‼ CVE-2022-35858 ‼
📖 Read
via "National Vulnerability Database".
The TEE_PopulateTransientObject and __utee_from_attr functions in Samsung mTower 0.3.0 allow a trusted application to trigger a memory overwrite, denial of service, and information disclosure by invoking the function TEE_PopulateTransientObject with a large number in the parameter attrCount.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-35926 ‼
📖 Read
via "National Vulnerability Database".
Contiki-NG is an open-source, cross-platform operating system for IoT devices. Because of insufficient validation of IPv6 neighbor discovery options in Contiki-NG, attackers can send neighbor solicitation packets that trigger an out-of-bounds read. The problem exists in the module os/net/ipv6/uip-nd6.c, where memory read operations from the main packet buffer, <code>uip_buf</code>, are not checked if they go out of bounds. In particular, this problem can occur when attempting to read the 2-byte option header and the Source Link-Layer Address Option (SLLAO). This attack requires ipv6 be enabled for the network. The problem has been patched in the develop branch of Contiki-NG. The upcoming 4.8 release of Contiki-NG will include the patch.Users unable to upgrade may apply the patch in Contiki-NG PR #1654.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-35142 ‼
📖 Read
via "National Vulnerability Database".
An issue in Renato v0.17.0 allows attackers to cause a Denial of Service (DoS) via a crafted payload injected into the Search parameter.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-35927 ‼
📖 Read
via "National Vulnerability Database".
Contiki-NG is an open-source, cross-platform operating system for IoT devices. In the RPL-Classic routing protocol implementation in the Contiki-NG operating system, an incoming DODAG Information Option (DIO) control message can contain a prefix information option with a length parameter. The value of the length parameter is not validated, however, and it is possible to cause a buffer overflow when copying the prefix in the set_ip_from_prefix function. This vulnerability affects anyone running a Contiki-NG version prior to 4.7 that can receive RPL DIO messages from external parties. To obtain a patched version, users should upgrade to Contiki-NG 4.7 or later. There are no workarounds for this issue.📖 Read
via "National Vulnerability Database".
👍1
‼ CVE-2022-35143 ‼
📖 Read
via "National Vulnerability Database".
Renato v0.17.0 employs weak password complexity requirements, allowing attackers to crack user passwords via brute-force attacks.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-32771 ‼
📖 Read
via "National Vulnerability Database".
Contiki-NG is an open-source, cross-platform operating system for IoT devices. In affected versions it is possible to cause a buffer overflow when copying an IPv6 address prefix in the RPL-Classic implementation in Contiki-NG. In order to trigger the vulnerability, the Contiki-NG system must have joined an RPL DODAG. After that, an attacker can send a DAO packet with a Target option that contains a prefix length larger than 128 bits. The problem was fixed after the release of Contiki-NG 4.7. Users unable to upgrade may apply the patch in Contiki-NG PR #1615.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-37415 ‼
📖 Read
via "National Vulnerability Database".
The Uniwill SparkIO.sys driver 1.0 is vulnerable to a stack-based buffer overflow via IOCTL 0x40002008.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-21186 ‼
📖 Read
via "National Vulnerability Database".
The package @acrontum/filesystem-template before 0.0.2 are vulnerable to Arbitrary Command Injection due to the fetchRepo API missing sanitization of the href field of external input.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-37431 ‼
📖 Read
via "National Vulnerability Database".
A Reflected Cross-site scripting (XSS) issue was discovered in dotCMS Core through 22.06. This occurs in the admin portal when the configuration has XSS_PROTECTION_ENABLED=false.📖 Read
via "National Vulnerability Database".
👍1
‼ CVE-2022-37416 ‼
📖 Read
via "National Vulnerability Database".
Ittiam libmpeg2 before 2022-07-27 uses memcpy with overlapping memory blocks in impeg2_mc_fullx_fully_8x8.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-2626 ‼
📖 Read
via "National Vulnerability Database".
