βΌ CVE-2017-20116 βΌ
π Read
via "National Vulnerability Database".
A vulnerability was found in TrueConf Server 4.3.7. It has been classified as problematic. Affected is an unknown function of the file /admin/group/list/. The manipulation of the argument checked_group_id leads to basic cross site scripting (Reflected). It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used.π Read
via "National Vulnerability Database".
βΌ CVE-2021-39074 βΌ
π Read
via "National Vulnerability Database".
IBM Security Guardium 11.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session.π Read
via "National Vulnerability Database".
βΌ CVE-2017-20118 βΌ
π Read
via "National Vulnerability Database".
A vulnerability was found in TrueConf Server 4.3.7. It has been rated as problematic. Affected by this issue is some unknown functionality of the file /admin/conferences/list/. The manipulation of the argument domxss leads to basic cross site scripting (DOM). The attack may be launched remotely. The exploit has been disclosed to the public and may be used.π Read
via "National Vulnerability Database".
βΌ CVE-2022-33639 βΌ
π Read
via "National Vulnerability Database".
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30192, CVE-2022-33638.π Read
via "National Vulnerability Database".
βΌ CVE-2017-20113 βΌ
π Read
via "National Vulnerability Database".
A vulnerability, which was classified as problematic, was found in TrueConf Server 4.3.7. This affects an unknown part. The manipulation leads to basic cross site scripting (Stored). It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.π Read
via "National Vulnerability Database".
βΌ CVE-2017-20120 βΌ
π Read
via "National Vulnerability Database".
A vulnerability classified as problematic was found in TrueConf Server 4.3.7. This vulnerability affects unknown code of the file /admin/service/stop/. The manipulation leads to cross-site request forgery. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.π Read
via "National Vulnerability Database".
βΌ CVE-2017-20117 βΌ
π Read
via "National Vulnerability Database".
A vulnerability was found in TrueConf Server 4.3.7. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file /admin/group. The manipulation leads to basic cross site scripting (DOM). The attack can be launched remotely. The exploit has been disclosed to the public and may be used.π Read
via "National Vulnerability Database".
βΌ CVE-2017-20115 βΌ
π Read
via "National Vulnerability Database".
A vulnerability was found in TrueConf Server 4.3.7 and classified as problematic. This issue affects some unknown processing of the file /admin/conferences/list/. The manipulation of the argument sort leads to basic cross site scripting (Reflected). The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.π Read
via "National Vulnerability Database".
βΌ CVE-2017-20114 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been found in TrueConf Server 4.3.7 and classified as problematic. This vulnerability affects unknown code of the file /admin/conferences/get-all-status/. The manipulation of the argument keys[] leads to basic cross site scripting (Reflected). The attack can be initiated remotely. The exploit has been disclosed to the public and may be used.π Read
via "National Vulnerability Database".
βΌ CVE-2022-2252 βΌ
π Read
via "National Vulnerability Database".
Open Redirect in GitHub repository microweber/microweber prior to 1.2.19.π Read
via "National Vulnerability Database".
βΌ CVE-2022-30192 βΌ
π Read
via "National Vulnerability Database".
Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-33638, CVE-2022-33639.π Read
via "National Vulnerability Database".
π Global Socket 1.4.36 π
π Read
via "Packet Storm Security".
Global Socket is a tool for moving data from here to there, securely, fast, and through NAT and firewalls. It uses the Global Socket Relay Network to connect TCP pipes, has end-to-end encryption (using OpenSSL's SRP / RFC-5054), AES-256 and key exchange using 4096-bit Prime, requires no PKI, has Perfect Forward Secrecy, and TOR support.π Read
via "Packet Storm Security".
Packetstormsecurity
Global Socket 1.4.36 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
β Leaky Access Tokens Exposed Amazon Photos of Users β
π Read
via "Threat Post".
Hackers with Amazon usersβ authentication tokens couldβve stolen or encrypted personal photos and documents.π Read
via "Threat Post".
Threat Post
Leaky Access Tokens Exposed Amazon Photos of Users
Hackers with Amazon usersβ authentication tokens couldβve stolen or encrypted personal photos and documents.
π1
βΌ CVE-2022-30467 βΌ
π Read
via "National Vulnerability Database".
Joy ebike Wolf Manufacturing year 2022 is vulnerable to Denial of service, which allows remote attackers to jam the key fob request via RF.π Read
via "National Vulnerability Database".
βΌ CVE-2021-40597 βΌ
π Read
via "National Vulnerability Database".
The firmware of EDIMAX IC-3140W Version 3.11 is hardcoded with Administrator username and password.π Read
via "National Vulnerability Database".
π’ FCC commissioner urges Apple and Google to remove TikTok from app stores π’
π Read
via "ITPro".
This comes after it emerged that TikTokβs owners in Beijing have repeatedly accessed sensitive data collected from US citizensπ Read
via "ITPro".
IT PRO
FCC commissioner urges Apple and Google to remove TikTok from app stores | IT PRO
This comes after it emerged that TikTokβs owners in Beijing have repeatedly accessed sensitive data collected from US citizens
π’ Former Uber security chief to face fraud charges over hack coverup π’
π Read
via "ITPro".
This is thought to be the first instance of a corporate information security officer criminally charged with concealing a hackπ Read
via "ITPro".
IT PRO
Former Uber security chief to face fraud charges over hack coverup | IT PRO
This is thought to be the first instance of a corporate information security officer criminally charged with concealing a hack
π’ Atos to advance NATOβs cybersecurity systems π’
π Read
via "ITPro".
The deal covers 22 Nato bases and βupgrades to two key cybersecurity systemsπ Read
via "ITPro".
IT PRO
Atos to advance NATOβs cyber security systems | IT PRO
The deal covers 22 Nato bases and βupgrades to two key cyber security systems
π1
π’ Cyber security holds top spot in IT audit risk list π’
π Read
via "ITPro".
Privacy, data, and regulatory compliance are among other concerns facing IT audit departmentsπ Read
via "ITPro".
IT PRO
Cyber security holds top spot in IT audit risk list | IT PRO
Privacy, data, and regulatory compliance are among other concerns facing IT audit departments
βΌ CVE-2022-34835 βΌ
π Read
via "National Vulnerability Database".
In Das U-Boot through 2022.07-rc5, an integer signedness error and resultant stack-based buffer overflow in the "i2c md" command enables the corruption of the return address pointer of the do_i2c_md function.π Read
via "National Vulnerability Database".
ποΈ Chromium browsers vulnerable to dangling markup injection ποΈ
π Read
via "The Daily Swig".
Fixed bug could allow attackers to extract sensitive informationπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Chromium browsers vulnerable to dangling markup injection
Fixed bug could allow attackers to extract sensitive information