βΌ CVE-2021-42967 βΌ
π Read
via "National Vulnerability Database".
Unrestricted file upload in /novel-admin/src/main/java/com/java2nb/common/controller/FileController.java in novel-plus all versions allows allows an attacker to upload malicious JSP files.π Read
via "National Vulnerability Database".
βΌ CVE-2022-29383 βΌ
π Read
via "National Vulnerability Database".
NETGEAR ProSafe SSL VPN firmware FVS336Gv2 and FVS336Gv3 was discovered to contain a SQL injection vulnerability via USERDBDomains.Domainname at cgi-bin/platform.cgi.π Read
via "National Vulnerability Database".
βΌ CVE-2022-30489 βΌ
π Read
via "National Vulnerability Database".
WAVLINK WN535 G3 was discovered to contain a cross-site scripting (XSS) vulnerability via the hostname parameter at /cgi-bin/login.cgi.π Read
via "National Vulnerability Database".
βΌ CVE-2022-30373 βΌ
π Read
via "National Vulnerability Database".
Air Cargo Management System 1.0 is vulnerable to SQL Injection via /acms/admin/cargo_types/manage_cargo_type.php?id=.π Read
via "National Vulnerability Database".
β S3 Ep82: Bugs, bugs, bugs (and Colonial Pipeline again) [Podcast] β
π Read
via "Naked Security".
Latest episode - lots to learn - plain English - fun with a serious side - listen now!π Read
via "Naked Security".
Naked Security
S3 Ep82: Bugs, bugs, bugs (and Colonial Pipeline again) [Podcast]
Latest episode β lots to learn β plain English β fun with a serious side β listen now!
β Serious Security: Learning from curlβs latest bug update β
π Read
via "Naked Security".
Learn how to write plain-speaking and purposeful security advisories from one of the most widely-used open source tools in the world.π Read
via "Naked Security".
Naked Security
Serious Security: Learning from curlβs latest bug update
Learn how to write plain-speaking and purposeful security advisories from one of the most widely-used open source tools in the world.
β He cracked passwords for a living β now heβs serving 4 years in prison β
π Read
via "Naked Security".
Crooks don't need a password for every user on your network to break in and wreak havoc. One could be enough...π Read
via "Naked Security".
π΄ Log4Shell Exploit Threatens Enterprise Data Lakes, AI Poisoning π΄
π Read
via "Dark Reading".
A brand-new attack vector lays open enterprise data lakes, threatening grave consequences for AI use cases like telesurgery or autonomous cars.π Read
via "Dark Reading".
Dark Reading
Log4Shell Exploit Threatens Enterprise Data Lakes, AI Poisoning
A brand-new attack vector lays open enterprise data lakes, threatening grave consequences for AI use cases like telesurgery or autonomous cars.
ποΈ Black Hat Asia: βIf democracy is to survive, technology will have to be tamedβ ποΈ
π Read
via "The Daily Swig".
Indian tech policy expert Samir Saran says itβs not too late to βcourse-correctβ after a βchallenging decadeβ for liberal democraciesπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Black Hat Asia: βIf democracy is to survive, technology will have to be tamedβ
Indian tech policy expert Samir Saran says itβs not too late to βcourse-correctβ after a βchallenging decadeβ for liberal democracies
βΌ CVE-2022-28827 βΌ
π Read
via "National Vulnerability Database".
Adobe Framemaker versions 2029u8 (and earlier) and 2020u4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.π Read
via "National Vulnerability Database".
βΌ CVE-2022-29790 βΌ
π Read
via "National Vulnerability Database".
The graphics acceleration service has a vulnerability in multi-thread access to the database.Successful exploitation of this vulnerability may cause service exceptions.π Read
via "National Vulnerability Database".
βΌ CVE-2022-28826 βΌ
π Read
via "National Vulnerability Database".
Adobe Framemaker versions 2029u8 (and earlier) and 2020u4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.π Read
via "National Vulnerability Database".
βΌ CVE-2022-29794 βΌ
π Read
via "National Vulnerability Database".
The frame scheduling module has a Use After Free (UAF) vulnerability.Successful exploitation of this vulnerability will affect data integrity, availability, and confidentiality.π Read
via "National Vulnerability Database".
βΌ CVE-2022-30386 βΌ
π Read
via "National Vulnerability Database".
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_featured.π Read
via "National Vulnerability Database".
βΌ CVE-2022-28822 βΌ
π Read
via "National Vulnerability Database".
Adobe Framemaker versions 2029u8 (and earlier) and 2020u4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.π Read
via "National Vulnerability Database".
βΌ CVE-2021-46785 βΌ
π Read
via "National Vulnerability Database".
The Property module has a vulnerability in permission control.This vulnerability can be exploited to obtain the unique device identifier.π Read
via "National Vulnerability Database".
βΌ CVE-2022-30417 βΌ
π Read
via "National Vulnerability Database".
Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via ctpms/admin/?page=user/manage_user&id=.π Read
via "National Vulnerability Database".
βΌ CVE-2022-22261 βΌ
π Read
via "National Vulnerability Database".
The HiAIserver has a vulnerability in verifying the validity of the weight used in the model.Successful exploitation of this vulnerability will affect AI services.π Read
via "National Vulnerability Database".
βΌ CVE-2022-30381 βΌ
π Read
via "National Vulnerability Database".
Merchandise Online Store v1.0 is vulnerable to file deletion via /vloggers_merch/classes/Master.php?f=delete_img.π Read
via "National Vulnerability Database".
βΌ CVE-2022-30384 βΌ
π Read
via "National Vulnerability Database".
Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_inventory.π Read
via "National Vulnerability Database".
βΌ CVE-2022-28821 βΌ
π Read
via "National Vulnerability Database".
Adobe Framemaker versions 2029u8 (and earlier) and 2020u4 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.π Read
via "National Vulnerability Database".