🛡 Cybersecurity & Privacy 🛡 - News
@cibsecurity
25.8K subscribers
89.2K links
🗞 The finest daily news on cybersecurity and privacy.

🔔 Daily releases.

💻 Is your online life secure?

📩 lalilolalo.dev@gmail.com
Download Telegram
About
Blog
Apps
Platform
Join
🛡 Cybersecurity & Privacy 🛡 - News
25.8K subscribers
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-22047 ‼

Windows CSRSS Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22026, CVE-2022-22049.

📖 Read

via "National Vulnerability Database".
99 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-22029 ‼

Windows Network File System Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22039.

📖 Read

via "National Vulnerability Database".
99 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-30225 ‼

Windows Media Player Network Sharing Service Elevation of Privilege Vulnerability.

📖 Read

via "National Vulnerability Database".
97 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-33668 ‼

Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677.

📖 Read

via "National Vulnerability Database".
91 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-29600 ‼

The oelib (aka One is Enough Library) extension through 4.1.5 for TYPO3 allows SQL Injection.

📖 Read

via "National Vulnerability Database".
89 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-22027 ‼

Windows Fax Service Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-22024.

📖 Read

via "National Vulnerability Database".
90 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-30214 ‼

Windows DNS Server Remote Code Execution Vulnerability.

📖 Read

via "National Vulnerability Database".
91 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-30203 ‼

Windows Boot Manager Security Feature Bypass Vulnerability.

📖 Read

via "National Vulnerability Database".
91 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-30187 ‼

Azure Storage Library Information Disclosure Vulnerability.

📖 Read

via "National Vulnerability Database".
88 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-33154 ‼

The schema (aka Embedding schema.org vocabulary) extension before 1.13.1 and 2.x before 2.5.1 for TYPO3 allows XSS.

📖 Read

via "National Vulnerability Database".
86 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-22041 ‼

Windows Print Spooler Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-22022, CVE-2022-30206, CVE-2022-30226.

📖 Read

via "National Vulnerability Database".
83 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-33677 ‼

Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675.

📖 Read

via "National Vulnerability Database".
83 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-33673 ‼

Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677.

📖 Read

via "National Vulnerability Database".
87 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-35403 ‼

Zoho ManageEngine ServiceDesk Plus before 13008, ServiceDesk Plus MSP before 10606, and SupportCenter Plus before 11022 are affected by an unauthenticated local file disclosure vulnerability via ticket-creation email. (This also affects Asset Explorer before 6977 with authentication.)

📖 Read

via "National Vulnerability Database".
87 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-33665 ‼

Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677.

📖 Read

via "National Vulnerability Database".
87 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-33672 ‼

Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677.

📖 Read

via "National Vulnerability Database".
84 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-33653 ‼

Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677.

📖 Read

via "National Vulnerability Database".
85 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-33669 ‼

Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33650, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677.

📖 Read

via "National Vulnerability Database".
88 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-31105 ‼

Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Argo CD starting with version 0.4.0 and prior to 2.2.11, 2.3.6, and 2.4.5 is vulnerable to an improper certificate validation bug which could cause Argo CD to trust a malicious (or otherwise untrustworthy) OpenID Connect (OIDC) provider. A patch for this vulnerability has been released in Argo CD versions 2.4.5, 2.3.6, and 2.2.11. There are no complete workarounds, but a partial workaround is available. Those who use an external OIDC provider (not the bundled Dex instance), can mitigate the issue by setting the `oidc.config.rootCA` field in the `argocd-cm` ConfigMap. This mitigation only forces certificate validation when the API server handles login flows. It does not force certificate verification when verifying tokens on API calls.

📖 Read

via "National Vulnerability Database".
93 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-33650 ‼

Azure Site Recovery Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-30181, CVE-2022-33641, CVE-2022-33642, CVE-2022-33643, CVE-2022-33651, CVE-2022-33652, CVE-2022-33653, CVE-2022-33654, CVE-2022-33655, CVE-2022-33656, CVE-2022-33657, CVE-2022-33658, CVE-2022-33659, CVE-2022-33660, CVE-2022-33661, CVE-2022-33662, CVE-2022-33663, CVE-2022-33664, CVE-2022-33665, CVE-2022-33666, CVE-2022-33667, CVE-2022-33668, CVE-2022-33669, CVE-2022-33671, CVE-2022-33672, CVE-2022-33673, CVE-2022-33674, CVE-2022-33675, CVE-2022-33677.

📖 Read

via "National Vulnerability Database".
96 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-33676 ‼

Azure Site Recovery Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-33678.

📖 Read

via "National Vulnerability Database".
92 views