βΌ CVE-2022-24198 βΌ
π Read
via "National Vulnerability Database".
iText v7.1.17 was discovered to contain an out-of-bounds exception via the component ARCFOUREncryption.encryptARCFOUR, which allows attackers to cause a Denial of Service (DoS) via a crafted PDF file.π Read
via "National Vulnerability Database".
βΌ CVE-2022-24196 βΌ
π Read
via "National Vulnerability Database".
iText v7.1.17 was discovered to contain an out-of-memory error via the component readStreamBytesRaw, which allows attackers to cause a Denial of Service (DoS) via a crafted PDF file.π Read
via "National Vulnerability Database".
βΌ CVE-2022-24223 βΌ
π Read
via "National Vulnerability Database".
AtomCMS v2.0 was discovered to contain a SQL injection vulnerability via /admin/login.php.π Read
via "National Vulnerability Database".
βΌ CVE-2022-24222 βΌ
π Read
via "National Vulnerability Database".
eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/edit_user.php.π Read
via "National Vulnerability Database".
βΌ CVE-2022-24219 βΌ
π Read
via "National Vulnerability Database".
eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/edit_page.php.π Read
via "National Vulnerability Database".
βΌ CVE-2022-24197 βΌ
π Read
via "National Vulnerability Database".
iText v7.1.17 was discovered to contain a stack-based buffer overflow via the component ByteBuffer.append, which allows attackers to cause a Denial of Service (DoS) via a crafted PDF file.π Read
via "National Vulnerability Database".
βΌ CVE-2022-24221 βΌ
π Read
via "National Vulnerability Database".
eliteCMS v1.0 was discovered to contain a SQL injection vulnerability via /admin/functions/functions.php.π Read
via "National Vulnerability Database".
βΌ CVE-2022-24218 βΌ
π Read
via "National Vulnerability Database".
An issue in /admin/delete_image.php of eliteCMS v1.0 allows attackers to delete arbitrary files.π Read
via "National Vulnerability Database".
βΌ CVE-2021-46093 βΌ
π Read
via "National Vulnerability Database".
eliteCMS v1.0 is vulnerable to Insecure Permissions via manage_uploads.php.π Read
via "National Vulnerability Database".
β Unpatched Security Bugs in Medical Wearables Allow Patient Tracking, Data Theft β
π Read
via "Threat Post".
Rising critical unpatched vulnerabilities and a lack of encryption leave medical device data defenseless, researcher warn.π Read
via "Threat Post".
Threat Post
Unpatched Security Bugs in Medical Wearables Allow Patient Tracking, Data Theft
Rising critical unpatched vulnerabilities and a lack of encryption leave medical device data defenseless, researcher warn.
π΄ Digital Shadows Launches New Vulnerability Intelligence Module π΄
π Read
via "Dark Reading".
New capability simplifies challenge of prioritizing CVEs for faster triage and remediation.π Read
via "Dark Reading".
Dark Reading
Digital Shadows Launches New Vulnerability Intelligence Module
New capability simplifies challenge of prioritizing CVEs for faster triage and remediation.
π΄ Disclosure, Panic, Patch: Can We Do Better? π΄
π Read
via "Dark Reading".
Companies struggle to understand the extent to which they are affected by vulnerabilities in open source software, but security specialists and maintainers are striving to secure the ecosystem.π Read
via "Dark Reading".
Dark Reading
Disclosure, Panic, Patch: Can We Do Better?
Companies struggle to understand the extent to which they are affected by vulnerabilities in open source software, but security specialists and maintainers are striving to secure the ecosystem.
π΄ Forescout Acquires CyberMDX to Expand Healthcare Cybersecurity Focus π΄
π Read
via "Dark Reading".
Acquisition adds Internet of Medical Things (IoMT) expertise to Forescoutβs IT, IoT, and OT coverage.π Read
via "Dark Reading".
Dark Reading
Forescout Acquires CyberMDX to Expand Healthcare Cybersecurity Focus
Acquisition adds Internet of Medical Things (IoMT) expertise to Forescoutβs IT, IoT, and OT coverage.
π΄ Ping Identity Launches PingOne DaVinci π΄
π Read
via "Dark Reading".
No-code identity orchestration service enables organizations to design better user experiences with drag-and-drop simplicity.π Read
via "Dark Reading".
Dark Reading
Ping Identity Launches PingOne DaVinci
No-code identity orchestration service enables organizations to design better user experiences with drag-and-drop simplicity.
π΄ ShiftLeft CORE 'Velocity Update' Streamlines Triage, Automates Build Security Controls π΄
π Read
via "Dark Reading".
New features empower developers and AppSec teams to streamline the triage process and automate security controls.π Read
via "Dark Reading".
Dark Reading
ShiftLeft CORE 'Velocity Update' Streamlines Triage, Automates Build Security Controls
New features empower developers and AppSec teams to streamline the triage process and automate security controls.
π΄ Vectra Acquires Siriux Security Technologies to Extend Leadership in Identity and SaaS Threat Management π΄
π Read
via "Dark Reading".
The acquisition positions Vectra to help customers securely configure and detect active threats in cloud identity and SaaS applications, including Microsoft Azure AD and Microsoft 365.π Read
via "Dark Reading".
Dark Reading
Vectra Acquires Siriux Security Technologies to Extend Leadership in Identity and SaaS Threat Management
The acquisition positions Vectra to help customers securely configure and detect active threats in cloud identity and SaaS applications, including Microsoft Azure AD and Microsoft 365.
β FBI: Use a Burner Phone at the Olympics β
π Read
via "Threat Post".
The warning follows a Citizen Lab report that found the official, mandatory app has an encryption flaw that "can be trivially sidestepped." Besides burners, here are more tips on staying cyber-safe at the Games.π Read
via "Threat Post".
Threat Post
FBI: Use a Burner Phone at the Olympics
The warning follows a Citizen Lab report that found the official, mandatory app has an encryption flaw that "can be trivially sidestepped." Besides burners, here are more tips on staying cyber-safe at the Games.
π΄ Nucleus Security Forms Strategic Partnership with Mandiant π΄
π Read
via "Dark Reading".
Intent is to enhance vulnerability management programs with operationalized threat intelligence.π Read
via "Dark Reading".
Dark Reading
Nucleus Security Forms Strategic Partnership with Mandiant
Intent is to enhance vulnerability management programs with operationalized threat intelligence.
π΄ ThycoticCentrify Renamed Delinea π΄
π Read
via "Dark Reading".
Privileged access management vendor rebrands.π Read
via "Dark Reading".
Dark Reading
ThycoticCentrify Renamed Delinea
Privileged access management vendor rebrands.
π΄ Secure Web Browsers Tackle Ransomware, Insider Threat in Enterprises π΄
π Read
via "Dark Reading".
Enterprise security teams can use secure web browsers to apply controls and governance to cloud applications and customer data.π Read
via "Dark Reading".
Dark Reading
Secure Web Browsers Tackle Ransomware, Insider Threat in Enterprises
Enterprise security teams can use secure Web browsers to apply controls and governance to cloud applications and customer data.
βΌ CVE-2021-42638 βΌ
π Read
via "National Vulnerability Database".
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below do not sanitize user input resulting in pre-auth remote code execution.π Read
via "National Vulnerability Database".