Javier García

29 febrero, 2020

Cisco FXOS/NX-OS CVE-2020-3172 Arbitrary Code Execution and Denial of Service Vulnerabilities

Type: Vulnerability. Cisco FXOS and NX-OS are prone to a denial-of-service and arbitrary-code-execution vulnerabilities; fixes are available. More info: http://www.symantec.com/security_response/vulnerability.jsp?bid=112042&om_rssid=sr-advisories

29 febrero, 2020

Cisco NX-OS Software CVE-2020-3170 Remote Denial of Service Vulnerability

Type: Vulnerability. Cisco NX-OS Software is prone to a denial-of-service vulnerability; fixes are available. More info: http://www.symantec.com/security_response/vulnerability.jsp?bid=112043&om_rssid=sr-advisories

29 febrero, 2020

Export Users to CSV <= 1.4.2 – CSV Injection

https://wpvulndb.com/vulnerabilities/10094 More info: https://wpvulndb.com/vulnerabilities/10094

29 febrero, 2020

Flexible Checkout Fields for WooCommerce < 2.3.2 – Unauthenticated Settings Update

https://wpvulndb.com/vulnerabilities/10093 More info: https://wpvulndb.com/vulnerabilities/10093

29 febrero, 2020

wpdefault – Backdoor Plugin

https://wpvulndb.com/vulnerabilities/10096 More info: https://wpvulndb.com/vulnerabilities/10096

29 febrero, 2020

Hero Maps Premium < 2.2.3 – Unauthenticated Reflected Cross-Site Scripting (XSS)

https://wpvulndb.com/vulnerabilities/10095 More info: https://wpvulndb.com/vulnerabilities/10095

29 febrero, 2020

Site Takeover Campaign Exploits Multiple Zero-Day Vulnerabilities

https://www.wordfence.com/blog/2020/02/site-takeover-campaign-exploits-multiple-zero-day-vulnerabilities/ Early yesterday, the Flexible Checkout Fields for WooCommerce plugin received a critical update to patch a zero-day vulnerability which allowed attackers to modify the plugin’s settings. As our Threat Intelligence team researched the scope of this attack campaign, we discovered three additional zero-day vulnerabilities in popular WordPress plugins that are being exploited as a part of More info: https://www.wordfence.com/blog/2020/02/site-takeover-campaign-exploits-multiple-zero-day-vulnerabilities/

28 febrero, 2020

L	M	X	J	V	S	D
						1
2	3	4	5	6	7	8
9	10	11	12	13	14	15
16	17	18	19	20	21	22
23	24	25	26	27	28

Blog

Cisco FXOS/NX-OS CVE-2020-3172 Arbitrary Code Execution and Denial of Service Vulnerabilities

Cisco NX-OS Software CVE-2020-3170 Remote Denial of Service Vulnerability

Export Users to CSV <= 1.4.2 – CSV Injection

Flexible Checkout Fields for WooCommerce < 2.3.2 – Unauthenticated Settings Update

wpdefault – Backdoor Plugin

Hero Maps Premium < 2.2.3 – Unauthenticated Reflected Cross-Site Scripting (XSS)

Site Takeover Campaign Exploits Multiple Zero-Day Vulnerabilities

Cisco Nexus 1000V Switch for VMware vSphere CVE-2020-3168 Denial of Service Vulnerability

Cisco FXOS and UCS Manager Software CVE-2020-3167 Local Command Injection Vulnerability

Cisco NX-OS Software CVE-2020-3165 Authentication Bypass Vulnerability