CVE-2021-45490: Missing Certificate Verification in 3CX Client for Windows (legacy), Android & iOS
Posted by Emanuel DUSS on Mar 20 ############################################################# # # COMPASS SECURITY ADVISORY # https://www.compass-security.com/research/advisories/ # ############################################################# # # Product: 3CX Client for Windows (legacy),...
DSA-5106 thunderbird – security update
Multiple security issues were discovered in Thunderbird, which could result in the execution of arbitrary code or information disclosure. Read More
CVE-2020-26007
An arbitrary file upload vulnerability in the upload payment plugin of ShopXO v1.9.0 allows attackers to execute arbitrary code via uploading a crafted PHP file....
CVE-2020-26008
The PluginsUpload function in application/service/PluginsAdminService.php of ShopXO v1.9.0 contains an arbitrary file upload vulnerability which allows attackers to execute arbitrary code via uploading a crafted...
dotnet3.1-3.1.417-1.fc34
FEDORA-2022-d28042f559 Packages in this update: dotnet3.1-3.1.417-1.fc34 Update description: This is the March 2022 update for .NET Core 3.1: SDK 3.1.417 and Runtime 3.1.23 Release notes:...
dotnet3.1-3.1.417-1.fc35
FEDORA-2022-5ecee47acb Packages in this update: dotnet3.1-3.1.417-1.fc35 Update description: This is the March 2022 update for .NET Core 3.1: SDK 3.1.417 and Runtime 3.1.23 Release notes:...
dotnet3.1-3.1.417-1.fc36
FEDORA-2022-9e046f579a Packages in this update: dotnet3.1-3.1.417-1.fc36 Update description: This is the March 2022 update for .NET Core 3.1: SDK 3.1.417 and Runtime 3.1.23 Release notes:...
New Rootkit Used by UNC2891 for ATM Money Heist
FortiGuard Labs is aware of a report that a threat actor known as UNC2891 used a previously unknown rootkit to capture banking card and PIN...
CVE-2020-25176
Some commands used by the Rockwell Automation ISaGRAF Runtime Versions 4.x and 5.x eXchange Layer (IXL) protocol perform various file operations in the file system....