π΄ CyCognito Launches Exploit Intelligence π΄
π Read
via "Dark Reading".
Risk intelligence solution provides insight, visibility, and guidance to identify, prioritize, and remediate vulnerabilities like Log4jπ Read
via "Dark Reading".
Dark Reading
CyCognito Launches Exploit Intelligence
Risk intelligence solution provides insight, visibility, and guidance to identify, prioritize, and remediate vulnerabilities like Log4j
βΌ CVE-2022-22611 βΌ
π Read
via "National Vulnerability Database".
An out-of-bounds read was addressed with improved input validation. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, iTunes 12.12.3 for Windows, watchOS 8.5, macOS Monterey 12.3. Processing a maliciously crafted image may lead to arbitrary code execution.π Read
via "National Vulnerability Database".
βΌ CVE-2022-22617 βΌ
π Read
via "National Vulnerability Database".
A logic issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. An application may be able to gain elevated privileges.π Read
via "National Vulnerability Database".
βΌ CVE-2022-22656 βΌ
π Read
via "National Vulnerability Database".
An authentication issue was addressed with improved state management. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. A local attacker may be able to view the previous logged in userΓ’β¬β’s desktop from the fast user switching screen.π Read
via "National Vulnerability Database".
βΌ CVE-2022-25605 βΌ
π Read
via "National Vulnerability Database".
Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities discovered in WP-DownloadManager WordPress plugin (versions <= 1.68.6). Vvulnerable parameters &download_path, &download_path_url, &download_page_url.π Read
via "National Vulnerability Database".
βΌ CVE-2022-22618 βΌ
π Read
via "National Vulnerability Database".
This issue was addressed with improved checks. This issue is fixed in watchOS 8.5, iOS 15.4 and iPadOS 15.4. A user may be able to bypass the Emergency SOS passcode prompt.π Read
via "National Vulnerability Database".
βΌ CVE-2022-22626 βΌ
π Read
via "National Vulnerability Database".
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory.π Read
via "National Vulnerability Database".
βΌ CVE-2021-30771 βΌ
π Read
via "National Vulnerability Database".
An out-of-bounds write was addressed with improved input validation. This issue is fixed in macOS Big Sur 11.4, iOS 14.6 and iPadOS 14.6, watchOS 7.5, tvOS 14.6. Processing a maliciously crafted font file may lead to arbitrary code execution.π Read
via "National Vulnerability Database".
βΌ CVE-2022-27243 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in MISP before 2.4.156. app/View/Users/terms.ctp allows Local File Inclusion via the custom terms file setting.π Read
via "National Vulnerability Database".
βΌ CVE-2022-25603 βΌ
π Read
via "National Vulnerability Database".
Authenticated (author or higher user role) Stored Cross-Site Scripting (XSS) vulnerability discovered in MaxGalleria WordPress plugin (versions 6.2.5).π Read
via "National Vulnerability Database".
βΌ CVE-2022-22671 βΌ
π Read
via "National Vulnerability Database".
An authentication issue was addressed with improved state management. This issue is fixed in iOS 15.4 and iPadOS 15.4. A person with physical access to an iOS device may be able to access photos from the lock screen.π Read
via "National Vulnerability Database".
βΌ CVE-2022-22586 βΌ
π Read
via "National Vulnerability Database".
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in macOS Monterey 12.2. A malicious application may be able to execute arbitrary code with kernel privileges.π Read
via "National Vulnerability Database".
βΌ CVE-2022-22666 βΌ
π Read
via "National Vulnerability Database".
A memory corruption issue was addressed with improved validation. This issue is fixed in tvOS 15.4, iOS 15.4 and iPadOS 15.4, watchOS 8.5. Processing a maliciously crafted image may lead to heap corruption.π Read
via "National Vulnerability Database".
βΌ CVE-2022-22596 βΌ
π Read
via "National Vulnerability Database".
A memory corruption issue was addressed with improved validation. This issue is fixed in watchOS 8.5, iOS 15.4 and iPadOS 15.4. An application may be able to execute arbitrary code with kernel privileges.π Read
via "National Vulnerability Database".
βΌ CVE-2022-22603 βΌ
π Read
via "National Vulnerability Database".
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Xcode 13.3. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution.π Read
via "National Vulnerability Database".
βΌ CVE-2022-1011 βΌ
π Read
via "National Vulnerability Database".
A flaw use after free in the Linux kernel FUSE filesystem was found in the way user triggers write(). A local user could use this flaw to get some unauthorized access to some data from the FUSE filesystem and as result potentially privilege escalation too.π Read
via "National Vulnerability Database".
βΌ CVE-2022-22627 βΌ
π Read
via "National Vulnerability Database".
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Big Sur 11.6.5, macOS Monterey 12.3, Security Update 2022-003 Catalina. Processing a maliciously crafted AppleScript binary may result in unexpected application termination or disclosure of process memory.π Read
via "National Vulnerability Database".
βΌ CVE-2022-0547 βΌ
π Read
via "National Vulnerability Database".
OpenVPN 2.1 until v2.4.12 and v2.5.6 may enable authentication bypass in external authentication plug-ins when more than one of them makes use of deferred authentication replies, which allows an external user to be granted access with only partially correct credentials.π Read
via "National Vulnerability Database".
βΌ CVE-2022-22578 βΌ
π Read
via "National Vulnerability Database".
A logic issue was addressed with improved validation. This issue is fixed in tvOS 15.3, iOS 15.3 and iPadOS 15.3, watchOS 8.4, macOS Monterey 12.2. A malicious application may be able to gain root privileges.π Read
via "National Vulnerability Database".
βΌ CVE-2022-22607 βΌ
π Read
via "National Vulnerability Database".
An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Xcode 13.3. Opening a maliciously crafted file may lead to unexpected application termination or arbitrary code execution.π Read
via "National Vulnerability Database".
βΌ CVE-2022-25607 βΌ
π Read
via "National Vulnerability Database".
Authenticated (author or higher user role) SQL Injection (SQLi) vulnerability discovered in FV Flowplayer Video Player WordPress plugin (versions <= 7.5.15.727).π Read
via "National Vulnerability Database".