🛡 Cybersecurity & Privacy 🛡 - News
@cibsecurity
25.8K subscribers
89.2K links
🗞 The finest daily news on cybersecurity and privacy.

🔔 Daily releases.

💻 Is your online life secure?

📩 lalilolalo.dev@gmail.com
Download Telegram
About
Blog
Apps
Platform
Join
🛡 Cybersecurity & Privacy 🛡 - News
25.8K subscribers
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-29983 ‼

Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/?page=invoice/view_invoice&id=.

📖 Read

via "National Vulnerability Database".
127 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-29995 ‼

Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/?page=clients/manage_client&id=.

📖 Read

via "National Vulnerability Database".
129 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-29981 ‼

Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/classes/Users.php?f=delete.

📖 Read

via "National Vulnerability Database".
124 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-29987 ‼

Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/?page=user/manage_user&id=.

📖 Read

via "National Vulnerability Database".
122 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-29747 ‼

Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/admin/?page=invoice/manage_invoice&id= // Leak place ---> id.

📖 Read

via "National Vulnerability Database".
125 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-29994 ‼

Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/?page=facilities/manage_facility&id=.

📖 Read

via "National Vulnerability Database".
125 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-29985 ‼

Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via \scbs\classes\Master.php?f=delete_category.

📖 Read

via "National Vulnerability Database".
128 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-29538 ‼

RESI Gemini-Net Web 4.2 is affected by Improper Access Control in authorization logic. An unauthenticated user is able to access some critical resources.

📖 Read

via "National Vulnerability Database".
134 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-29539 ‼

resi-calltrace in RESI Gemini-Net 4.2 is affected by OS Command Injection. It does not properly check the parameters sent as input before they are processed on the server. Due to the lack of validation of user input, an unauthenticated attacker can bypass the syntax intended by the software (e.g., concatenate `&|;\r\ commands) and inject arbitrary system commands with the privileges of the application user.

📖 Read

via "National Vulnerability Database".
145 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-29750 ‼

Simple Client Management System 1.0 is vulnerable to SQL Injection via /cms/classes/Master.php?f=delete_service.

📖 Read

via "National Vulnerability Database".
165 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-29748 ‼

Simple Client Management System 1.0 is vulnerable to SQL Injection via \cms\admin?page=client/manage_client&id=.

📖 Read

via "National Vulnerability Database".
184 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-29993 ‼

Online Sports Complex Booking System 1.0 is vulnerable to SQL Injection via /scbs/admin/bookings/view_booking.php?id=.

📖 Read

via "National Vulnerability Database".
210 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-30279 ‼

An issue was discovered in Stormshield Network Security (SNS) 4.3.x before 4.3.8. The event logging of the ASQ sofbus lacbus plugin triggers the dereferencing of a NULL pointer, leading to a crash of SNS. An attacker could exploit this vulnerability via forged sofbus lacbus traffic to cause a firmware crash.

📖 Read

via "National Vulnerability Database".
227 views
🛡 Cybersecurity & Privacy 🛡 - News
🕴 Needs Improvement: Scoring Biden's Cyber Executive Order 🕴

One year after it was issued, has President Biden's Cyber Executive Order had an impact?

📖 Read

via "Dark Reading".
Darkreading
Needs Improvement: Scoring Biden's Cyber Executive Order
One year after it was issued, has President Biden's Cyber Executive Order had an impact?
213 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2021-33082 ‼

Sensitive information in resource not removed before reuse in firmware for some Intel(R) SSD and Intel(R) Optane(TM) SSD Products may allow an unauthenticated user to potentially enable information disclosure via physical access.

📖 Read

via "National Vulnerability Database".
182 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2021-33074 ‼

Protection mechanism failure in firmware for some Intel(R) SSD, Intel(R) SSD DC and Intel(R) Optane(TM) SSD Products may allow an unauthenticated user to potentially enable information disclosure via physical access.

📖 Read

via "National Vulnerability Database".
169 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-21136 ‼

Improper input validation for some Intel(R) Xeon(R) Processors may allow a privileged user to potentially enable denial of service via local access.

📖 Read

via "National Vulnerability Database".
140 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-21182 ‼

A privilege escalation vulnerability exists in the router configuration import functionality of InHand Networks InRouter302 V3.5.4. A specially-crafted HTTP request can lead to increased privileges. An attacker can send an HTTP request to trigger this vulnerability.

📖 Read

via "National Vulnerability Database".
120 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2021-33075 ‼

Race condition in firmware for some Intel(R) Optane(TM) SSD, Intel(R) Optane(TM) SSD DC and Intel(R) SSD DC Products may allow a privileged user to potentially enable denial of service via local access.

📖 Read

via "National Vulnerability Database".
109 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2021-0155 ‼

Unchecked return value in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable information disclosure via local access.

📖 Read

via "National Vulnerability Database".
106 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2021-0190 ‼

Uncaught exception in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable aescalation of privilege via local access.

📖 Read

via "National Vulnerability Database".
104 views