This joint advisory is the result of a collaborative effort by the cybersecurity authorities of Australia,[1] New Zealand,[2] Singapore,[3] the United Kingdom,[4] and the United States.[5][6] These authorities are aware of cyber actors exploiting vulnerabilities in Accellion File Transfer Appliance (FTA).[7] This activity has impacted organizations globally, including those in […]
Publications
74cms — 74cms In 74cms version 5.0.1, there is a remote code execution vulnerability in /Application/Admin/Controller/ConfigController.class.php and /ThinkPHP/Common/functions.php where attackers can obtain server permissions and control the server. 2021-02-17 not yet calculated CVE-2020-35339MISCMISC activepresenter — activepresenter ActivePresenter 6.1.6 is affected by a memory corruption vulnerability that may result in a […]
The North Korean government has used multiple versions of AppleJeus since the malware was initially discovered in 2018. This section outlines seven of the versions below. The MARs listed above provide further technical details of these versions. Initially, HIDDEN COBRA actors used websites that appeared to host legitimate cryptocurrency trading […]
1password — scim_bridge 1Password SCIM Bridge before 1.6.2 mishandles validation of authenticated requests for log files, leading to disclosure of a TLS private key. 2021-02-08 4 CVE-2021-26905MISCCONFIRM adminer — adminer Adminer through 4.7.8 allows XSS via the history parameter to the default URI. 2021-02-09 4.3 CVE-2020-35572MISCMISC adobe — acrobat Acrobat […]
Summary On February 5, 2021, unidentified cyber actors obtained unauthorized access to the supervisory control and data acquisition (SCADA) system at a U.S. drinking water treatment plant. The unidentified actors used the SCADA system’s software to increase the amount of sodium hydroxide, also known as lye, a caustic chemical, as […]
huawei — multiple_products There is an information leak vulnerability in eCNS280_TD versions V100R005C00 and V100R005C10. A command does not have timeout exit mechanism. Temporary file contains sensitive information. This allows attackers to obtain information by inter-process access that requires other methods. 2021-02-06 not yet calculated CVE-2021-22300CONFIRM allen-bradley — flex_io_1794-aent/b An […]
rocket.chat — rocket.chat Rocket.Chat server before 3.9.0 is vulnerable to a self cross-site scripting (XSS) vulnerability via the drag & drop functionality in message boxes. 2021-01-26 not yet calculated CVE-2020-8292MISCMISC 4images — image_gallary_management_system 4images Image Gallery Management System 1.7.11 is affected by cross-site scripting (XSS) in the Image URL. This […]
appgini — online_invoicing_system Online Invoicing System (OIS) is open source software which is a lean invoicing system for small businesses, consultants and freelancers created using AppGini. In OIS version 4.0 there is a stored XSS which can enables an attacker takeover of the admin account through a payload that extracts […]
1c — 1c:enterprise The Web server in 1C:Enterprise 8 before 8.3.17.1851 sends base64 encoded credentials in the creds URL parameter. 2021-01-13 not yet calculated CVE-2021-3131MISC 360f5 — 360f5 In the 3.1.3.64296 and lower version of 360F5, the third party can trigger the device to send a deauth frame by constructing […]
actionpack_gem_for_ruby_on_rails — actionpack_gem_for_ruby_on_rails In actionpack gem >= 6.0.0, a possible XSS vulnerability exists when an application is running in development mode allowing an attacker to send or embed (in another page) a specially crafted URL which can allow the attacker to execute JavaScript in the context of the local application. […]