Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2021-30481PUBLISHED: 2021-04-10Valve Steam through 2021-04-10, when a Source engine game is installed, allows remote authenticated users to execute arbitrary code because of a buffer overflow that occurs for a Steam invite after one click.
CVE-2021-20020PUBLISHED: 2021-04-10A command execution vulnerability in SonicWall GMS 9.3 allows a remote unauthenticated attacker to locally escalate privilege to root.
CVE-2021-30480PUBLISHED: 2021-04-09
Zoom Chat through 2021-04-09 on Windows and macOS allows certain remote authenticated attackers to execute arbitrary code without user interaction. An attacker must be within the same organization, or an external party who has been accepted as a contact. NOTE: this is specific to the Zoom Chat softw...
CVE-2021-21194PUBLISHED: 2021-04-09Use after free in screen sharing in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
CVE-2021-21195PUBLISHED: 2021-04-09Use after free in V8 in Google Chrome prior to 89.0.4389.114 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.
User Rank: Apprentice
3/11/2014 | 10:32:47 AM
Even as a small IT Service company we have to go through PCI compliance. Are these big companies too big that they dont have anyone who can see the big picutre? Do they perform 3rd party security audits? If so - why wasnt this found. If not - wow - they hold millions of credit card numbers and probably lots of Personal Information which must be protected - and they did nothing to think about security? Wow!