Cyber Security

Devo: SIEM Continues to Evolve with Tech Trends and Emerging Threats

Enterprise Vulnerabilities
From DHS/US-CERT’s National Vulnerability Database

CVE-2020-25697
PUBLISHED: 2021-05-26

A privilege escalation flaw was found in the Xorg-x11-server due to a lack of authentication for X11 clients. This flaw allows an attacker to take control of an X application by impersonating the server it is expecting to connect to.

CVE-2020-27815
PUBLISHED: 2021-05-26

A flaw was found in the JFS filesystem code in the Linux Kernel which allows a local attacker with the ability to set extended attributes to panic the system, causing memory corruption or escalating privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as s…

CVE-2021-22160
PUBLISHED: 2021-05-26

If Apache Pulsar is configured to authenticate clients using tokens based on JSON Web Tokens (JWT), the signature of the token is not validated if the algorithm of the presented token is set to "none". This allows an attacker to connect to Pulsar instances as any user (incl. admins).

CVE-2021-20178
PUBLISHED: 2021-05-26

A flaw was found in ansible module where credentials are disclosed in the console log by default and not protected by the security feature when using the bitbucket_pipeline_variable module. This flaw allows an attacker to steal bitbucket_pipeline credentials. The highest threat from this vulnerabili…

CVE-2020-25668
PUBLISHED: 2021-05-26

A flaw was found in Linux Kernel because access to the global variable fg_console is not properly synchronized leading to a use after free in con_font_op.



 Source link

Back to top button
SoundCloud To Mp3