π΄ Data Transformation: 3 Sessions to Attend at RSA 2022 π΄
π Read
via "Dark Reading".
Three RSA 2022 sessions take deep dives into the security considerations around data cloud transformation.π Read
via "Dark Reading".
Darkreading
Data Transformation: 3 Sessions to Attend at RSAC 2022
Three RSAC 2022 sessions take deep dives into the security considerations around data cloud transformation.
βΌ CVE-2020-22983 βΌ
π Read
via "National Vulnerability Database".
A Server-Side Request Forgery (SSRF) vulnerability exists in MicroStrategy Web SDK 11.1 and earlier, allows remote unauthenticated attackers to conduct a server-side request forgery (SSRF) attack via the srcURL parameter to the shortURL task.π Read
via "National Vulnerability Database".
βΌ CVE-2022-30372 βΌ
π Read
via "National Vulnerability Database".
Air Cargo Management System 1.0 is vulnerable to SQL Injection via /acms/classes/Master.php?f=delete_cargo.π Read
via "National Vulnerability Database".
βΌ CVE-2021-42969 βΌ
π Read
via "National Vulnerability Database".
Certain Anaconda3 2021.05 are affected by OS command injection. When a user installs Anaconda, an attacker can create a new file and write something in usercustomize.py. When the user opens the terminal or activates Anaconda, the command will be executed.π Read
via "National Vulnerability Database".
βΌ CVE-2022-30371 βΌ
π Read
via "National Vulnerability Database".
Air Cargo Management System 1.0 is vulnerable to SQL Injection via /acms/admin/cargo_types/view_cargo_type.php?id=.π Read
via "National Vulnerability Database".
βΌ CVE-2022-30370 βΌ
π Read
via "National Vulnerability Database".
Air Cargo Management System 1.0 is vulnerable to SQL Injection via /acms/classes/Master.php?f=delete_cargo_type.π Read
via "National Vulnerability Database".
βΌ CVE-2022-30374 βΌ
π Read
via "National Vulnerability Database".
Air Cargo Management System 1.0 is vulnerable to SQL Injection via /acms/admin/?page=transactions/manage_transaction&id=.π Read
via "National Vulnerability Database".
βΌ CVE-2021-42967 βΌ
π Read
via "National Vulnerability Database".
Unrestricted file upload in /novel-admin/src/main/java/com/java2nb/common/controller/FileController.java in novel-plus all versions allows allows an attacker to upload malicious JSP files.π Read
via "National Vulnerability Database".
βΌ CVE-2022-29383 βΌ
π Read
via "National Vulnerability Database".
NETGEAR ProSafe SSL VPN firmware FVS336Gv2 and FVS336Gv3 was discovered to contain a SQL injection vulnerability via USERDBDomains.Domainname at cgi-bin/platform.cgi.π Read
via "National Vulnerability Database".
βΌ CVE-2022-30489 βΌ
π Read
via "National Vulnerability Database".
WAVLINK WN535 G3 was discovered to contain a cross-site scripting (XSS) vulnerability via the hostname parameter at /cgi-bin/login.cgi.π Read
via "National Vulnerability Database".
βΌ CVE-2022-30373 βΌ
π Read
via "National Vulnerability Database".
Air Cargo Management System 1.0 is vulnerable to SQL Injection via /acms/admin/cargo_types/manage_cargo_type.php?id=.π Read
via "National Vulnerability Database".
β S3 Ep82: Bugs, bugs, bugs (and Colonial Pipeline again) [Podcast] β
π Read
via "Naked Security".
Latest episode - lots to learn - plain English - fun with a serious side - listen now!π Read
via "Naked Security".
Naked Security
S3 Ep82: Bugs, bugs, bugs (and Colonial Pipeline again) [Podcast]
Latest episode β lots to learn β plain English β fun with a serious side β listen now!
β Serious Security: Learning from curlβs latest bug update β
π Read
via "Naked Security".
Learn how to write plain-speaking and purposeful security advisories from one of the most widely-used open source tools in the world.π Read
via "Naked Security".
Naked Security
Serious Security: Learning from curlβs latest bug update
Learn how to write plain-speaking and purposeful security advisories from one of the most widely-used open source tools in the world.
β He cracked passwords for a living β now heβs serving 4 years in prison β
π Read
via "Naked Security".
Crooks don't need a password for every user on your network to break in and wreak havoc. One could be enough...π Read
via "Naked Security".
π΄ Log4Shell Exploit Threatens Enterprise Data Lakes, AI Poisoning π΄
π Read
via "Dark Reading".
A brand-new attack vector lays open enterprise data lakes, threatening grave consequences for AI use cases like telesurgery or autonomous cars.π Read
via "Dark Reading".
Dark Reading
Log4Shell Exploit Threatens Enterprise Data Lakes, AI Poisoning
A brand-new attack vector lays open enterprise data lakes, threatening grave consequences for AI use cases like telesurgery or autonomous cars.
ποΈ Black Hat Asia: βIf democracy is to survive, technology will have to be tamedβ ποΈ
π Read
via "The Daily Swig".
Indian tech policy expert Samir Saran says itβs not too late to βcourse-correctβ after a βchallenging decadeβ for liberal democraciesπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Black Hat Asia: βIf democracy is to survive, technology will have to be tamedβ
Indian tech policy expert Samir Saran says itβs not too late to βcourse-correctβ after a βchallenging decadeβ for liberal democracies
βΌ CVE-2022-28827 βΌ
π Read
via "National Vulnerability Database".
Adobe Framemaker versions 2029u8 (and earlier) and 2020u4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.π Read
via "National Vulnerability Database".
βΌ CVE-2022-29790 βΌ
π Read
via "National Vulnerability Database".
The graphics acceleration service has a vulnerability in multi-thread access to the database.Successful exploitation of this vulnerability may cause service exceptions.π Read
via "National Vulnerability Database".
βΌ CVE-2022-28826 βΌ
π Read
via "National Vulnerability Database".
Adobe Framemaker versions 2029u8 (and earlier) and 2020u4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.π Read
via "National Vulnerability Database".
βΌ CVE-2022-29794 βΌ
π Read
via "National Vulnerability Database".
The frame scheduling module has a Use After Free (UAF) vulnerability.Successful exploitation of this vulnerability will affect data integrity, availability, and confidentiality.π Read
via "National Vulnerability Database".
βΌ CVE-2022-30386 βΌ
π Read
via "National Vulnerability Database".
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_featured.π Read
via "National Vulnerability Database".