🛡 Cybersecurity & Privacy 🛡 - News
@cibsecurity
25.8K subscribers
89.2K links
🗞 The finest daily news on cybersecurity and privacy.

🔔 Daily releases.

💻 Is your online life secure?

📩 lalilolalo.dev@gmail.com
Download Telegram
About
Blog
Apps
Platform
Join
🛡 Cybersecurity & Privacy 🛡 - News
25.8K subscribers
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-30411

Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/admin/?page=individuals/view_individual&id=.

📖 Read

via "National Vulnerability Database".
126 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-28830

Adobe Framemaker versions 2029u8 (and earlier) and 2020u4 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.

📖 Read

via "National Vulnerability Database".
127 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-30399

Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=maintenance/manage_category&id=.

📖 Read

via "National Vulnerability Database".
126 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-30395

Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_cart.

📖 Read

via "National Vulnerability Database".
119 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-30375

Sourcecodester Simple Social Networking Site v1.0 is vulnerable to file deletion via /sns/classes/Master.php?f=delete_img.

📖 Read

via "National Vulnerability Database".
120 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-30403

Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/?p=products&c=.

📖 Read

via "National Vulnerability Database".
119 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-29792

The chip component has a vulnerability of disclosing CPU SNs.Successful exploitation of this vulnerability may affect data confidentiality.

📖 Read

via "National Vulnerability Database".
118 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-30402

Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=maintenance/manage_sub_category&id=.

📖 Read

via "National Vulnerability Database".
118 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-30392

Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_sub_category.

📖 Read

via "National Vulnerability Database".
121 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-30401

Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/?p=view_product&id=.

📖 Read

via "National Vulnerability Database".
123 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-30379

Sourcecodester Simple Social Networking Site v1.0 is vulnerable to SQL Injection via /sns/admin/?page=user/manage_user&id=.

📖 Read

via "National Vulnerability Database".
128 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-29791

The HiAIserver has a vulnerability in verifying the validity of the weight used in the model.Successful exploitation of this vulnerability will affect AI services.

📖 Read

via "National Vulnerability Database".
129 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-29854

A vulnerability in Mitel 6900 Series IP (MiNet) phones excluding 6970, versions 1.8 (1.8.0.12) and earlier, could allow a unauthenticated attacker with physical access to the phone to gain root access due to insufficient access control for test functionality during system startup. A successful exploit could allow access to sensitive information and code execution.

📖 Read

via "National Vulnerability Database".
142 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-30391

Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/classes/Master.php?f=delete_category.

📖 Read

via "National Vulnerability Database".
149 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-30376

Sourcecodester Simple Social Networking Site v1.0 is vulnerable to SQL Injection via /sns/admin/members/view_member.php?id=.

📖 Read

via "National Vulnerability Database".
158 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-30396

Merchandise Online Store v1.0 is vulnerable to SQL Injection via /vloggers_merch/admin/?page=inventory/manage_inventory&id=.

📖 Read

via "National Vulnerability Database".
163 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-30415

Covid-19 Travel Pass Management System v1.0 is vulnerable to SQL Injection via /ctpms/admin/applications/update_status.php?id=.

📖 Read

via "National Vulnerability Database".
190 views
🛡 Cybersecurity & Privacy 🛡 - News
🛠 COOPER Analysis Tool 🛠

Cooper utilizes cooperative mutation to test the binding code of scripting languages to find memory-safe issues. Cooperative mutation simultaneously modifies the script code and the related document objects to explore various code paths of the binding code. To support cooperative mutation, the authors infer the relationship between script code and document objects to guide the two-dimensional mutation. They applied their tool Cooper on three popular commercial PDF tools, Adobe Acrobat, Foxit Reader, and Microsoft Word. Cooper detected 134 previously unknown bugs, which resulted in 33 CVE entries and 22K bug bounties.

📖 Read

via "Packet Storm Security".
Packetstormsecurity
COOPER Analysis Tool ≈ Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
272 views
🛡 Cybersecurity & Privacy 🛡 - News
🕴 Linux, OpenSSF Champion Plan to Improve Open Source Security 🕴

The White House and tech industry pledge $150 million over two years to boost open source resiliency and supply chain security.

📖 Read

via "Dark Reading".
Dark Reading
Linux, OpenSSF Champion Plan to Improve Open Source Security
The White House and tech industry pledge $150 million over two years to boost open source resiliency and supply chain security.
239 views
🛡 Cybersecurity & Privacy 🛡 - News
🔏 Friday Five 5/13 🔏

Data privacy concerns on the rise, Costa Rica fights back against ransomware, and new cybersecurity legislation making its way through Congress - read about this and more in this week's Friday Five!


📖 Read

via "".
Digital Guardian
Friday Five 5/13
Data privacy concerns on the rise, Costa Rica fights back against ransomware, and new cybersecurity legislation making its way through Congress - read about this and more in this week's Friday Five!
237 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-1715

Account Takeover in GitHub repository neorazorx/facturascripts prior to 2022.07.

📖 Read

via "National Vulnerability Database".
207 views