‼ CVE-2022-30657 ‼
📖 Read
via "National Vulnerability Database".
Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by a Use-After-Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-32547 ‼
📖 Read
via "National Vulnerability Database".
In ImageMagick, there is load of misaligned address for type 'double', which requires 8 byte alignment and for type 'float', which requires 4 byte alignment at MagickCore/property.c. Whenever crafted or untrusted input is processed by ImageMagick, this causes a negative impact to application availability or other problems related to undefined behavior.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-29866 ‼
📖 Read
via "National Vulnerability Database".
OPC UA .NET Standard Stack 1.04.368 allows a remote attacker to exhaust the memory resources of a server via a crafted request that triggers Uncontrolled Resource Consumption.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-30656 ‼
📖 Read
via "National Vulnerability Database".
Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-30652 ‼
📖 Read
via "National Vulnerability Database".
Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-27512 ‼
📖 Read
via "National Vulnerability Database".
Temporary disruption of the ADM license service. The impact of this includes preventing new licenses from being issued or renewed by Citrix ADM.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-30654 ‼
📖 Read
via "National Vulnerability Database".
Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-32545 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned char' at coders/psd.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined behavior.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-41487 ‼
📖 Read
via "National Vulnerability Database".
NOKIA VitalSuite SPM 2020 is affected by SQL injection through UserName'.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-31464 ‼
📖 Read
via "National Vulnerability Database".
Insecure permissions configuration in Adaware Protect v1.2.439.4251 allows attackers to escalate privileges via changing the service binary path.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-31301 ‼
📖 Read
via "National Vulnerability Database".
Haraj v3.7 was discovered to contain a stored cross-site scripting (XSS) vulnerability in the Post Ads component.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-32546 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability was found in ImageMagick, causing an outside the range of representable values of type 'unsigned long' at coders/pcl.c, when crafted or untrusted input is processed. This leads to a negative impact to application availability or other problems related to undefined behavior.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-31294 ‼
📖 Read
via "National Vulnerability Database".
An issue in the save_users() function of Online Discussion Forum Site 1 allows unauthenticated attackers to arbitrarily create or update user accounts.📖 Read
via "National Vulnerability Database".
🕴 Microsoft 365 Function Leaves SharePoint, OneDrive Files Open to Ransomware Attacks 🕴
📖 Read
via "Dark Reading".
SharePoint and OneDrive libraries can be encrypted in ransomware attack, researchers say.📖 Read
via "Dark Reading".
Dark Reading
Microsoft 365 Function Leaves SharePoint, OneDrive Files Open to Ransomware Attacks
SharePoint and OneDrive libraries can be encrypted in ransomware attack, researchers say.
🕴 BlastWave Announces Enhancements to Its Zero-Trust Security Software Solution, BlastShield 🕴
📖 Read
via "Dark Reading".
Update allows BlastShield users to link with hybrid cloud network providers like AWS, Google, and the most recent addition, Azure, in one secure environment.📖 Read
via "Dark Reading".
Dark Reading
BlastWave Announces Enhancements to Its Zero-Trust Security Software Solution, BlastShield
Update allows BlastShield users to link with hybrid cloud network providers like AWS, Google, and the most recent addition, Azure, in one secure environment.
🕴 Internet Explorer Now Retired but Still an Attacker Target 🕴
📖 Read
via "Dark Reading".
Though the once-popular browser is officially now history as far as Microsoft support goes, adversaries won't stop attacking it, security experts say.📖 Read
via "Dark Reading".
Dark Reading
Internet Explorer Now Retired but Still an Attacker Target
Though the once-popular browser is officially now history as far as Microsoft support goes, adversaries won't stop attacking it, security experts say.
‼ CVE-2021-36608 ‼
📖 Read
via "National Vulnerability Database".
Cross Site Scripting (XSS) vulnerability in webTareas 2.2p1 via the Name field to /projects/editproject.php.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-33295 ‼
📖 Read
via "National Vulnerability Database".
Cross Site Scripting (XSS) vulnerability in Joplin Desktop App before 1.8.5 allows attackers to execute aribrary code due to improper sanitizing of html.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-37764 ‼
📖 Read
via "National Vulnerability Database".
Arbitrary File Deletion vulnerability in XOS-Shop xos_shop_system 1.0.9 via current_manufacturer_image parameter to /shop/admin/manufacturers.php.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-46820 ‼
📖 Read
via "National Vulnerability Database".
Arbitrary File Deletion vulnerability in XOS-Shop xos_shop_system 1.0.9 via current_manufacturer_image parameter to /shop/admin/categories.php📖 Read
via "National Vulnerability Database".
‼ CVE-2020-28865 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in PowerJob through 3.2.2, allows attackers to change arbitrary user passwords via the id parameter to /appinfo/save.📖 Read
via "National Vulnerability Database".