Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-28797PUBLISHED: 2021-04-14
A stack-based buffer overflow vulnerability has been reported to affect QNAP NAS devices running Surveillance Station. If exploited, this vulnerability allows attackers to execute arbitrary code. QNAP have already fixed this vulnerability in the following versions: Surveillance Station 5.1.5.4.3 (an...
CVE-2020-36323PUBLISHED: 2021-04-14In the standard library in Rust before 1.50.3, there is an optimization for joining strings that can cause uninitialized bytes to be exposed (or the program to crash) if the borrowed string changes after its length is checked.
CVE-2021-31162PUBLISHED: 2021-04-14In the standard library in Rust before 1.53.0, a double free can occur in the Vec::from_iter function if freeing the element panics.
CVE-2017-20004PUBLISHED: 2021-04-14In the standard library in Rust before 1.19.0, there is a synchronization problem in the MutexGuard object. MutexGuards can be used across threads with any types, allowing for memory safety issues through race conditions.
CVE-2018-25008PUBLISHED: 2021-04-14In the standard library in Rust before 1.29.0, there is weak synchronization in the Arc::get_mut method. This synchronization issue can be lead to memory safety issues through race conditions.
User Rank: Strategist
9/17/2014 | 11:28:16 AM
I use a passwordcard (easily found on the web), and only have to remember the starting row/column for the password. On sites which permit password hints, that is all the info I need. Only I know if I'm parsing UP/DOWN/Left/Diagonal,Knightwise, etc. And I know how many characters I'm using - more than 8, less than 50.
I've used the same process when sending secured data to someone who does not have a valid PGP key on my keychain. Share a passwordcard with them, email the starting location and pattern, and encrypt the 7Z using that password. Cumbersome, but unfortunately easy security is easily defeated.