‼ CVE-2022-27147 ‼
📖 Read
via "National Vulnerability Database".
GPAC mp4box 1.1.0-DEV-rev1727-g8be34973d-master has a use-after-free vulnerability in function gf_node_get_attribute_by_tag.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-27047 ‼
📖 Read
via "National Vulnerability Database".
mogu_blog_cms 5.2 suffers from upload arbitrary files without any limitation.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-27146 ‼
📖 Read
via "National Vulnerability Database".
GPAC mp4box 1.1.0-DEV-rev1759-geb2d1e6dd-has a heap-buffer-overflow vulnerability in function gf_isom_apple_enum_tag.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-4668 ‼
📖 Read
via "National Vulnerability Database".
IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.5, 6.1.0.0 through 6.1.0.3, and 6.1.1.0 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 186283.📖 Read
via "National Vulnerability Database".
👍1
‼ CVE-2021-43521 ‼
📖 Read
via "National Vulnerability Database".
A Buffer Overflow vulnerability exists in zlog 1.2.15 via zlog_conf_build_with_file in src/zlog/src/conf.c.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-43515 ‼
📖 Read
via "National Vulnerability Database".
A CSV Injection vulnerablity exists in Kimai Kimai 2 > 1.14 via a description in a new timesheet.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-43483 ‼
📖 Read
via "National Vulnerability Database".
An Access Control vulnerability exists in CLARO KAON CG3000 1.00.67 in the router configuration, which could allow a malicious user to read or update the configuraiton without authentication.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-27145 ‼
📖 Read
via "National Vulnerability Database".
GPAC mp4box 1.1.0-DEV-rev1727-g8be34973d-master has a stack-overflow vulnerability in function gf_isom_get_sample_for_movie_time of mp4box.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-43517 ‼
📖 Read
via "National Vulnerability Database".
FOSCAM Camera FI9805E with firmware V4.02.R12.00018510.10012.143900.00000 contains a backdoor that opens Telnet port when special command is sent on port 9530.📖 Read
via "National Vulnerability Database".
🕴 Software-as-a-Service Rules the Cloud 🕴
📖 Read
via "Dark Reading".
Half of the IT professionals surveyed who use cloud services also employ infrastructure-as-a-service and platform-as-a-service.📖 Read
via "Dark Reading".
Dark Reading
Software-as-a-Service Rules the Cloud
Half of the IT professionals surveyed who use cloud services also employ infrastructure-as-a-service and platform-as-a-service.
👍1
‼ CVE-2022-1284 ‼
📖 Read
via "National Vulnerability Database".
heap-use-after-free in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability is capable of inducing denial of service.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-43498 ‼
📖 Read
via "National Vulnerability Database".
An Access Control vulnerability exists in ATutor 2.2.4 in password_reminder.php when the g, id, h, form_password_hidden, and form_change HTTP POST parameters are set.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-43503 ‼
📖 Read
via "National Vulnerability Database".
A Remote Code Execution (RCE) vulnerability exists in h laravel 5.8.38 via an unserialize pop chain in (1) __destruct in \Routing\PendingResourceRegistration.php, (2) __cal in Queue\Capsule\Manager.php, and (3) __invoke in mockery\library\Mockery\ClosureWrapper.php.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-24821 ‼
📖 Read
via "National Vulnerability Database".
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. Simple users can create global SSX/JSX without specific rights: in theory only users with Programming Rights should be allowed to create SSX or JSX that are executed everywhere on a wiki. But a bug allow anyone with edit rights to actually create those. This issue has been patched in XWiki 13.10-rc-1, 12.10.11 and 13.4.6. There's no easy workaround for this issue, administrators should upgrade their wiki.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-1283 ‼
📖 Read
via "National Vulnerability Database".
NULL Pointer Dereference in r_bin_ne_get_entrypoints function in GitHub repository radareorg/radare2 prior to 5.6.8. This vulnerability allows attackers to cause a denial of service (application crash).📖 Read
via "National Vulnerability Database".
👍1
‼ CVE-2022-27152 ‼
📖 Read
via "National Vulnerability Database".
Roku devices running RokuOS v9.4.0 build 4200 or earlier that uses a Realtek WiFi chip is vulnerable to Arbitrary file modification.📖 Read
via "National Vulnerability Database".
🕴 BakerHostetler Launches 2022 Data Security Incident Response Report — Resilience And Perseverance 🕴
📖 Read
via "Dark Reading".
Ransomware remained the most prevalent and impactful type of data security incident.📖 Read
via "Dark Reading".
Dark Reading
BakerHostetler Launches 2022 Data Security Incident Response Report — Resilience And Perseverance
Ransomware remained the most prevalent and impactful type of data security incident.
🕴 Microsoft Sinkholes Russian Hacking Group's Domains Targeting Ukraine 🕴
📖 Read
via "Dark Reading".
The operation aimed to disrupt cyber espionage activity a Russian GRU group was using for the Ukraine war.📖 Read
via "Dark Reading".
Dark Reading
Microsoft Sinkholes Russian Hacking Group's Domains Targeting Ukraine
The operation aimed to disrupt cyber espionage activity a Russian GRU group was using for the Ukraine war.
‼ CVE-2022-24820 ‼
📖 Read
via "National Vulnerability Database".
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. A guest user without the right to view pages of the wiki can still list documents by rendering some velocity documents. The problem has been patched in XWiki versions 12.10.11, 13.4.4, and 13.9-rc-1. There is no known workaround for this problem.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-24819 ‼
📖 Read
via "National Vulnerability Database".
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. A guest user without the right to view pages of the wiki can still list documents related to users of the wiki. The problem has been patched in XWiki versions 12.10.11, 13.4.4, and 13.9-rc-1. There is no known workaround for this problem.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-43149 ‼
📖 Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.📖 Read
via "National Vulnerability Database".