Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-27314PUBLISHED: 2021-03-05SQL injection in admin.php in doctor appointment system 1.0 allows an unauthenticated attacker to insert malicious SQL queries via username parameter at login page.
CVE-2019-18630PUBLISHED: 2021-03-04On Xerox AltaLink B8045/B8055/B8065/B8075/B8090 and C8030/C8035/C8045/C8055/C8070 multifunction printers with software releases before 101.00x.099.28200, portions of the drive containing executable code were not encrypted thus leaving it open to potential cryptographic information disclosure.
CVE-2021-25344PUBLISHED: 2021-03-04Missing permission check in knox_custom service prior to SMR Mar-2021 Release 1 allows attackers to gain access to device's serial number without permission.
CVE-2021-25345PUBLISHED: 2021-03-04Graphic format mismatch while converting video format in hwcomposer prior to SMR Mar-2021 Release 1 results in kernel panic due to unsupported format.
CVE-2021-25346PUBLISHED: 2021-03-04A possible arbitrary memory overwrite vulnerabilities in quram library version prior to SMR Jan-2021 Release 1 allow arbitrary code execution.
User Rank: Ninja
4/23/2016 | 9:26:36 AM
* Don't just test your Windows updates. Have and utilize a testbed for ALL your updates. You never know when something might not play nice with something else. (Remember the 3-day outage Verizon had on accounts receivable -- prevent customers from paying their bills -- because of an update gone awry?)
* The real solution for Flash is to JUST GET RID OF IT. ;)