βΌ CVE-2022-38223 βΌ
π Read
via "National Vulnerability Database".
There is an out-of-bounds write in checkType located in etc.c in w3m 0.5.3. It can be triggered by sending a crafted HTML file to the w3m binary. It allows an attacker to cause Denial of Service or possibly have unspecified other impact.π Read
via "National Vulnerability Database".
βΌ CVE-2022-2822 βΌ
π Read
via "National Vulnerability Database".
An attacker can freely brute force username and password and can takeover any account. An attacker could easily guess user passwords and gain access to user and administrative accounts.π Read
via "National Vulnerability Database".
βΌ CVE-2022-35958 βΌ
π Read
via "National Vulnerability Database".
Discourse is a 100% open source discussion platform. A malicious user can use the invitation system to spam arbitrary email addresses by sending them invitation emails in some cases. This issue is patched in the latest stable, beta and tests-passed versions of Discourse. There are currently no known workarounds.π Read
via "National Vulnerability Database".
βΌ CVE-2022-2314 βΌ
π Read
via "National Vulnerability Database".
The VR Calendar WordPress plugin through 2.2.2 lets any user execute arbitrary PHP functions on the site.π Read
via "National Vulnerability Database".
βΌ CVE-2022-2384 βΌ
π Read
via "National Vulnerability Database".
The Digital Publications by Supsystic WordPress plugin before 1.7.4 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.π Read
via "National Vulnerability Database".
βΌ CVE-2022-2812 βΌ
π Read
via "National Vulnerability Database".
A vulnerability classified as critical was found in SourceCodester Guest Management System. This vulnerability affects unknown code of the file index.php. The manipulation of the argument username/pass leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-206398 is the identifier assigned to this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2022-2116 βΌ
π Read
via "National Vulnerability Database".
The Contact Form DB WordPress plugin before 1.8.0 does not sanitise and escape some parameters before outputting them back in attributes, leading to Reflected Cross-Site Scriptingπ Read
via "National Vulnerability Database".
βΌ CVE-2022-36007 βΌ
π Read
via "National Vulnerability Database".
Venice is a Clojure inspired sandboxed Lisp dialect with excellent Java interoperability. A partial path traversal issue exists within the functions `load-file` and `load-resource`. These functions can be limited to load files from a list of load paths. Assuming Venice has been configured with the load paths: `[ "/Users/foo/resources" ]` When passing **relative** paths to these two vulnerable functions everything is fine: `(load-resource "test.png")` => loads the file "/Users/foo/resources/test.png" `(load-resource "../resources-alt/test.png")` => rejected, outside the load path When passing **absolute** paths to these two vulnerable functions Venice may return files outside the configured load paths: `(load-resource "/Users/foo/resources/test.png")` => loads the file "/Users/foo/resources/test.png" `(load-resource "/Users/foo/resources-alt/test.png")` => loads the file "/Users/foo/resources-alt/test.png" !!! The latter call suffers from the _Partial Path Traversal_ vulnerability. This issueΓ’β¬β’s scope is limited to absolute paths whose name prefix matches a load path. E.g. for a load-path `"/Users/foo/resources"`, the actor can cause loading a resource also from `"/Users/foo/resources-alt"`, but not from `"/Users/foo/images"`. Versions of Venice before and including v1.10.17 are affected by this issue. Upgrade to Venice >= 1.10.18, if you are on a version < 1.10.18. There are currently no known workarounds.π Read
via "National Vulnerability Database".
βΌ CVE-2022-35954 βΌ
π Read
via "National Vulnerability Database".
The GitHub Actions ToolKit provides a set of packages to make creating actions easier. The `core.exportVariable` function uses a well known delimiter that attackers can use to break out of that specific variable and assign values to other arbitrary variables. Workflows that write untrusted values to the `GITHUB_ENV` file may cause the path or other environment variables to be modified without the intention of the workflow or action author. Users should upgrade to `@actions/core v1.9.1`. If you are unable to upgrade the `@actions/core` package, you can modify your action to ensure that any user input does not contain the delimiter `_GitHubActionsFileCommandDelimeter_` before calling `core.exportVariable`.π Read
via "National Vulnerability Database".
βΌ CVE-2022-2381 βΌ
π Read
via "National Vulnerability Database".
