Resources

Cybersecurity Resources:

Education and Awareness:

 

Speaking:

  • Interested in having CDS speak at your event? Please contact us here. We routinely do speaking engagements for clubs, chambers, companies, foundations, etc. and discuss current offensive and defensive Cybersecurity risks and tactics at a high, non-technical level for a broad audience appeal. If you have a specific speaking need around Cybersecurity, let us know and we can accommodate!

 

Below are some Cybersecurity Feeds to up-to-the-minute happenings in the security world. Enjoy!

RSS Latest Vulnerabilities

  • CVE-2019-8356 February 15, 2019
    An issue was discovered in SoX 14.4.2. One of the arguments to bitrv2 in fft4g.c is not guarded, such that it can lead to write access outside of the statically declared array, aka a stack-based buffer overflow.
  • CVE-2019-8355 February 15, 2019
    An issue was discovered in SoX 14.4.2. In xmalloc.h, there is an integer overflow on the result of multiplication fed into the lsx_valloc macro that wraps malloc. When the buffer is allocated, it is smaller than expected, leading to a heap-based buffer overflow in channels_start in remix.c.
  • CVE-2019-8357 February 15, 2019
    An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c allows a NULL pointer dereference.
  • CVE-2019-8354 February 15, 2019
    An issue was discovered in SoX 14.4.2. lsx_make_lpf in effect_i_dsp.c has an integer overflow on the result of multiplication fed into malloc. When the buffer is allocated, it is smaller than expected, leading to a heap-based buffer overflow.
  • CVE-2013-2565 February 15, 2019
    A vulnerability in Mambo CMS v4.6.5 where the scripts thumbs.php, editorFrame.php, editor.php, images.php, manager.php discloses the root path of the webserver.
  • CVE-2015-4615 February 15, 2019
    Vulnerability in Easy2map-photos WordPress Plugin v1.09 allows SQL Injection via unsanitized mapTemplateName, mapName, mapSettingsXML, parentCSSXML, photoCSSXML, mapCSSXML, mapHTML,mapID variables
  • CVE-2013-5654 February 15, 2019
    Vulnerability in YingZhi Python Programming Language v1.9 allows arbitrary anonymous uploads to the phone's storage
  • CVE-2015-4617 February 15, 2019
    Vulnerability in Easy2map-photos WordPress Plugin v1.09 MapPinImageUpload.php and MapPinIconSave.php allows path traversal when specifying file names creating files outside of the upload directory.
  • CVE-2013-2516 February 15, 2019
    Vulnerability in FileUtils v0.7, Ruby Gem Fileutils
  • CVE-2018-1895 February 15, 2019
    IBM InfoSphere Information Server 11.3, 11.5, and 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 152159.