Code Execution. This vulnerability is handled as CVE-2009-0301. The attack may be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2009-0305 | Research In Motion Limited BlackBerry Application Web Loader 1.0 ActiveX Control AxLoader.ocx memory corruption (VU#131100 / Nessus ID 35634)

Vuldb Updates

9 months ago

A vulnerability was found in Research In Motion Limited BlackBerry Application Web Loader 1.0. It has been declared as very critical. This vulnerability affects unknown code in the library AxLoader.dll of the file AxLoader.ocx of the component ActiveX Control. The manipulation leads to memory corruption. This vulnerability was named CVE-2009-0305. The attack can be initiated remotely. There is no exploit available.

vuldb.com

INC

Dark Feed IO

9 months ago

You must login to view this content

cohenido

OPM urged to continue identity protection contracts shielding people affected by 2015 hack

The Record

9 months ago

Sen. Mark Warner said the Office of Personnel Management must maintain ID protection services for millions of people whose data was stolen in a massive 2015 data breach at the agency.

CVE-2021-43813 | Grafana up to 7.5.11/8.3.1 md File path traversal (GHSA-c3q8-26ph-9g2q / Nessus ID 236716)

Vuldb Updates

9 months ago

A vulnerability has been found in Grafana up to 7.5.11/8.3.1 and classified as critical. This vulnerability affects unknown code of the component md File Handler. The manipulation leads to path traversal. This vulnerability was named CVE-2021-43813. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2020-8927 | Brotli up to 1.0.7 Decompression length parameter (Nessus ID 236717)

Vuldb Updates

9 months ago

A vulnerability has been found in Brotli up to 1.0.7 and classified as problematic. Affected by this vulnerability is an unknown functionality of the component Decompression Handler. The manipulation leads to improper handling of length parameter inconsistency. This vulnerability is known as CVE-2020-8927. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2021-27219 | GNOME GLib up to 2.66.5/2.67.2 on 64-bit g_bytes_new memory corruption (Nessus ID 236721)

Vuldb Updates

9 months ago

A vulnerability was found in GNOME GLib up to 2.66.5/2.67.2 on 64-bit. It has been declared as critical. Affected by this vulnerability is the function g_bytes_new. The manipulation leads to memory corruption. This vulnerability is known as CVE-2021-27219. The attack needs to be done within the local network. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2020-8927 | Microsoft Visual Studio 2019 16.11/2022 17.0 Brotli buffer overflow (USN-4568-1 / Nessus ID 236717)

Vuldb Updates

9 months ago

A vulnerability has been found in Microsoft Visual Studio 2019 16.11/2022 17.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the component Brotli. The manipulation leads to buffer overflow. This vulnerability is known as CVE-2020-8927. The attack can be launched remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

vuldb.com

CVE-2023-49286 | Squid Proxy up to 6.4 Helper Process Management incorrect check of function return value (GHSA-xggx-9329-3c27 / Nessus ID 236724)

Vuldb Updates

9 months ago

A vulnerability was found in Squid Proxy up to 6.4. It has been declared as problematic. This vulnerability affects unknown code of the component Helper Process Management. The manipulation leads to incorrect check of function return value. This vulnerability was named CVE-2023-49286. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

特朗普要求苹果停止在印度扩大制造业务

Solidot

9 months ago

美国总统特朗普称他告诉苹果 CEO 库克（Tim Cook）停止在印度扩大制造业务。由于中美目前暂停但并没有完全取消的关税战，苹果正在印度大幅扩大制造业务，计划二季度运往美国的大部分设备都由印度和越南制造。截至今年 3 月的一年内印度组装了价值 220 亿美元的 iPhone。特朗普称，库克正在印度各地建厂。“我不希望你们在印度建厂。印度可以自己照顾自己。”此举可能会阻碍印度成为全球科技制造中心的抱负。尽管印度刚刚向美国提出了“零关税协议”。

Why Context is King in Cyber Risk Quantification: Key Webinar Takeaways

Security Boulevard

9 months ago

In cybersecurity, the most complex problems often do not have neat solutions. But in a recent conversation with veteran CISO Ed Amoroso and Balbix CEO and Founder Gaurav Banga, one thing was clear: we’re past the point where “we tried our best” is enough. Accountability, quantification, and context are now table stakes for any organization …

The post Why Context is King in Cyber Risk Quantification: Key Webinar Takeaways appeared first on Security Boulevard.

Jagdish Upadhyay