βΌ CVE-2022-26750 βΌ
π Read
via "National Vulnerability Database".
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges.π Read
via "National Vulnerability Database".
βΌ CVE-2022-26769 βΌ
π Read
via "National Vulnerability Database".
A memory corruption issue was addressed with improved input validation. This issue is fixed in Security Update 2022-004 Catalina, macOS Monterey 12.4, macOS Big Sur 11.6.6. A malicious application may be able to execute arbitrary code with kernel privileges.π Read
via "National Vulnerability Database".
βΌ CVE-2022-30584 βΌ
π Read
via "National Vulnerability Database".
Archer Platform 6.3 before 6.11 (6.11.0.0) contains an Improper Access Control Vulnerability within SSO ADFS functionality that could potentially be exploited by malicious users to compromise the affected system. 6.10 P3 (6.10.0.3) and 6.9 SP3 P4 (6.9.3.4) are also fixed releases.π Read
via "National Vulnerability Database".
βΌ CVE-2022-26745 βΌ
π Read
via "National Vulnerability Database".
A memory corruption issue was addressed with improved validation. This issue is fixed in macOS Big Sur 11.6.6. A malicious application may disclose restricted memory.π Read
via "National Vulnerability Database".
βΌ CVE-2022-26768 βΌ
π Read
via "National Vulnerability Database".
A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Monterey 12.4, watchOS 8.6, tvOS 15.5, macOS Big Sur 11.6.6. An application may be able to execute arbitrary code with kernel privileges.π Read
via "National Vulnerability Database".
βΌ CVE-2022-30585 βΌ
π Read
via "National Vulnerability Database".
The REST API in Archer Platform 6.x before 6.11 (6.11.0.0) contains an Authorization Bypass Vulnerability. A remote authenticated malicious user could potentially exploit this vulnerability to view sensitive information. 6.10 P3 (6.10.0.3) and 6.9 SP3 P4 (6.9.3.4) are also fixed releases.π Read
via "National Vulnerability Database".
βΌ CVE-2022-26753 βΌ
π Read
via "National Vulnerability Database".
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges.π Read
via "National Vulnerability Database".
βΌ CVE-2022-26754 βΌ
π Read
via "National Vulnerability Database".
A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.4. An application may be able to execute arbitrary code with kernel privileges.π Read
via "National Vulnerability Database".
π΄ Microsoft Unveils Dev Box, a Workstation-as-a-Service π΄
π Read
via "Dark Reading".
Microsoft Dev Box will make it easier for developers and hybrid teams to get up and running with workstations already preconfigured with required applications and tools.π Read
via "Dark Reading".
Dark Reading
Microsoft Unveils Dev Box, a Workstation-as-a-Service
Microsoft Dev Box will make it easier for developers and hybrid teams to get up and running with workstations already preconfigured with required applications and tools.
π΄ Broadcom Snaps Up VMware in $61B Deal π΄
π Read
via "Dark Reading".
Massive merger will put Broadcom's Symantec and VMware's Carbon Black under one roof.π Read
via "Dark Reading".
Dark Reading
Broadcom Snaps Up VMware in $61B Deal
Massive merger will put Broadcom's Symantec and VMware's Carbon Black under one roof.
π΄ Microsoft Unveils Dev Box, a Workstation-as-a-Service π΄
π Read
via "Dark Reading".
Microsoft Dev Box will make it easier for developers and hybrid teams to get up and running with workstations already preconfigured with required applications and tools.π Read
via "Dark Reading".
Dark Reading
Microsoft Unveils Dev Box, a Workstation-as-a-Service
Microsoft Dev Box will make it easier for developers and hybrid teams to get up and running with workstations already preconfigured with required applications and tools.
βΌ CVE-2022-30687 βΌ
π Read
via "National Vulnerability Database".
Trend Micro Maximum Security 2022 is vulnerable to a link following vulnerability that could allow a low privileged local user to manipulate the productΓ’β¬β’s secure erase feature to delete arbitrary files.π Read
via "National Vulnerability Database".
βΌ CVE-2022-28394 βΌ
π Read
via "National Vulnerability Database".
EOL Product CVE - Installer of Trend Micro Password Manager (Consumer) versions 3.7.0.1223 and below provided by Trend Micro Incorporated contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries (CWE-427). Please note that this was reported on an EOL version of the product, and users are advised to upgrade to the latest supported version (5.x).π Read
via "National Vulnerability Database".
βΌ CVE-2022-30701 βΌ
π Read
via "National Vulnerability Database".
An uncontrolled search path element vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to craft a special configuration file to load an untrusted library with escalated privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2022-30700 βΌ
π Read
via "National Vulnerability Database".
An incorrect permission assignment vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to load a DLL with escalated privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2022-1909 βΌ
π Read
via "National Vulnerability Database".
Cross-site Scripting (XSS) - Stored in GitHub repository causefx/organizr prior to 2.1.2200.π Read
via "National Vulnerability Database".
βΌ CVE-2022-1907 βΌ
π Read
via "National Vulnerability Database".
Buffer Over-read in GitHub repository bfabiszewski/libmobi prior to 0.11.π Read
via "National Vulnerability Database".
βΌ CVE-2022-1908 βΌ
π Read
via "National Vulnerability Database".
Buffer Over-read in GitHub repository bfabiszewski/libmobi prior to 0.11.π Read
via "National Vulnerability Database".
βΌ CVE-2022-1898 βΌ
π Read
via "National Vulnerability Database".
Use After Free in GitHub repository vim/vim prior to 8.2.π Read
via "National Vulnerability Database".
β Critical Flaws in Popular ICS Platform Can Trigger RCE β
π Read
via "Threat Post".
Cisco Talos discovered eight vulnerabilities in the Open Automation Software, two of them critical, that pose risk for critical infrastructure networks.π Read
via "Threat Post".
Threat Post
Critical Flaws in Popular ICS Platform Can Trigger RCE
Cisco Talos discovered eight vulnerabilities in the Open Automation Software, two of them critical, that pose risk for critical infrastructure networks.
ποΈ Security βresearcherβ hits back against claims of malicious CTX file uploads ποΈ
π Read
via "The Daily Swig".
They claim that all data received was deletedπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Security βresearcherβ hits back against claims of malicious CTX file uploads
They claim that all data received was deleted