‼ CVE-2022-2772 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability was found in SourceCodester Apartment Visitor Management System and classified as critical. Affected by this issue is some unknown functionality of the file action-visitor.php. The manipulation of the argument editid/remark leads to sql injection. The attack may be launched remotely. The identifier of this vulnerability is VDB-206168.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-2776 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability classified as problematic has been found in SourceCodester Gym Management System. Affected is an unknown function of the file delete_user.php. The manipulation of the argument delete_user leads to denial of service. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-206172.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-2771 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability has been found in SourceCodester Simple Online Book Store System and classified as critical. Affected by this vulnerability is an unknown functionality of the file /obs/bookPerPub.php. The manipulation of the argument bookisbn leads to sql injection. The attack can be launched remotely. The associated identifier of this vulnerability is VDB-206167.📖 Read
via "National Vulnerability Database".
⚠ S3 Ep95: Slack leak, Github onslaught, and post-quantum crypto [Audio + Text] ⚠
📖 Read
via "Naked Security".
Latest episode - listen now! (Or read the transcript if you prefer.)📖 Read
via "Naked Security".
Naked Security
S3 Ep95: Slack leak, Github onslaught, and post-quantum crypto [Audio + Text]
Latest episode – listen now! (Or read the transcript if you prefer.)
❌ New Hacker Forum Takes Pro-Ukraine Stance ❌
📖 Read
via "Threat Post".
A uniquely politically motivated site called DUMPS focuses solely on threat activity directed against Russia and Belarus📖 Read
via "Threat Post".
Threat Post
New Hacker Forum Takes Pro-Ukraine Stance
A uniquely politically motivated site called DUMPS focuses solely on threat activity directed against Russia and Belarus
❌ Starlink Successfully Hacked Using $25 Modchip ❌
📖 Read
via "Threat Post".
Belgian researcher Lennert Wouters revealed at Black Hat how he mounted a successful fault injection attack on a user terminal for SpaceX’s satellite-based internet system📖 Read
via "Threat Post".
Threat Post
Starlink Successfully Hacked Using $25 Modchip
Belgian researcher Lennert Wouters revealed at Black Hat how he mounted a successful fault injection attack on a user terminal for SpaceX’s satellite-based internet system
🗓️ ReNgine upgrade: New subscan feature, PDF reports, expanded toolbox showcased at Black Hat USA 🗓️
📖 Read
via "The Daily Swig".
Open source recon tool automates some of the more time-consuming pen testing tasks📖 Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
ReNgine upgrade: New subscan feature, PDF reports, expanded toolbox showcased at Black Hat USA
Open source recon tool automates some of the more time-consuming pen testing tasks
‼ CVE-2022-20378 ‼
📖 Read
via "National Vulnerability Database".
Product: AndroidVersions: Android kernelAndroid ID: A-234657153References: N/A📖 Read
via "National Vulnerability Database".
‼ CVE-2022-20406 ‼
📖 Read
via "National Vulnerability Database".
Product: AndroidVersions: Android kernelAndroid ID: A-184676385References: N/A📖 Read
via "National Vulnerability Database".
‼ CVE-2022-20243 ‼
📖 Read
via "National Vulnerability Database".
In Core Utilities, there is a possible log information disclosure. This could lead to local information disclosure of sensitive browsing data with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-190199986📖 Read
via "National Vulnerability Database".
‼ CVE-2022-20380 ‼
📖 Read
via "National Vulnerability Database".
Product: AndroidVersions: Android kernelAndroid ID: A-212625740References: N/A📖 Read
via "National Vulnerability Database".
‼ CVE-2022-20372 ‼
📖 Read
via "National Vulnerability Database".
In exynos5_i2c_irq of (TBD), there is a possible out of bounds write due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-195480799References: N/A📖 Read
via "National Vulnerability Database".
‼ CVE-2021-22289 ‼
📖 Read
via "National Vulnerability Database".
Improper Input Validation vulnerability in the project upload mechanism in B&R Automation Studio version >=4.0 may allow an unauthenticated network attacker to execute code.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-20371 ‼
📖 Read
via "National Vulnerability Database".
In dm_bow_dtr and related functions of dm-bow.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-195565510References: Upstream kernel📖 Read
via "National Vulnerability Database".
‼ CVE-2022-20366 ‼
📖 Read
via "National Vulnerability Database".
In ioctl_dpm_clk_update of lwis_ioctl.c, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-225877745References: N/A📖 Read
via "National Vulnerability Database".
‼ CVE-2022-20375 ‼
📖 Read
via "National Vulnerability Database".
In LteRrcNrProAsnDecode of LteRrcNr_Codec.c, there is a possible out of bounds read due to a missing bounds check. This could lead to remote denial of service with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-180956894References: N/A📖 Read
via "National Vulnerability Database".
‼ CVE-2022-20373 ‼
📖 Read
via "National Vulnerability Database".
In st21nfc_loc_set_polaritymode of fc/st21nfc.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-208269510References: N/A📖 Read
via "National Vulnerability Database".
‼ CVE-2022-20180 ‼
📖 Read
via "National Vulnerability Database".
In several functions of mali_gralloc_reference.cpp, there is a possible arbitrary code execution due to a missing bounds check. This could lead to local escalation of privilege with User execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-212804042References: N/A📖 Read
via "National Vulnerability Database".
‼ CVE-2021-0735 ‼
📖 Read
via "National Vulnerability Database".
In PackageManager, there is a possible way to get information about installed packages ignoring limitations introduced in Android 11 due to a missing permission check. This could lead to local information disclosure with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-188913056📖 Read
via "National Vulnerability Database".
‼ CVE-2022-20381 ‼
📖 Read
via "National Vulnerability Database".
Product: AndroidVersions: Android kernelAndroid ID: A-188935887References: N/A📖 Read
via "National Vulnerability Database".
‼ CVE-2022-20248 ‼
📖 Read
via "National Vulnerability Database".
In Settings, there is a possible way to connect to an open network bypassing DISALLOW_CONFIG_WIFI restriction due to a logic error in the code. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID: A-227619193📖 Read
via "National Vulnerability Database".