KnowBe4 Buys Competitor MediaPRO

Enterprise Vulnerabilities
From DHS/US-CERT’s National Vulnerability Database CVE-2021-21510
PUBLISHED: 2021-03-08

Dell iDRAC8 versions prior to contain a host header injection vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability by injecting arbitrary ‘Host’ header values to poison a web-cache or trigger redirections.

PUBLISHED: 2021-03-08

Maxum Rumpus 8.2.13 and 8.2.14 is affected by a command injection vulnerability. The web administration contains functionality in which administrators are able to manage users. The edit users form contains a parameter vulnerable to command injection due to insufficient validation.

PUBLISHED: 2021-03-08

Maxum Rumpus 8.2.13 and 8.2.14 is affected by cross-site scripting (XSS). Users are able to create folders in the web application. The folder name is insufficiently validated resulting in a stored cross-site scripting vulnerability.

PUBLISHED: 2021-03-08

A flaw was found in keycloak in versions prior to 13.0.0. The client registration endpoint allows fetching information about PUBLIC clients (like client secret) without authentication which could be an issue if the same PUBLIC client changed to CONFIDENTIAL later. The highest threat from this vulner…

PUBLISHED: 2021-03-08

PowerScale OneFS 8.1.2,8.2.2 and 9.1.0 contains an improper input sanitization issue in a command. The Compadmin user could potentially exploit this vulnerability, leading to potential privileges escalation.


Next Post

MIRA-Aware Nice a step nearer to finalising AU$3. 5 billion dollars takeover associated with Vocus

Mon Mar 8 , 2021
Vocus is a step closer to finalising a good acquire provide through Macquarie Infrastructure plus True Possessions (MIRA) plus Conscious Top, valued at AU$3. 5 billion, right after saying this entered into the system execution deed (SID) with all the range upon Tuesday. The particular consortium is definitely proposing to […]