VMware ESXi and vCenter Server security vulnerabilities (CVE-2021-21972, CVE-2021-21973, CVE-2021-21974)

CVE numbers – CVE-2021-21972, CVE-2021-21973, CVE-2021-21974 Multiple vulnerabilities in VMware ESXi and vSphere Client (HTML5) were privately reported to VMware. Updates

Read more

vSphere Replication updates address a command injection vulnerability (CVE-2021-21976)

vSphere Replication contains a post-authentication command injection vulnerability in “Startup Configuration” page. VMware has evaluated this issue to be ‘Important’ severity with

Read more

Siemens has 21 file parsing vulnerabilities in PLM products

Siemens has released nine new security advisories describing vulnerabilities affecting a range of products. The biggest advisory covers 21 security holes affecting JT2Go, a

Read more

Windows TCP/IP RCE and DoS Vulnerabilities [CVE-2021-24074 & CVE-2021-24086 & CVE-2021-24094]

CVE numbers – CVE-2021-24074 & CVE-2021-24086 & CVE-2021-24094 Microsoft released a set of fixes affecting Windows TCP/IP implementation that include two Critical Remote Code

Read more

Cisco Small Business RV160, RV160W, RV260, RV260P, and RV260W VPN Routers Remote Code Execution Vulnerabilities

CVE numbers – CVE-2021-1289, CVE-2021-1290, CVE-2021-1291, CVE-2021-1292, CVE-2021-1293, CVE-2021-1294, CVE-2021-1295 Multiple vulnerabilities in the web-based management interface of Cisco Small Business

Read more

Cisco Identity Services Engine Cross-Site Scripting Vulnerability [CVE-2020-3551]

CVE number – CVE-2020-3551 A vulnerability in the web-based management interface of Cisco Identity Services Engine (ISE) could allow an unauthenticated,

Read more

Critical bugs found in Realtek RTL8195A Wi-Fi module [CVE-2020-9395]

Analysis by the IoT security firm Vdoo, discovered that six major vulnerabilities exist in the Realtek RTL8195A wifi module.  This has

Read more

SonicWall Confirms SMA 100 Series 10. X Zero-Day Vulnerability

SonicWall has confirmed a zero-day vulnerability on SMA 100 series 10.x code. SMA 100 firmware prior to 10.x is unaffected

Read more

NETGEAR R7450 Password Recovery External Control of Critical State Data Authentication Bypass Vulnerability [CVE-2020-27872]

CVE number = CVE-2020-27872 This vulnerability allows network-adjacent attackers to bypass authentication on affected installations of NETGEAR R7450 routers. Authentication

Read more

Heap-Based Buffer Overflow in Sudo [CVE-2021-3156]

CVE number – CVE-2021-3156 The Qualys Research Team has discovered a heap overflow vulnerability in sudo, a near-ubiquitous utility available

Read more
%d bloggers like this: