Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-26788PUBLISHED: 2021-03-08
Oryx Embedded CycloneTCP 1.7.6 to 2.0.0, fixed in 2.0.2, is affected by incorrect input validation, which may cause a denial of service (DoS). To exploit the vulnerability, an attacker needs to have TCP connectivity to the target system. Receiving a maliciously crafted TCP packet from an unauthentic...
CVE-2021-23351PUBLISHED: 2021-03-08
The package github.com/pires/go-proxyproto before 0.5.0 are vulnerable to Denial of Service (DoS) via the parseVersion1() function. The reader in this package is a default bufio.Reader wrapping a net.Conn. It will read from the connection until it finds a newline. Since no limits are implemented in ...
CVE-2009-20001PUBLISHED: 2021-03-07An issue was discovered in MantisBT before 2.24.5. It associates a unique cookie string with each user. This string is not reset upon logout (i.e., the user session is still considered valid and active), allowing an attacker who somehow gained access to a user's cookie to login as them.
CVE-2020-28466PUBLISHED: 2021-03-07
This affects all versions of package github.com/nats-io/nats-server/server. Untrusted accounts are able to crash the server using configs that represent a service export/import cycles. Disclaimer from the maintainers: Running a NATS service which is exposed to untrusted users presents a heightened r...
CVE-2021-27364PUBLISHED: 2021-03-07An issue was discovered in the Linux kernel through 5.11.3. drivers/scsi/scsi_transport_iscsi.c is adversely affected by the ability of an unprivileged user to craft Netlink messages.
User Rank: Apprentice
10/30/2015 | 12:57:31 PM
The Chinese regime has growingly become dependent upon foreign supplies of oil, natural gas and other commodities through secure sea-lanes while the Chinese cyber expertise has become a domestic resource in itself that is as important as the energy supplies for the survival of the regime and its economic development.
Best regards,
Xavier Alfonsi
Analyst in naval and naval aviation affairs and in cyberdefense in Asia-Pacific from original sources in Chinese