βΌ CVE-2022-21990 βΌ
π Read
via "National Vulnerability Database".
Remote Desktop Client Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-23285.π Read
via "National Vulnerability Database".
βΌ CVE-2022-23283 βΌ
π Read
via "National Vulnerability Database".
Windows ALPC Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-23287, CVE-2022-24505.π Read
via "National Vulnerability Database".
βΌ CVE-2022-24470 βΌ
π Read
via "National Vulnerability Database".
Azure Site Recovery Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24467, CVE-2022-24468, CVE-2022-24471, CVE-2022-24517, CVE-2022-24520.π Read
via "National Vulnerability Database".
βΌ CVE-2021-36777 βΌ
π Read
via "National Vulnerability Database".
A Reliance on Untrusted Inputs in a Security Decision vulnerability in the login proxy of the openSUSE Build service allowed attackers to present users with a expected login form that then sends the clear text credentials to an attacker specified server. This issue affects: openSUSE Build service login-proxy-scripts versions prior to dc000cdfe9b9b715fb92195b1a57559362f689ef.π Read
via "National Vulnerability Database".
βΌ CVE-2022-21977 βΌ
π Read
via "National Vulnerability Database".
Media Foundation Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-22010.π Read
via "National Vulnerability Database".
βΌ CVE-2022-24509 βΌ
π Read
via "National Vulnerability Database".
Microsoft Office Visio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24461, CVE-2022-24510.π Read
via "National Vulnerability Database".
βΌ CVE-2022-23291 βΌ
π Read
via "National Vulnerability Database".
Windows DWM Core Library Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-23288.π Read
via "National Vulnerability Database".
βΌ CVE-2022-23278 βΌ
π Read
via "National Vulnerability Database".
Microsoft Defender for Endpoint Spoofing Vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2022-24462 βΌ
π Read
via "National Vulnerability Database".
Microsoft Word Security Feature Bypass Vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2022-24526 βΌ
π Read
via "National Vulnerability Database".
Visual Studio Code Spoofing Vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2022-23281 βΌ
π Read
via "National Vulnerability Database".
Windows Common Log File System Driver Information Disclosure Vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2022-24469 βΌ
π Read
via "National Vulnerability Database".
Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-24506, CVE-2022-24515, CVE-2022-24518, CVE-2022-24519.π Read
via "National Vulnerability Database".
βΌ CVE-2022-24525 βΌ
π Read
via "National Vulnerability Database".
Windows Update Stack Elevation of Privilege Vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2022-24508 βΌ
π Read
via "National Vulnerability Database".
Windows SMBv3 Client/Server Remote Code Execution Vulnerability.π Read
via "National Vulnerability Database".
π1
π΄ Palo Alto Networks Introduces Prisma Cloud Supply Chain Security π΄
π Read
via "Dark Reading".
Threat modeling visualization, code repository scanning, and pipeline configuration analysis help prioritize vulnerabilities.π Read
via "Dark Reading".
Dark Reading
Palo Alto Networks Introduces Prisma Cloud Supply Chain Security
Threat modeling visualization, code repository scanning, and pipeline configuration analysis help prioritize vulnerabilities.
π΄ 10 Signs of a Poor Security Leader π΄
π Read
via "Dark Reading".
Weak leadership can demotivate and demoralize the security workforce. Here's what to look out for.π Read
via "Dark Reading".
Dark Reading
10 Signs of a Poor Security Leader
Weak leadership can demotivate and demoralize the security workforce. Here's what to look out for.
π΄ Bitdefender Launches New Password Manager Solution for Consumers π΄
π Read
via "Dark Reading".
Simplifies the creation and management of secure passwords for all online accounts across multiple platforms including mobile.π Read
via "Dark Reading".
Dark Reading
Bitdefender Launches New Password Manager Solution for Consumers
Simplifies the creation and management of secure passwords for all online accounts across multiple platforms including mobile.
βΌ CVE-2022-24919 βΌ
π Read
via "National Vulnerability Database".
An authenticated user can create a link with reflected Javascript code inside it for graphsΓΒ’Γ’β¬ÒβΒ’ page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict. Malicious code has access to all the same objects as the rest of the web page and can make arbitrary modifications to the contents of the page being displayed to a victim during social engineering attacks.π Read
via "National Vulnerability Database".
βΌ CVE-2022-22806 βΌ
π Read
via "National Vulnerability Database".
A CWE-294: Authentication Bypass by Capture-replay vulnerability exists that could cause an unauthenticated connection to the UPS when a malformed connection is sent. Affected Product: SmartConnect Family: SMT Series (SMT Series ID=1015: UPS 04.5 and prior), SMC Series (SMC Series ID=1018: UPS 04.2 and prior), SMTL Series (SMTL Series ID=1026: UPS 02.9 and prior), SCL Series (SCL Series ID=1029: UPS 02.5 and prior / SCL Series ID=1030: UPS 02.5 and prior / SCL Series ID=1036: UPS 02.5 and prior / SCL Series ID=1037: UPS 03.1 and prior), SMX Series (SMX Series ID=1031: UPS 03.1 and prior)π Read
via "National Vulnerability Database".
βΌ CVE-2022-22805 βΌ
π Read
via "National Vulnerability Database".
A CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') vulnerability exists that could cause remote code execution when an improperly handled TLS packet is reassembled. Affected Product: SmartConnect Family: SMT Series (SMT Series ID=1015: UPS 04.5 and prior), SMC Series (SMC Series ID=1018: UPS 04.2 and prior), SMTL Series (SMTL Series ID=1026: UPS 02.9 and prior), SCL Series (SCL Series ID=1029: UPS 02.5 and prior / SCL Series ID=1030: UPS 02.5 and prior / SCL Series ID=1036: UPS 02.5 and prior / SCL Series ID=1037: UPS 03.1 and prior), SMX Series (SMX Series ID=1031: UPS 03.1 and prior)π Read
via "National Vulnerability Database".
βΌ CVE-2022-24918 βΌ
π Read
via "National Vulnerability Database".
An authenticated user can create a link with reflected Javascript code inside it for itemsΓΒ’Γ’β¬ÒβΒ’ page and send it to other users. The payload can be executed only with a known CSRF token value of the victim, which is changed periodically and is difficult to predict. Malicious code has access to all the same objects as the rest of the web page and can make arbitrary modifications to the contents of the page being displayed to a victim during social engineering attacks.π Read
via "National Vulnerability Database".