Google is adding its Dinosaur Game as an iPhone widget
Google is bringing its Dinosaur Game to Apple iPhones as an iOS widget that you can add to your...
Twitter is suffering from another worldwide outage today
Twitter is suffering a worldwide outage that started last night and is continuing into Saturday...
Microsoft fixes Windows 10 bug that can corrupt NTFS drives
Microsoft has fixed a bug that could allow a threat actor to create specially crafted downloads...
Microsoft fixes Windows 10 bug that marks drives as corrupted
Microsoft has fixed a bug that could allow a threat actor to create specially crafted downloads...
Ryuk ransomware operation updates hacking techniques
Recent attacks from Ryuk ransomware operators show that the actors have a new preference when it...
Google Chrome's new feature lets you easily share selected text
Google makes it easy to share text with friends and colleagues with a new Chrome 90 feature that...
Major BGP leak disrupts thousands of networks globally
A large BGP routing leak that occurred last night disrupted the connectivity for thousands of...
Vulnerabilities by Risk level (Last 12 months)
Vulnerabilities by Vendor (Last 12 months)
Latest Vulnerabilities
-
CVE-2021-3493
0.0The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the...
-
CVE-2021-3492
0.0Shiftfs, an out-of-tree stacking file system included in Ubuntu Linux kernels, did not properly handle faults occurring during copy_from_user() correctly. These could lead to either a double-free...
-
CVE-2020-36195
0.0An SQL injection vulnerability has been reported to affect QNAP NAS running Multimedia Console or the Media Streaming add-on. If exploited, the vulnerability allows remote attackers to obtain...
-
CVE-2020-2509
0.0A command injection vulnerability has been reported to affect QTS and QuTS hero. If exploited, this vulnerability allows attackers to execute arbitrary commands in a compromised application. We...
-
CVE-2021-29452
0.0a12n-server is an npm package which aims to provide a simple authentication system. A new HAL-Form was added to allow editing users in version 0.18.0. This feature should only have been accessible...
Latest Critical Vulnerabilities
-
CVE-2021-28482 - Unspecified vulnerability in Microsoft Exchange Server 2013/2016/2019
9.0Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28480, CVE-2021-28481, CVE-2021-28483.
-
CVE-2021-28481 - Unspecified vulnerability in Microsoft Exchange Server 2013/2016/2019
10.0Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28480, CVE-2021-28482, CVE-2021-28483.
-
CVE-2021-28480 - Unspecified vulnerability in Microsoft Exchange Server 2013/2016/2019
10.0Microsoft Exchange Server Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28481, CVE-2021-28482, CVE-2021-28483.
-
CVE-2021-0430 - Out-Of-Bounds Write vulnerability in Google Android 10.0/11.0
10.0In rw_mfc_handle_read_op of rw_mfc.cc, there is a possible out of bounds write due to a missing bounds check. This could lead to remote code execution via a malicious NFC packet with no additional...
-
CVE-2021-20020 - Improper Authentication vulnerability in Sonicwall Global Management System 9.3
10.0A command execution vulnerability in SonicWall GMS 9.3 allows a remote unauthenticated attacker to locally escalate privilege to root.
-
CVE-2020-21884 - Cross-Site Request Forgery (CSRF) vulnerability in Indionetworks products
9.3Unibox SMB 2.4 and UniBox Enterprise Series 2.4 and UniBox Campus Series 2.4 contain a cross-site request forgery (CSRF) vulnerability in /tools/network-trace, /list_users,...
-
CVE-2020-21883 - OS Command Injection vulnerability in Indionetworks products
9.0Unibox U-50 2.4 and UniBox Enterprise Series 2.4 and UniBox Campus Series 2.4 contain a OS command injection vulnerability in /tools/ping, which can leads to complete device takeover.
-
CVE-2021-30462 - Improper Privilege Management vulnerability in Vestacp Vesta Control Panel
9.0VestaCP through 0.9.8-24 allows the admin user to escalate privileges to root because the Sudo configuration does not require a password to run /usr/local/vesta/bin scripts.