Aggregator

A vulnerability was found in Oracle MySQL Server up to 5.7.35/8.0.26. It has been declared as very critical. Affected by this vulnerability is an unknown functionality of the component OpenSSL. The manipulation leads to buffer overflow. This vulnerability is known as CVE-2021-3711. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Microsoft Visual Studio up to 2017 15.9/2019 16.11. Affected by this issue is some unknown functionality of the component OpenSSL. The manipulation leads to buffer overflow. This vulnerability is handled as CVE-2021-3711. Access to the local network is required for this attack to succeed. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as very critical, was found in Oracle Health Sciences InForm Publisher 6.2.1.1/6.3.1.1. Affected is an unknown function of the component Connector. The manipulation leads to buffer overflow. This vulnerability is traded as CVE-2021-3711. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical was found in Oracle Communications Session Border Controller 8.4/9.0. Affected by this vulnerability is an unknown functionality of the component Security. The manipulation leads to out-of-bounds read. This vulnerability is known as CVE-2021-3712. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, has been found in Oracle Communications Unified Session Manager 8.2.5/8.4.5. Affected by this issue is some unknown functionality of the component Security. The manipulation leads to out-of-bounds read. This vulnerability is handled as CVE-2021-3712. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as critical, was found in Oracle Enterprise Communications Broker 3.2/3.3. This affects an unknown part of the component Security. The manipulation leads to out-of-bounds read. This vulnerability is uniquely identified as CVE-2021-3712. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Oracle Enterprise Session Border Controller 8.4/9.0 and classified as critical. This vulnerability affects unknown code of the component Security. The manipulation leads to out-of-bounds read. This vulnerability was named CVE-2021-3712. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Oracle Siebel CRM up to 22.1. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Siebel Core - Server Infrastructure. The manipulation leads to out-of-bounds read. This vulnerability is known as CVE-2021-3712. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in Oracle Communications Cloud Native Core Console 1.9.0. It has been declared as critical. This vulnerability affects unknown code of the component CNC Console. The manipulation leads to out-of-bounds read. This vulnerability was named CVE-2021-3712. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability was found in Oracle Communications Cloud Native Core Security Edge Protection Proxy 1.7.0. It has been rated as critical. This issue affects some unknown processing of the component SEPP. The manipulation leads to out-of-bounds read. The identification of this vulnerability is CVE-2021-3712. The attack may be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability classified as critical has been found in Oracle Communications Cloud Native Core Unified Data Repository 1.15.0. Affected is an unknown function of the component UDR. The manipulation leads to out-of-bounds read. This vulnerability is traded as CVE-2021-3712. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A ransomware attack on Blue Yonder, a leading supply chain management software provider, has created ripples across global retail and manufacturing sectors, affecting major players like Starbucks and prominent UK supermarket chains. The breach, which occurred on November 21, underscores the cyber risks organizations face during the high-stakes holiday season. Blue Yonder provides critical supply […]

The post Blue Yonder Ransomware Attack Impacts Starbucks & Multiple Supermarkets appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

本周，互联网网络安全态势整体评价为良。

数据显示，日本用户在转向 Bluesky 等 X 的替代。根据 Similarweb 的数据，截至 10 月的 12 个月内，日本 Android 上的 Bluesky 月活用户数增长了五倍，同期 X 的用户数在下降。11 月的前两周，Bluesky 的日活用户数也有所增长。分析认为美国的总统大选以及日益极化对日本用户影响不大，促使日本用户转向 Bluesky 的动机主要与隐私和功能变化相关。X 最近修改了服务条款，允许 AI 使用用户推文训练；修改了屏蔽功能，以及越来越多的类机器人账号等都给日本用户留下了负面印象。Twitter Japan 直到 11 月 23 日才正式更名为 X Japan，日本大部分用户仍然称该平台为 Twitter。过去一年，日本 Android 平台上 X 的活跃用户数从约 740 万降至约 670 万，Meta 的 Threads 的日本活跃用户数从约 50 万增加到 150 万，Bluesky 则从约 5 万增加到约 50 万。

A vulnerability has been found in jQuery up to 3.4.x and classified as problematic. This vulnerability affects the function html. The manipulation leads to cross site scripting. This vulnerability was named CVE-2020-11023. The attack can be initiated remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

CampusGuard announced CampusGuard Central, its dynamic customer compliance portal. CampusGuard Central empowers organizations to manage PCI DSS compliance across their enterprise with a single, user-friendly tool. Central’s latest release includes the following enhancements: Updated user interface: Hide or expand the left navigation bar Collapsible group headers on the dashboard Expand the view to full screen Resize and/or filter data tables Full support for PCI DSS v4.0 Customers can define an unlimited number of Custom Fields … More →

The post CampusGuard Central empowers organizations to manage PCI DSS compliance appeared first on Help Net Security.

A vulnerability classified as critical was found in Netscape Browser up to 1.7. Affected by this vulnerability is an unknown functionality of the component SOAP. The manipulation leads to integer coercion error. This vulnerability is known as CVE-2004-0722. The attack can be launched remotely. Furthermore, there is an exploit available. It is recommended to upgrade the affected component.

Dell Technologies has released a security update for its Wyse Management Suite (WMS) to address multiple vulnerabilities that could allow malicious users to compromise affected systems. Wyse Management Suite is a flexible hybrid cloud solution that empowers IT admin to securely manage Dell client devices from anywhere. The vulnerabilities identified in Dell Wyse Management Suite are […]

The post Dell Wyse Management Suite Vulnerabilities Let Attackers Exploit Affected Systems Remotely appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.