Researchers extract master encryption key from Siemens PLCs
Security researchers have found a way to extract a global encryption key that was hardcoded in the CPUs of several Siemens programmable logic controller (PLC)...
CVE-2021-0951
In DevmemIntHeapAcquire of TBD, there is a possible arbitrary code execution due to an integer overflow. This could lead to local escalation of privilege with...
CVE-2021-0696
In dllist_remove_node of TBD, there is a possible use after free bug due to a race condition. This could lead to local escalation of privilege...
CVE-2020-14131
The Xiaomi Security Center expresses heartfelt thanks to ADLab of VenusTech ! At the same time, we also welcome more outstanding and professional security experts...
CVE-2020-14129
A logic vulnerability exists in a Xiaomi product. The vulnerability is caused by an identity verification failure, which can be exploited by an attacker who...
USN-5670-1: .NET 6 vulnerability
Edward Thomson discovered that .NET 6 incorrectly handled permissions for local NuGet cache. A local attacker could possibly use this issue to execute arbitrary code....
CVE-2021-36913
Unauthenticated Options Change and Content Injection vulnerability in Qube One Redirection for Contact Form 7 plugin <= 2.4.0 at WordPress allows attackers to change options...
CVE-2021-36899
Authenticated (admin+) Reflected Cross-Site Scripting (XSS) vulnerability in Gabe Livan's Asset CleanUp: Page Speed Booster plugin <= 1.3.8.4 at WordPress. Read More
Microsoft’s October 2022 Patch Tuesday Addresses 84 CVEs (CVE-2022-41033)
Microsoft’s October 2022 Patch Tuesday Addresses 84 CVEs (CVE-2022-41033) Microsoft addresses 84 CVEs in its October 2022 Patch Tuesday release, including 13 critical flaws. 13Critical...
CISOs Tell All: Everything You’ve Ever Wanted To Know About CISOs in 2022
You’ve got questions and they’ve got answers. A global survey provides a snapshot of what it’s like to sit in the CISO chair, as these...