The E Unlocked - Student Result WordPress plugin through 1.0.4 is lacking CSRF and validation when uploading the School logo, which could allow attackers to make a logged in admin upload arbitrary files, such as PHP via a CSRF attackπ Read
via "National Vulnerability Database".
βΌ CVE-2022-2535 βΌ
π Read
via "National Vulnerability Database".
The SearchWP Live Ajax Search WordPress plugin before 1.6.2 does not ensure that users making a live search are limited to published posts only, allowing unauthenticated users to make a crafted query disclosing private/draft/pending post titles along with their permalinkπ Read
via "National Vulnerability Database".
βΌ CVE-2022-38221 βΌ
π Read
via "National Vulnerability Database".
A buffer overflow in the FTcpListener thread in The Isle Evrima (the dedicated server on Windows and Linux) 0.9.88.07 before 2022-08-12 allows a remote attacker to crash any server with an accessible RCON port, or possibly execute arbitrary code.π Read
via "National Vulnerability Database".
βΌ CVE-2022-2811 βΌ
π Read
via "National Vulnerability Database".
A vulnerability classified as problematic has been found in SourceCodester Guest Management System. This affects an unknown part of the file myform.php. The manipulation of the argument name leads to cross site scripting. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-206397 was assigned to this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2022-2379 βΌ
π Read
via "National Vulnerability Database".
The Easy Student Results WordPress plugin through 2.2.8 lacks authorisation in its REST API, allowing unauthenticated users to retrieve information related to the courses, exams, departments as well as student's grades and PII such as email address, physical address, phone number etcπ Read
via "National Vulnerability Database".
βΌ CVE-2022-2818 βΌ
π Read
via "National Vulnerability Database".
Authentication Bypass by Primary Weakness in GitHub repository cockpit-hq/cockpit prior to 2.2.2.π Read
via "National Vulnerability Database".
βΌ CVE-2022-37401 βΌ
π Read
via "National Vulnerability Database".
Apache OpenOffice supports the storage of passwords for web connections in the user's configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in OpenOffice existed where master key was poorly encoded resulting in weakening its entropy from 128 to 43 bits making the stored passwords vulnerable to a brute force attack if an attacker has access to the users stored config. This issue affects: Apache OpenOffice versions prior to 4.1.13. Reference: CVE-2022-26307 - LibreOfficeπ Read
via "National Vulnerability Database".
ποΈ Healthcare provider Novant issues data breach warning after site tracking pixels sent patientsβ information to Meta servers ποΈ
π Read
via "The Daily Swig".
Leaked data potentially included patientsβ email addresses, phone numbers, and device IP addressesπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Healthcare provider Novant issues data breach warning after site tracking pixels sent patientsβ information to Meta servers
Leaked data potentially included patientsβ email addresses, phone numbers, and device IP addresses
π1
β Black Hat and DEF CON Roundup β
π Read
via "Threat Post".
βSummer Campβ for hackers features a compromised satellite, a homecoming for hackers and cyberwarfare warnings.π Read
via "Threat Post".
Threat Post
Black Hat and DEF CON Roundup
βSummer Campβ for hackers features a compromised satellite, a homecoming for hackers and cyberwarfare warnings.
ποΈ Germany to mandate minimum security standards for web browsers in government ποΈ
π Read
via "The Daily Swig".
Less celebrated browsers and deprecated applications like Internet Explorer will be browsers non-grataπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Germany to mandate minimum security standards for web browsers in government
Less celebrated browsers and deprecated applications like Internet Explorer will be browsers non-grata
π΄ How and Why to Apply OSINT to Protect the Enterprise π΄
π Read
via "Dark Reading".
Here's how to flip the tide and tap open source intelligence to protect your users.π Read
via "Dark Reading".
Dark Reading
How and Why to Apply OSINT to Protect the Enterprise
Here's how to flip the tide and tap open source intelligence to protect your users.
βΌ CVE-2022-33990 βΌ
π Read
via "National Vulnerability Database".
Misinterpretation of special domain name characters in dproxy-nexgen (aka dproxy nexgen) leads to cache poisoning because domain names and their associated IP addresses are cached in their misinterpreted form.π Read
via "National Vulnerability Database".