🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2021-33440 ‼

An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_bcode_commit() in mjs.c.

📖 Read

via "National Vulnerability Database".

139 views14:34

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-36161 ‼

Orange Station 1.0 was discovered to contain a SQL injection vulnerability via the username parameter.

📖 Read

via "National Vulnerability Database".

134 views14:34

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2021-33461 ‼

An issue was discovered in yasm version 1.3.0. There is a use-after-free in yasm_intnum_destroy() in libyasm/intnum.c.

📖 Read

via "National Vulnerability Database".

129 views14:34

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2021-33464 ‼

An issue was discovered in yasm version 1.3.0. There is a heap-buffer-overflow in inc_fopen() in modules/preprocs/nasm/nasm-pp.c.

📖 Read

via "National Vulnerability Database".

131 views14:34

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2021-33467 ‼

An issue was discovered in yasm version 1.3.0. There is a use-after-free in pp_getline() in modules/preprocs/nasm/nasm-pp.c.

📖 Read

via "National Vulnerability Database".

133 views14:34

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-34988 ‼

Inout Blockchain AltExchanger v1.2.1 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /admin/js.

📖 Read

via "National Vulnerability Database".

133 views14:34

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2021-33438 ‼

An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is stack buffer overflow in json_parse_array() in mjs.c.

📖 Read

via "National Vulnerability Database".

135 views14:34

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2021-33448 ‼

An issue was discovered in mjs(mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is stack buffer overflow at 0x7fffe9049390.

📖 Read

via "National Vulnerability Database".

132 views14:34

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2021-33455 ‼

An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in do_directive() in modules/preprocs/nasm/nasm-pp.c.

📖 Read

via "National Vulnerability Database".

134 views14:34

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2021-33447 ‼

An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_print() in mjs.c.

📖 Read

via "National Vulnerability Database".

136 views14:34

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-31879 ‼

Online Fire Reporting System 1.0 is vulnerable to SQL Injection via the date parameter.

📖 Read

via "National Vulnerability Database".

146 views14:34

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-34991 ‼

Paymoney v3.3 was discovered to contain multiple reflected cross-site scripting (XSS) vulnerabilities via the first_name and last_name parameters.

📖 Read

via "National Vulnerability Database".

157 views14:34

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2021-33465 ‼

An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in expand_mmacro() in modules/preprocs/nasm/nasm-pp.c.

📖 Read

via "National Vulnerability Database".

178 views14:34

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2021-33450 ‼

An issue was discovered in NASM version 2.16rc0. There are memory leaks in nasm_calloc() in nasmlib/alloc.c.

📖 Read

via "National Vulnerability Database".

207 views14:34

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2021-33459 ‼

An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in nasm_parser_directive() in modules/parsers/nasm/nasm-parse.c.

📖 Read

via "National Vulnerability Database".

218 views14:34

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2021-33458 ‼

An issue was discovered in yasm version 1.3.0. There is a NULL pointer dereference in find_cc() in modules/preprocs/nasm/nasm-pp.c.

📖 Read

via "National Vulnerability Database".

249 views14:34

🛡 Cybersecurity & Privacy 🛡 - News

🗓️ FileWave MDM authentication bypass bugs expose managed devices to hijack risk 🗓️

‘Vast majority’ of users have updated systems thanks to vendor warnings

📖 Read

via "The Daily Swig".

The Daily Swig | Cybersecurity news and views

FileWave MDM authentication bypass bugs expose managed devices to hijack risk

‘Vast majority’ of users have updated systems thanks to vendor warnings

250 views15:53

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-35639 ‼

IBM Sterling Partner Engagement Manager 6.1, 6.2, and Cloud 22.2 do not limit the length of a connection which could cause the server to become unresponsive. IBM X-Force ID: 230932.

📖 Read

via "National Vulnerability Database".

228 views16:35

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-1648 ‼

Pandora FMS v7.0NG.760 and below allows a relative path traversal in File Manager where a privileged user could upload a .php file outside the intended images directory which is restricted to execute the .php file. The impact could lead to a Remote Code Execution with running application privilege.

📖 Read

via "National Vulnerability Database".

211 views16:35

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-36412 ‼

In Zoho ManageEngine SupportCenter Plus before 11023, V3 API requests are vulnerable to authentication bypass. (An API request may, in effect, be executed with the credentials of a user who authenticated in the past.)

📖 Read

via "National Vulnerability Database".

221 views16:35

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-22412 ‼

IBM Robotic Process Automation 21.0.0, 21.0.1, and 21.0.2 could allow a user with access to the local host (client machine) to obtain a login access token. IBM X-Force ID: 223019.

📖 Read

via "National Vulnerability Database".

233 views16:35

About

Blog

Apps

Platform