Password manager LastPass reveals intrusion into development system
LastPass, maker of a popular password management application, revealed Thursday that an unauthorized party gained access to its development environment through a compromised developer account...
CVE-2021-3585
A flaw was found in openstack-tripleo-heat-templates. Plain passwords from RHSM exist in the logs during OSP13 deployment with subscription-manager. Read More
CVE-2021-35939
It was found that the fix for CVE-2017-7500 and CVE-2017-7501 was incomplete: the check was only implemented for the parent directory of the file to...
CVE-2021-3574
A vulnerability was found in ImageMagick-7.0.11-5, where executing a crafted file with the convert command, ASAN detects memory leaks. Read More
CVE-2021-3563
A flaw was found in openstack-keystone. Only the first 72 characters of an application secret are verified allowing attackers bypass some password complexity which administrators...
CVE-2021-3427
The Deluge Web-UI is vulnerable to XSS through a crafted torrent file. The the data from torrent files is not properly sanitised as it's interpreted...
CVE-2021-3414
A flaw was found in satellite. When giving granular permission related to the organization, other permissions allowing a user to view and manage other organizations...
CVE-2021-20260
A flaw was found in the Foreman project. The Datacenter plugin exposes the password through the API to an authenticated local attacker with view_hosts permission....
Iran-Based MuddyWater Targets Log4j 2 Vulnerabilities in SysAid Apps in Israel
It is the first campaign in which the hacker group exploits SysAid apps as a vector for initial access Read More
TeamTNT Targeted Cloud Instances and Containerized Environments For Two Years
The hacking group most likely originates from Germany Read More