Incorrect Privilege Assignment in GitHub repository hestiacp/hestiacp prior to 1.6.6.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-37434 ‼
📖 Read
via "National Vulnerability Database".
zlib through 1.2.12 has a heap-based buffer over-read or buffer overflow in inflate in inflate.c via a large gzip header extra field. NOTE: only applications that call inflateGetHeader are affected. Some common applications bundle the affected zlib source code but may be unable to call inflateGetHeader (e.g., see the nodejs/node reference).📖 Read
via "National Vulnerability Database".
🗓️ Authentication bypass bug in Nextauth.js could allow email account takeover 🗓️
📖 Read
via "The Daily Swig".
Vulnerability has been patched in latest versions📖 Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Authentication bypass bug in Nextauth.js could allow email account takeover
Vulnerability has been patched in latest versions
👍1
❌ Open Redirect Flaw Snags Amex, Snapchat User Data ❌
📖 Read
via "Threat Post".
Separate phishing campaigns targeting thousands of victims impersonate FedEx and Microsoft, among others, to trick victims.📖 Read
via "Threat Post".
Threat Post
Open Redirect Flaw Snags Amex, Snapchat User Data
Separate phishing campaigns targeting thousands of victims impersonate FedEx and Microsoft, among others, to trick victims.
‼ CVE-2022-2672 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability was found in SourceCodester Garage Management System. It has been classified as critical. Affected is an unknown function of the file createUser.php. The manipulation of the argument userName/uemail leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-205656.📖 Read
via "National Vulnerability Database".
🕴 How to Resolve Permission Issues in CI/CD Pipelines 🕴
📖 Read
via "Dark Reading".
This Tech Tip outlines how DevOps teams can address security integration issues in their CI/CD pipelines.📖 Read
via "Dark Reading".
Dark Reading
How to Resolve Permission Issues in CI/CD Pipelines
This Tech Tip outlines how DevOps teams can address security integration issues in their CI/CD pipelines.
‼ CVE-2022-2674 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability was found in SourceCodester Best Fee Management System. It has been rated as critical. Affected by this issue is the function login of the file admin_class.php. The manipulation of the argument username leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-205658 is the identifier assigned to this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-2671 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability was found in SourceCodester Garage Management System and classified as critical. This issue affects some unknown processing of the file removeUser.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-205655.📖 Read
via "National Vulnerability Database".
👍1
‼ CVE-2022-2673 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability was found in Rigatur Online Booking and Hotel Management System aff6409. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file login.php of the component POST Request Handler. The manipulation of the argument email/pass leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-205657 was assigned to this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-35936 ‼
📖 Read
via "National Vulnerability Database".
Ethermint is an Ethereum library. In Ethermint running versions before `v0.17.2`, the contract `selfdestruct` invocation permanently removes the corresponding bytecode from the internal database storage. However, due to a bug in the `DeleteAccount`function, all contracts that used the identical bytecode (i.e shared the same `CodeHash`) will also stop working once one contract invokes `selfdestruct`, even though the other contracts did not invoke the `selfdestruct` OPCODE. This vulnerability has been patched in Ethermint version v0.18.0. The patch has state machine-breaking changes for applications using Ethermint, so a coordinated upgrade procedure is required. A workaround is available. If a contract is subject to DoS due to this issue, the user can redeploy the same contract, i.e. with identical bytecode, so that the original contract's code is recovered. The new contract deployment restores the `bytecode hash -> bytecode` entry in the internal state.📖 Read
via "National Vulnerability Database".
🕴 A Digital Home Has Many Open Doors 🕴
📖 Read
via "Dark Reading".
Development of digital gateways to protect the places where we live, work, and converse need to be secure and many doors need to offer restricted access.📖 Read
via "Dark Reading".
Dark Reading
A Digital Home Has Many Open Doors
Development of digital gateways to protect the places where we live, work, and converse need to be secure and many doors need to offer restricted access.