Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-21331PUBLISHED: 2021-03-03
The Java client for the Datadog API before version 1.0.0-beta.9 has a local information disclosure of sensitive information downloaded via the API using the API Client. The Datadog API is executed on a unix-like system with multiple users. The API is used to download a file containing sensitive info...
CVE-2021-27940PUBLISHED: 2021-03-03resources/public/js/orchestrator.js in openark orchestrator before 3.2.4 allows XSS via the orchestrator-msg parameter.
CVE-2021-21312PUBLISHED: 2021-03-03
GLPI is open source software which stands for Gestionnaire Libre de Parc Informatique and it is a Free Asset and IT Management Software package. In GLPI before verison 9.5.4, there is a vulnerability within the document upload function (Home > Management > Documents > Add, or /front/documen...
CVE-2021-21313PUBLISHED: 2021-03-03
GLPI is open source software which stands for Gestionnaire Libre de Parc Informatique and it is a Free Asset and IT Management Software package. In GLPI before verison 9.5.4, there is a vulnerability in the /ajax/common.tabs.php endpoint, indeed, at least two parameters _target and id are not proper...
CVE-2021-21314PUBLISHED: 2021-03-03GLPI is open source software which stands for Gestionnaire Libre de Parc Informatique and it is a Free Asset and IT Management Software package. In GLPI before verison 9.5.4, there is an XSS vulnerability involving a logged in user while updating a ticket.
User Rank: Apprentice
11/6/2019 | 5:41:34 PM
First, let's start with Kaspersky. Fact: this company was founded by a former KGB agent. Fact: this company has gone well beyond the scope of a cyber defense company. Ties to Russian intelligence are undisputed. There are dozens of articles on this subject. Lack of trust is the concern.
Second, China. This is a communist nation that is actively involved in well documented horrors against its people. There are hundreds of articles documenting contemporary atrocities, human rights violations, and crimes against humanity. In addition, there are numerous articles documenting evidence of intentionally designed and placed backdoors in various Chinese products as dictated by Chinese government mandates. Huawei is tip of the iceberg. Egregious violations of human rights and lack of trust are the concerns.