‼ CVE-2022-25264 ‼
📖 Read
via "National Vulnerability Database".
In JetBrains TeamCity before 2021.2.3, environment variables of the "password" type could be logged in some cases.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-22429 ‼
📖 Read
via "National Vulnerability Database".
There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-25019 ‼
📖 Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2021-38602. Reason: This candidate is a reservation duplicate of CVE-2021-38602. Notes: All CVE users should reference CVE-2021-38602 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-42952 ‼
📖 Read
via "National Vulnerability Database".
All pervious versions before October 25, 2021 of Zepl Notebooks are affeced by a sandbox escape vulnerability. Upon launching Remote Code Execution from the Notebook, users can then use that to subsequently escape the running context sandbox and proceed to access internal Zepl assets including cloud metadata services.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-22426 ‼
📖 Read
via "National Vulnerability Database".
There is a memory address out of bounds in smartphones. Successful exploitation of this vulnerability may cause malicious code to be executed.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-22431 ‼
📖 Read
via "National Vulnerability Database".
There is a vulnerability when configuring permission isolation in smartphones. Successful exploitation of this vulnerability may cause out-of-bounds access.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-25260 ‼
📖 Read
via "National Vulnerability Database".
JetBrains Hub before 2021.1.14276 was vulnerable to blind Server-Side Request Forgery (SSRF).📖 Read
via "National Vulnerability Database".
‼ CVE-2021-37027 ‼
📖 Read
via "National Vulnerability Database".
There is a DoS vulnerability in smartphones. Successful exploitation of this vulnerability may affect service integrity.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-23985 ‼
📖 Read
via "National Vulnerability Database".
The affected product is vulnerable to an out-of-bounds write while processing project files, which allows an attacker to craft a project file that would allow arbitrary code execution.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-22430 ‼
📖 Read
via "National Vulnerability Database".
There is a logic bypass vulnerability in smartphones. Successful exploitation of this vulnerability may cause code injection.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-44132 ‼
📖 Read
via "National Vulnerability Database".
A command injection vulnerability in the function formImportOMCIShell of C-DATA ONU4FERW V2.1.13_X139 allows attackers to execute arbitrary commands via a crafted file.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-21209 ‼
📖 Read
via "National Vulnerability Database".
The affected product is vulnerable to an out-of-bounds read while processing project files, which allows an attacker to craft a project file that would allow arbitrary code execution.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-25062 ‼
📖 Read
via "National Vulnerability Database".
TP-LINK TL-WR840N(ES)_V6.20_180709 was discovered to contain an integer overflow via the function dm_checkString. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted HTTP request.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-22448 ‼
📖 Read
via "National Vulnerability Database".
There is an improper verification vulnerability in smartphones. Successful exploitation of this vulnerability may cause unauthorized read and write of some files.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-22437 ‼
📖 Read
via "National Vulnerability Database".
There is a software integer overflow leading to a TOCTOU condition in smartphones. Successful exploitation of this vulnerability may cause random address access.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-37103 ‼
📖 Read
via "National Vulnerability Database".
There is an improper permission management vulnerability in the Wallet apps. Successful exploitation of this vulnerability may affect service confidentiality.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-22395 ‼
📖 Read
via "National Vulnerability Database".
There is a code injection vulnerability in smartphones. Successful exploitation of this vulnerability may affect service confidentiality.📖 Read
via "National Vulnerability Database".
❌ TrickBot Takes a Break, Leaving Researchers Scratching Their Heads ❌
📖 Read
via "Threat Post".
The infamous trojan is likely making some major operational changes, researchers believe.📖 Read
via "Threat Post".
Threat Post
TrickBot Takes a Break, Leaving Researchers Scratching Their Heads
The infamous trojan is likely making some major operational changes, researchers believe.
‼ CVE-2022-24710 ‼
📖 Read
via "National Vulnerability Database".
Weblate is a copyleft software web-based continuous localization system. Versions prior to 4.11 do not properly neutralize user input used in user name and language fields. Due to this improper neutralization it is possible to perform cross-site scripting via these fields. The issues were fixed in the 4.11 release. Users unable to upgrade are advised to add their own neutralize logic.📖 Read
via "National Vulnerability Database".
👍1
🕴 7 Steps to Take Right Now to Prepare for Cyberattacks by Russia 🕴
📖 Read
via "Dark Reading".
A lot of the recommended preparation involves measures organizations should have in place already.📖 Read
via "Dark Reading".
Dark Reading
7 Steps to Take Right Now to Prepare for Cyberattacks by Russia
A lot of the recommended preparation involves measures organizations should have in place already.
👍1
📢 IBM launches security hub to help APAC firms prepare for cyber attacks 📢
📖 Read
via "ITPro".
The tech giant also announced the opening of a second IBM Security Operation Center (SOC) in Bengaluru📖 Read
via "ITPro".
IT PRO
IBM launches security hub to help APAC firms prepare for cyber attacks | IT PRO
The tech giant also announced the opening of a second IBM Security Operation Center (SOC) in Bengaluru