DESCRIPTION:Multiple vulnerabilities have been discovered in iCloud for WindowsCould Allow for Arbitrary Code Execution. iCloud for Windows is a cloudstorage and cloud computing service. Successful exploitation of thesevulnerabilities could result in arbitrary code execution within thecontext of the application, an attacker gaining the same privileges asthe logged-on user, or the bypassing of security restrictions. Dependingon the permission associated with the application running the exploit,an attacker...
Read More
DESCRIPTION:Multiple vulnerabilities have been discovered in Apple Products, themost severe of which could allow for arbitrary code execution. * iOS is a mobile operating system for mobile devices, including theiPhone, iPad, and iPod touch.* iPadOS is the successor to iOS 12 and is a mobile operating system foriPads.* macOS Monterey is the 18th and current major release of macOS.* macOS Big Sur is the 17th...
Read More
DESCRIPTION:The Apache Software Foundation has released Apache HTTP Server 2.4.52.Reference:https://downloads.apache.org/httpd/Announcement2.4.html CVE-2021-44790 (CVSS score: 9.8- CRITICAL) -A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts).The Apache httpd team is not aware of an exploit for the vulnerability though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier. CVE-2021-44224...
Read More
DESCRIPTION:A vulnerability has been discovered in Fortinet FortiWeb that couldallow for arbitrary code execution. Fortinet FortiWeb is a firewall forweb applications, which provides threat protection for medium and largeenterprises. Successful exploitation of this vulnerability could allowfor arbitrary code execution within the context of the affectedapplication. Depending on the privileges associated with thisapplication, an attacker could then install programs; view, change, ordelete data; or create new...
Read More
DESCRIPTION:A vulnerability has been discovered in Mozilla’s Network SecurityServices (NSS), a set of cryptography libraries used to handlesignatures and certification validation. Successful exploitation of thisthe vulnerability could allow for arbitrary code execution within thecontext of the affected application, which could be either a client likeThunderbird or server like Apache webserver. Depending on the privilegesassociated with this application, an attacker could then installprograms; view, change, or...
Read More
