βΌ CVE-2021-38278 βΌ
π Read
via "National Vulnerability Database".
Tenda AC10-1200 v15.03.06.23_EN was discovered to contain a buffer overflow via the urls parameter in the saveParentControlInfo function.π Read
via "National Vulnerability Database".
βΌ CVE-2021-46064 βΌ
π Read
via "National Vulnerability Database".
IrfanView 4.59 is vulnerable to buffer overflow via the function at address 0x413c70 (in 32bit version of the binary). The vulnerability triggers when the user opens malicious .tiff image.π Read
via "National Vulnerability Database".
βΌ CVE-2022-26243 βΌ
π Read
via "National Vulnerability Database".
Tenda AC10-1200 v15.03.06.23_EN was discovered to contain a buffer overflow in the setSmartPowerManagement function.π Read
via "National Vulnerability Database".
βΌ CVE-2021-38772 βΌ
π Read
via "National Vulnerability Database".
Tenda AC10-1200 v15.03.06.23_EN was discovered to contain a buffer overflow via the list parameter in the fromSetIpMacBind function.π Read
via "National Vulnerability Database".
βοΈ A Closer Look at the LAPSUS$ Data Extortion Group βοΈ
π Read
via "Krebs on Security".
Microsoft and identity management platform Okta both disclosed this week breaches involving LAPSUS$, a relatively new cybercrime group that specializes in stealing data from big companies and threatening to publish the information unless a ransom demand is paid. Here's a closer look at LAPSUS$, and some of the low-tech but high-impact methods the group uses to gain access to targeted organizations.π Read
via "Krebs on Security".
Krebs on Security
A Closer Look at the LAPSUS$ Data Extortion Group
Microsoft and identity management platform Okta both disclosed this week breaches involving LAPSUS$, a relatively new cybercrime group that specializes in stealing data from big companies and threatening to publish the information unless a ransom demand isβ¦
βΌ CVE-2021-3748 βΌ
π Read
via "National Vulnerability Database".
A use-after-free vulnerability was found in the virtio-net device of QEMU. It could occur when the descriptor's address belongs to the non direct access region, due to num_buffers being set after the virtqueue elem has been unmapped. A malicious guest could use this flaw to crash QEMU, resulting in a denial of service condition, or potentially execute code on the host with the privileges of the QEMU process.π Read
via "National Vulnerability Database".
βΌ CVE-2022-25223 βΌ
π Read
via "National Vulnerability Database".
Money Transfer Management System Version 1.0 allows an authenticated user to inject SQL queries in 'mtms/admin/?page=transaction/view_details' via the 'id' parameter.π Read
via "National Vulnerability Database".
βΌ CVE-2022-23881 βΌ
π Read
via "National Vulnerability Database".
ZZZCMS zzzphp v2.1.0 was discovered to contain a remote command execution (RCE) vulnerability via danger_key() at zzz_template.php.π Read
via "National Vulnerability Database".
βΌ CVE-2021-27466 βΌ
π Read
via "National Vulnerability Database".
A deserialization vulnerability exists in how the ArchiveService.rem service in Rockwell Automation FactoryTalk AssetCentre v10.00 and earlier verifies serialized data. This vulnerability may allow a remote, unauthenticated attacker to execute arbitrary commands in FactoryTalk AssetCentre.π Read
via "National Vulnerability Database".
βΌ CVE-2022-24292 βΌ
π Read
via "National Vulnerability Database".
Certain HP Print devices may be vulnerable to potential information disclosure, denial of service, or remote code execution.π Read
via "National Vulnerability Database".
βΌ CVE-2022-24757 βΌ
π Read
via "National Vulnerability Database".
The Jupyter Server provides the backend (i.e. the core services, APIs, and REST endpoints) for Jupyter web applications. Prior to version 1.15.4, unauthorized actors can access sensitive information from server logs. Anytime a 5xx error is triggered, the auth cookie and other header values are recorded in Jupyter Server logs by default. Considering these logs do not require root access, an attacker can monitor these logs, steal sensitive auth/cookie information, and gain access to the Jupyter server. Jupyter Server version 1.15.4 contains a patch for this issue. There are currently no known workarounds.π Read
via "National Vulnerability Database".
