LIVE EVENTS
More Coming Soon
ONLINE EVENTS
Check out these online events that are available from the comfort of your computer! View our complete list of Upcoming Webinars so you can attend a live session or our Webinar Archives for webinars that are available On-Demand!
Upcoming Online Events
|
A Radical Approach to Threat Intel Management |
|
Building an Application Security Strategy For the Next Decade |
|
Making Cybersecurity Work in Small and Medium-Sized Businesses |
|
Building the SOC of the Future: Next-Generation Security Operations |
|
Protecting Your Enterprise's Intellectual Property |
|
How Elite Analyst Teams are Transforming Security with Cyber Reconnaissance |
Don't forget to view our complete list of Webinar Archives for webinars that are available On-Demand!
White Papers
Video
Current Issue


Flash Poll


Twitter Feed

Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database CVE-2020-25533
PUBLISHED: 2021-01-15
PUBLISHED: 2021-01-15
PUBLISHED: 2021-01-15
PUBLISHED: 2021-01-15
PUBLISHED: 2021-01-15
From DHS/US-CERT's National Vulnerability Database CVE-2020-25533
PUBLISHED: 2021-01-15
An issue was discovered in Malwarebytes before 4.0 on macOS. A malicious application was able to perform a privileged action within the Malwarebytes launch daemon. The privileged service improperly validated XPC connections by relying on the PID instead of the audit token. An attacker can construct ...
CVE-2021-3162PUBLISHED: 2021-01-15
Docker Desktop Community before 2.5.0.0 on macOS mishandles certificate checking, leading to local privilege escalation.
CVE-2021-21242PUBLISHED: 2021-01-15
OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, there is a critical vulnerability which can lead to pre-auth remote code execution. AttachmentUploadServlet deserializes untrusted data from the `Attachment-Support` header. This Servlet does not enforce any authentication or a...
CVE-2021-21245PUBLISHED: 2021-01-15
OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, AttachmentUploadServlet also saves user controlled data (`request.getInputStream()`) to a user specified location (`request.getHeader("File-Name")`). This issue may lead to arbitrary file upload which can be used to u...
CVE-2021-21246PUBLISHED: 2021-01-15
OneDev is an all-in-one devops platform. In OneDev before version 4.0.3, the REST UserResource endpoint performs a security check to make sure that only administrators can list user details. However for the `/users/` endpoint there are no security checks enforced so it is possible to retrieve ar...