‼ CVE-2022-28487 ‼
📖 Read
via "National Vulnerability Database".
Tcpreplay version 4.4.1 contains a memory leakage flaw in fix_ipv6_checksums() function. The highest threat from this vulnerability is to data confidentiality.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-25787 ‼
📖 Read
via "National Vulnerability Database".
Information Exposure Through Query Strings in GET Request vulnerability in LMM API of Secomea GateManager allows system administrator to hijack connection. This issue affects: Secomea GateManager all versions prior to 9.7.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-28066 ‼
📖 Read
via "National Vulnerability Database".
Libarchive v3.6.0 was discovered to contain a read memory access vulnerability via the function lzma_decode.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-25785 ‼
📖 Read
via "National Vulnerability Database".
Stack-based Buffer Overflow vulnerability in SiteManager allows logged-in or local user to cause arbitrary code execution. This issue affects: Secomea SiteManager all versions prior to 9.7.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-25781 ‼
📖 Read
via "National Vulnerability Database".
Cross-site Scripting (XSS) vulnerability in Web UI of Secomea GateManager allows phishing attacker to inject javascript or html into logged in user session.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-28067 ‼
📖 Read
via "National Vulnerability Database".
An incorrect access control issue in Sandboxie Classic v5.55.13 allows attackers to cause a Denial of Service (DoS) in the Sandbox via a crafted executable.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-28488 ‼
📖 Read
via "National Vulnerability Database".
The function wav_format_write in libwav.c in libwav through 2017-04-20 has an Use of Uninitialized Variable vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-25783 ‼
📖 Read
via "National Vulnerability Database".
Insufficient Logging vulnerability in web server of Secomea GateManager allows logged in user to issue improper queries without logging. This issue affects: Secomea GateManager versions prior to 9.7.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-28806 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered on certain Fujitsu LIEFBOOK devices (A3510, U9310, U7511/U7411/U7311, U9311, E5510/E5410, U7510/U7410/U7310, E459/E449) with BIOS versions before v1.09 (A3510), v2.17 (U9310), v2.30 (U7511/U7411/U7311), v2.33 (U9311), v2.23 (E5510), v2.19 (U7510/U7410), v2.13 (U7310), and v1.09 (E459/E449). The FjGabiFlashCoreAbstractionSmm driver registers a Software System Management Interrupt (SWSMI) handler that is not sufficiently validated to ensure that the CommBuffer (or any other communication buffer's nested contents) are not pointing to SMRAM contents. A potential attacker can therefore write fixed data to SMRAM, which could lead to data corruption inside this memory (e.g., change the SMI handler's code or modify SMRAM map structures to break input pointer validation for other SMI handlers). Thus, the attacker could elevate privileges from ring 0 to ring -2 and execute arbitrary code in SMM.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-25780 ‼
📖 Read
via "National Vulnerability Database".
Information Exposure vulnerability in web UI of Secomea GateManager allows logged in user to query devices outside own scope.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-29950 ‼
📖 Read
via "National Vulnerability Database".
Experian Hunter 1.16 allows remote authenticated users to modify assumed-immutable elements via the (1) rule name parameter to the Rules page or the (2) subrule name or (3) categories name parameter to the Subrules page.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-25782 ‼
📖 Read
via "National Vulnerability Database".
Improper Handling of Insufficient Privileges vulnerability in Web UI of Secomea GateManager allows logged in user to access and update privileged information. This issue affects: Secomea GateManager versions prior to 9.7.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-28082 ‼
📖 Read
via "National Vulnerability Database".
Tenda AX12 v22.03.01.21_CN was discovered to contain a stack overflow via the list parameter at /goform/SetNetControlList.📖 Read
via "National Vulnerability Database".
🕴 Security Stuff Happens: What Will the Public Hear When You Say You've Been Breached? 🕴
📖 Read
via "Dark Reading".
A company's response to a breach is more important than almost anything else. But what constitutes a "good" response following a security incident? (Part 2 of a series.)📖 Read
via "Dark Reading".
Darkreading
Security Stuff Happens: What Will the Public Hear When You Say You've Been Breached?
A company's response to a breach is more important than almost anything else. But what constitutes a "good" response following a security incident? (Part 2 of a series.)
🕴 New Ransomware Variant Linked to North Korean Cyber Army 🕴
📖 Read
via "Dark Reading".
Researchers use code, Bitcoin transactions to link ransomware attacks on banks to DPRK-sponsored actors.📖 Read
via "Dark Reading".
Darkreading
VHD Ransomware Variant Linked to North Korean Cyber Army
Researchers use code, Bitcoin transactions to link ransomware attacks on banks to DPRK-sponsored actors.
❌ China-linked APT Caught Pilfering Treasure Trove of IP ❌
📖 Read
via "Threat Post".
A state-sponsored threat actor designed a house-of-cards style infection chain to exfiltrate massive troves of highly sensitive data.📖 Read
via "Threat Post".
Threat Post
China-linked APT Caught Pilfering Treasure Trove of IP
A state-sponsored threat actor designed a house-of-cards style infection chain to exfiltrate massive troves of highly sensitive data.
‼ CVE-2022-20764 ‼
📖 Read
via "National Vulnerability Database".
Multiple vulnerabilities in the web engine of Cisco TelePresence Collaboration Endpoint (CE) Software and Cisco RoomOS Software could allow a remote attacker to cause a denial of service (DoS) condition, view sensitive data on an affected device, or redirect users to an attacker-controlled destination. For more information about these vulnerabilities, see the Details section of this advisory.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-20753 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability in web-based management interface of Cisco Small Business RV340 and RV345 Routers could allow an authenticated, remote attacker to execute arbitrary code on an affected device. This vulnerability is due to insufficient validation of user-supplied input. An attacker could exploit this vulnerability by sending malicious input to an affected device. A successful exploit could allow the attacker to execute remote code on the affected device. To exploit this vulnerability, an attacker would need to have valid Administrator credentials on the affected device.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-20801 ‼
📖 Read
via "National Vulnerability Database".
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV340 and RV345 Routers could allow an authenticated, remote attacker to inject and execute arbitrary commands on the underlying operating system of an affected device. These vulnerabilities are due to insufficient validation of user-supplied input. An attacker could exploit these vulnerabilities by sending malicious input to an affected device. A successful exploit could allow the attacker to execute arbitrary commands on the underlying Linux operating system of the affected device. To exploit these vulnerabilities, an attacker would need to have valid Administrator credentials on the affected device.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-42235 ‼
📖 Read
via "National Vulnerability Database".
SQL injection in osTicket before 1.14.8 and 1.15.4 login and password reset process allows attackers to access the osTicket administration profile functionality.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-41020 ‼
📖 Read
via "National Vulnerability Database".
An improper access control vulnerability [CWE-284] in FortiIsolator versions 2.3.2 and below may allow an authenticated, non privileged attacker to regenerate the CA certificate via the regeneration URL.📖 Read
via "National Vulnerability Database".