βΌ CVE-2022-34494 βΌ
π Read
via "National Vulnerability Database".
rpmsg_virtio_add_ctrl_dev in drivers/rpmsg/virtio_rpmsg_bus.c in the Linux kernel before 5.18.4 has a double free.π Read
via "National Vulnerability Database".
βΌ CVE-2020-9754 βΌ
π Read
via "National Vulnerability Database".
NAVER Whale browser mobile app before 1.10.6.2 allows the attacker to bypass its browser unlock function via incognito mode.π Read
via "National Vulnerability Database".
βΌ CVE-2022-33202 βΌ
π Read
via "National Vulnerability Database".
Authentication bypass vulnerability in the setup screen of L2Blocker(on-premise) Ver4.8.5 and earlier and L2Blocker(Cloud) Ver4.8.5 and earlier allows an adjacent attacker to perform an unauthorized login and obtain the stored information or cause a malfunction of the device by using alternative paths or channels for Sensor.π Read
via "National Vulnerability Database".
π1
βΌ CVE-2022-33146 βΌ
π Read
via "National Vulnerability Database".
Open redirect vulnerability in web2py versions prior to 2.22.5 allows a remote attacker to redirect a user to an arbitrary web site and conduct a phishing attack by having a user to access a specially crafted URL.π Read
via "National Vulnerability Database".
βΌ CVE-2022-1846 βΌ
π Read
via "National Vulnerability Database".
The Tiny Contact Form WordPress plugin through 0.7 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attackπ Read
via "National Vulnerability Database".
βΌ CVE-2022-1573 βΌ
π Read
via "National Vulnerability Database".
The HTML2WP WordPress plugin through 1.0.0 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change themπ Read
via "National Vulnerability Database".
βΌ CVE-2022-1095 βΌ
π Read
via "National Vulnerability Database".
The Mihdan: No External Links WordPress plugin through 4.8.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)π Read
via "National Vulnerability Database".
βΌ CVE-2022-1572 βΌ
π Read
via "National Vulnerability Database".
The HTML2WP WordPress plugin through 1.0.0 does not have authorisation and CSRF checks in an AJAX action, available to any authenticated users such as subscriber, which could allow them to delete arbitrary fileπ Read
via "National Vulnerability Database".
βΌ CVE-2022-0722 βΌ
π Read
via "National Vulnerability Database".
Exposure of Sensitive Information to an Unauthorized Actor in GitHub repository ionicabizau/parse-url prior to 7.0.0.π Read
via "National Vulnerability Database".
βΌ CVE-2021-40897 βΌ
π Read
via "National Vulnerability Database".
A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in split-html-to-chars v1.0.5 when splitting crafted invalid htmls.π Read
via "National Vulnerability Database".
βΌ CVE-2022-2217 βΌ
π Read
via "National Vulnerability Database".
Cross-site Scripting (XSS) - Generic in GitHub repository ionicabizau/parse-url prior to 7.0.0.π Read
via "National Vulnerability Database".
βΌ CVE-2021-40895 βΌ
π Read
via "National Vulnerability Database".
A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in todo-regex v0.1.1 when matching crafted invalid TODO statements.π Read
via "National Vulnerability Database".
βΌ CVE-2021-40899 βΌ
π Read
via "National Vulnerability Database".
A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in repo-git-downloader v0.1.1 when downloading crafted invalid git repositories.π Read
via "National Vulnerability Database".
βΌ CVE-2021-40896 βΌ
π Read
via "National Vulnerability Database".
A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in that-value v0.1.3 when validating crafted invalid emails.π Read
via "National Vulnerability Database".
βΌ CVE-2021-40898 βΌ
π Read
via "National Vulnerability Database".
A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in scaffold-helper v1.2.0 when copying crafted invalid files.π Read
via "National Vulnerability Database".
π What is Intellectual Property? Understanding IP Rights, Negligence, Infringement & More π
π Read
via "".
What is intellectual property? We define the term and explain how IP negligence and infringement can harm your organization.π Read
via "".
Digital Guardian
What is Intellectual Property? Understanding IP Rights, Negligence, Infringement & More
What is intellectual property? We define the term and explain how IP negligence and infringement can harm your organization.
ποΈ Oracle patches βmiracle exploitβ impacting Middleware Fusion, cloud services ποΈ
π Read
via "The Daily Swig".
Researchers describe discovery of βmegaβ zero-dayπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Oracle patches βmiracle exploitβ impacting Middleware Fusion, cloud services
Researchers describe discovery of βmegaβ zero-day
π΄ It's a Race to Secure the Software Supply Chain β Have You Already Stumbled? π΄
π Read
via "Dark Reading".
If you haven't properly addressed the issue, you're already behind. But even if you've had a false start, it's never too late to get back up.π Read
via "Dark Reading".
Dark Reading
It's a Race to Secure the Software Supply Chain β Have You Already Stumbled?
If you haven't properly addressed the issue, you're already behind. But even if you've had a false start, it's never too late to get back up.
β OpenSSL issues a bugfix for the previous bugfix β
π Read
via "Naked Security".
Fortunately, it's not a major bugfix, which means it's easy to patch and can teach us all some useful lessons.π Read
via "Naked Security".
Naked Security
OpenSSL issues a bugfix for the previous bugfix
Fortunately, itβs not a major bugfix, which means itβs easy to patch and can teach us all some useful lessons.
βΌ CVE-2021-40900 βΌ
π Read
via "National Vulnerability Database".
A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in regexfn v1.0.5 when validating crafted invalid emails.π Read
via "National Vulnerability Database".
βΌ CVE-2021-40901 βΌ
π Read
via "National Vulnerability Database".
A Regular Expression Denial of Service (ReDOS) vulnerability was discovered in scniro-validator v1.0.1 when validating crafted invalid emails.π Read
via "National Vulnerability Database".