‼ CVE-2022-2138 ‼
📖 Read
via "National Vulnerability Database".
The affected product is vulnerable due to missing authentication, which may allow an attacker to read or modify sensitive data and execute arbitrary code, resulting in a denial-of-service condition.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-34981 ‼
📖 Read
via "National Vulnerability Database".
The PyCrowdTangle package in PyPI before v0.0.1 included a code execution backdoor inserted by a third party.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-34500 ‼
📖 Read
via "National Vulnerability Database".
The bin-collect package in PyPI before v0.1 included a code execution backdoor inserted by a third party.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-34503 ‼
📖 Read
via "National Vulnerability Database".
QPDF v8.4.2 was discovered to contain a heap buffer overflow via the function QPDF::processXRefStream. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted PDF file.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-34983 ‼
📖 Read
via "National Vulnerability Database".
The scu-captcha package in PyPI v0.0.1 to v0.0.4 included a code execution backdoor inserted by a third party.📖 Read
via "National Vulnerability Database".
🕴 Thales Expands Cybersecurity Portfolio With OneWelcome Acquisition 🕴
📖 Read
via "Dark Reading".
With more staff working remotely, identity, authentication, and access have never been more important.📖 Read
via "Dark Reading".
Dark Reading
Thales Expands Cybersecurity Portfolio With OneWelcome Acquisition
With more staff working remotely, identity, authentication, and access have never been more important.
🕴 Phishing Bonanza: Social Engineering Savvy Skyrockets as Malicious Actors Cash In 🕴
📖 Read
via "Dark Reading".
The ever-evolving threat from phishing is growing more sophisticated as attackers design high-pressure situations and leverage ever-more-convincing social engineering tactics to increase their success rates.📖 Read
via "Dark Reading".
Dark Reading
Phishing Bonanza: Social-Engineering Savvy Skyrockets as Malicious Actors Cash In
The ever-evolving threat from phishing is growing more sophisticated as attackers design high-pressure situations and leverage ever-more-convincing social engineering tactics to increase their success rates.
🕴 Snowballing Ransomware Variants Highlight Growing Threat to VMware ESXi Environments 🕴
📖 Read
via "Dark Reading".
Luna, Black Basta add to rapidly growing list of malware tools targeted at virtual machines deployed on VMware's bare-metal hypervisor technology.📖 Read
via "Dark Reading".
Dark Reading
Snowballing Ransomware Variants Highlight Growing Threat to VMware ESXi Environments
Luna, Black Basta add to rapidly growing list of malware tools targeted at virtual machines deployed on VMware's bare-metal hypervisor technology.
‼ CVE-2017-20143 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability, which was classified as critical, has been found in Itech Movie Portal Script 7.36. This issue affects some unknown processing of the file /film-rating.php. The manipulation of the argument v leads to sql injection (Error). The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.📖 Read
via "National Vulnerability Database".
‼ CVE-2017-20139 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability was found in Itech Movie Portal Script 7.36. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /show_news.php. The manipulation of the argument id with the input AND (SELECT 1222 FROM(SELECT COUNT(*),CONCAT(0x71786b7a71,(SELECT (ELT(1222=1222,1))),0x717a627871,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) leads to sql injection (Error). The attack can be launched remotely. The exploit has been disclosed to the public and may be used.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-0978 ‼
📖 Read
via "National Vulnerability Database".
Use after free in ANGLE in Google Chrome prior to 99.0.4844.74 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-29495 ‼
📖 Read
via "National Vulnerability Database".
Cross-Site Request Forgery (CSRF) vulnerability in Sygnoos Popup Builder plugin <= 4.1.11 at WordPress allows an attacker to update plugin settings.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-14126 ‼
📖 Read
via "National Vulnerability Database".
Information leakage vulnerability exists in the Mi Sound APP. This vulnerability is caused by illegal calls of some sensitive JS interfaces, which can be exploited by attackers to leak sensitive information.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-14114 ‼
📖 Read
via "National Vulnerability Database".
information leakage vulnerability exists in the Xiaomi SmartHome APP. This vulnerability is caused by illegal calls of some sensitive JS interfaces, which can be exploited by attackers to leak sensitive information.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-33901 ‼
📖 Read
via "National Vulnerability Database".
Unauthenticated Arbitrary File Read vulnerability in MultiSafepay plugin for WooCommerce plugin <= 4.13.1 at WordPress.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-27235 ‼
📖 Read
via "National Vulnerability Database".
Multiple Broken Access Control vulnerabilities in Social Share Buttons by Supsystic plugin <= 2.2.3 at WordPress.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-30998 ‼
📖 Read
via "National Vulnerability Database".
Multiple Authenticated (subscriber or higher user role) SQL Injection (SQLi) vulnerabilities in WooPlugins.co's Homepage Product Organizer for WooCommerce plugin <= 1.1 at WordPress.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-33960 ‼
📖 Read
via "National Vulnerability Database".
Multiple Authenticated (subscriber or higher user role) SQL Injection (SQLi) vulnerabilities in Social Share Buttons by Supsystic plugin <= 2.2.3 at WordPress.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-0979 ‼
📖 Read
via "National Vulnerability Database".
Use after free in Safe Browsing in Google Chrome on Android prior to 99.0.4844.74 allowed a remote attacker who convinced a user to engage in specific user interaction to potentially exploit heap corruption via a crafted HTML page.📖 Read
via "National Vulnerability Database".
‼ CVE-2017-20141 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability classified as critical has been found in Itech Movie Portal Script 7.36. This affects an unknown part of the file /movie.php. The manipulation of the argument f leads to sql injection (Union). It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-28879 ‼
📖 Read
via "National Vulnerability Database".
A Denial-of-Service (DoS) vulnerability was discovered in F-Secure Atlant and in certain WithSecure products whereby the scanning the aepack.dll component can crash the scanning engine.📖 Read
via "National Vulnerability Database".