βΌ CVE-2022-1030 βΌ
π Read
via "National Vulnerability Database".
Okta Advanced Server Access Client for Linux and macOS prior to version 1.58.0 was found to be vulnerable to command injection via a specially crafted URL. An attacker, who has knowledge of a valid team name for the victim and also knows a valid target host where the user has access, can execute commands on the local system.π Read
via "National Vulnerability Database".
βΌ CVE-2022-22951 βΌ
π Read
via "National Vulnerability Database".
VMware Carbon Black App Control (8.5.x prior to 8.5.14, 8.6.x prior to 8.6.6, 8.7.x prior to 8.7.4 and 8.8.x prior to 8.8.2) contains an OS command injection vulnerability. An authenticated, high privileged malicious actor with network access to the VMware App Control administration interface may be able to execute commands on the server due to improper input validation leading to remote code execution.π Read
via "National Vulnerability Database".
βΌ CVE-2022-25222 βΌ
π Read
via "National Vulnerability Database".
Money Transfer Management System Version 1.0 allows an unauthenticated user to inject SQL queries in 'admin/maintenance/manage_branch.php' and 'admin/maintenance/manage_fee.php' via the 'id' parameter.π Read
via "National Vulnerability Database".
βΌ CVE-2022-22952 βΌ
π Read
via "National Vulnerability Database".
VMware Carbon Black App Control (8.5.x prior to 8.5.14, 8.6.x prior to 8.6.6, 8.7.x prior to 8.7.4 and 8.8.x prior to 8.8.2) contains a file upload vulnerability. A malicious actor with administrative access to the VMware App Control administration interface may be able to execute code on the Windows instance where AppC Server is installed by uploading a specially crafted file.π Read
via "National Vulnerability Database".
βΌ CVE-2022-23880 βΌ
π Read
via "National Vulnerability Database".
An arbitrary file upload vulnerability in the File Management function module of taoCMS v3.0.2 allows attackers to execute arbitrary code via a crafted PHP file.π Read
via "National Vulnerability Database".
βΌ CVE-2021-4150 βΌ
π Read
via "National Vulnerability Database".
A use-after-free flaw was found in the add_partition in block/partitions/core.c in the Linux kernel. A local attacker with user privileges could cause a denial of service on the system. The issue results from the lack of code cleanup when device_add call fails when adding a partition to the disk.π Read
via "National Vulnerability Database".
βΌ CVE-2021-27426 βΌ
π Read
via "National Vulnerability Database".
GE UR IED firmware versions prior to version 8.1x with Γ’β¬ΕBasicΓ’β¬οΏ½ security variant does not allow the disabling of the Γ’β¬ΕFactory Mode,Γ’β¬οΏ½ which is used for servicing the IED by a Γ’β¬ΕFactoryΓ’β¬οΏ½ user.π Read
via "National Vulnerability Database".
βΌ CVE-2021-28278 βΌ
π Read
via "National Vulnerability Database".
A Heap-based Buffer Overflow vulnerability exists in jhead 3.04 and 3.05 via the RemoveSectionType function in jpgfile.c.π Read
via "National Vulnerability Database".
βΌ CVE-2022-25609 βΌ
π Read
via "National Vulnerability Database".
Stored Cross-Site Scripting (XSS) in Yoo Slider Γ’β¬β Image Slider & Video Slider (WordPress plugin) allows attackers with contributor or higher user role to inject the malicious code.π Read
via "National Vulnerability Database".
βΌ CVE-2021-4180 βΌ
π Read
via "National Vulnerability Database".
An information exposure flaw in openstack-tripleo-heat-templates allows an external user to discover the internal IP or hostname. An attacker could exploit this by checking the www_authenticate_uri parameter (which is visible to all end users) in configuration files. This would give sensitive information which may aid in additional system exploitation. This flaw affects openstack-tripleo-heat-templates versions prior to 11.6.1.π Read
via "National Vulnerability Database".