Inadequate filtering of form contents could allow to overwrite the author field. The affected core components were com_fields, com_categories, com_banners,... weiterlesen

Missing filtering of messages showed to users that could lead to xss issues. CVE-2021-23129 This vulnerability affects the following application... weiterlesen

Missing filtering of feed fields could lead to xss issues. CVE-2021-23130 This vulnerability affects the following application versions: ... weiterlesen

Missing input validation within the template manager. CVE-2021-23131 This vulnerability affects the following application versions: ... weiterlesen

There was usage of the insecure rand() function within the process of generating the 2FA secret. There was usage of an insufficient length for the 2FA... weiterlesen

The core shipped but unused randval implementation within FOF (FOFEncryptRandval) used an potential insecure implementation. That has now been replaced... weiterlesen

Incorrect ACL checks could allow unauthorized change of the category for an article. CVE-2021-26027 This vulnerability affects the following application... weiterlesen

Extracting a specially crafted zip package could write files outside of the intended path. CVE-2021-26028 This vulnerability affects the following... weiterlesen

com_media allowed paths that were not intended for image uploads. CVE-2021-23132 This vulnerability affects the following application versions: ... weiterlesen

... weiterlesen

Dass die GeForce RTX 3060 (Test) mit 12 GB GDDR6 mehr Grafikspeicher besitzt als die höher positionierte sowie mehr als 45 Prozent schnellere GeForce... weiterlesen

Apple hat soeben neue Softwareversionen zum Download freigegeben. Obwohl iOS 14.5 schon auf der Zielgerade ist, stellt Apple vorab noch ein Sicherheitsupdate... weiterlesen

Dieses Jahr wird Microsoft vermutlich ab April mit dem neuen Surface Laptop 4 durchstarten. Hierbei hieß es schon im November des letzten Jahres, dass... weiterlesen

Elektrische Luftpumpen für Fahrrad- und Autoreifen sind mobil, schick und ab 40 Euro erhältlich. Wir vergleichen die beliebtesten Produkte von Xiaomi... weiterlesen

Für den offiziellen Google Kalender für Android landet die nächste Neuerung in der App, die für mehr Übersicht in unseren Terminen sorgen soll. Ad.... weiterlesen

Android 12 steht in den Startlöchern. Erhält euer Handy ein Update? Wir verraten euch, wie die Chancen stehen. Samsung Galaxy A71. Galaxy A71. Samsung... weiterlesen

Android 12 steht in den Startlöchern. Erhält euer Handy ein Update? Wir verraten euch, wie die Chancen stehen. Dieser Artikel wurde... weiterlesen

Weniger als drei Wochen vor der Veröffentlichung melden sich EA und die Hazelight Studios mit einem Trailer zu It Takes Two (ab 37,99€ bei vorbestellen)... weiterlesen

Mithilfe zahlreicher Teleskope wurde nun der am weitesten entfernte bekannte radiohelle Quasar aufgespürt. Man sieht diesen Quasar mit der Bezeichnung... weiterlesen

[Editor’s note: Today, March 8, is International Women’s Day. eWEEK is publishing a couple of relevant features involving women in the IT business.... weiterlesen

... weiterlesen

... weiterlesen

It’s no secret cybersecurity is a major concern of enterprises today. All over the world, organizations are at… The post Why A Secure Web Gateway is... weiterlesen

HiddenEye: Reborn is my second try on doing multi-featured tool for human mistakes exploitation. Currently, HE: RE has mainly phishing features. But we... weiterlesen

An anonymous reader shares a report: Whether he's showing off astronomically expensive computer gaming hardware or dumpster-diving for the cheapest PC... weiterlesen

Intrusion activity related to the Supernova malware planted on compromised SolarWinds Orion installations exposed on the public internet points to an espionage... weiterlesen

... weiterlesen

Apple hat ein Sicherheitsupdate für iOS herausgegeben. Nutzern wird empfohlen, dringend zu aktualisieren. Die neue Version 14.4.1 steht für iOS und... weiterlesen

The kingdom is building a $5 billion plant to make green fuel for export and lessen the country's dependence on petrodollars. From a report: Sun-scorched... weiterlesen

schwit1 writes: Americans who have received the full COVID-19 vaccine can gather with vaccinated grandparents or friends without wearing masks or keeping... weiterlesen

The Defense Advanced Research Projects Agency, or DARPA, has signed an agreement with Intel to add it to its Data Protection in Virtual Environments project,... weiterlesen

More games are coming, but are they from Xbox Game Studios? What you need to know In an interview on the Ion Lords Podcast, Jason Ronald from Xbox shared... weiterlesen

This team is shutting its doors after Disintegration failed to find an audience. What you need to know V1 Interactive is a studio founded by Halo co-creator... weiterlesen

I'm just curious how serious are popular distros about it. Knowing that Apple have potential to bend the market to their will in my opinion this can be... weiterlesen

USN-4733-1 fixed a vulnerability in GNOME Autoar. The upstream fix introduced a regression when extracting archives containing directories. This update... weiterlesen

It was discovered that libzstd incorrectly handled file permissions. A local attacker could possibly use this issue to access certain files, contrary to... weiterlesen

Krzesimir Nowak discovered that GLib incorrectly handled certain large buffers. A remote attacker could use this issue to cause applications linked to... weiterlesen

IBM API Connect V10 and V2018 could allow an attacker who has intercepted a registration invitation link to impersonate the registered user or obtain sensitive... weiterlesen

IBM DataPower Gateway V10 and V2018 could allow a local attacker with administrative privileges to execute arbitrary code on the system using a server-side... weiterlesen

IBM API Connect V10 is impacted by insecure communications during database replication. As the data replication happens over insecure communication channels,... weiterlesen

RATCF is an open-source framework for hosting Cyber-Security Capture the Flag events. In affected versions of RATCF users with multi factor authentication... weiterlesen

GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. In GLPI... weiterlesen

GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. In GLPI... weiterlesen

GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. In GLPI... weiterlesen

GLPI is an open-source asset and IT management software package that provides ITIL Service Desk features, licenses tracking and software auditing. In GLPI... weiterlesen

... weiterlesen

Redakteur Peter hat den neuen Loot-Shooter lange Zeit ignoriert - ein großer Fehler, wie sich nach dem Spielen der Demo herausstellt. von Peter Bathge,... weiterlesen

... weiterlesen

Google musste in der Europäischen Union schon mehrfach Milliardenstrafen zahlen und Änderungen an Produkten vornehmen – darunter auch an Android und... weiterlesen

... weiterlesen