🛡 Cybersecurity & Privacy 🛡 - News
@cibsecurity
25.8K subscribers
89.2K links
🗞 The finest daily news on cybersecurity and privacy.

🔔 Daily releases.

💻 Is your online life secure?

📩 lalilolalo.dev@gmail.com
Download Telegram
About
Blog
Apps
Platform
Join
🛡 Cybersecurity & Privacy 🛡 - News
25.8K subscribers
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-37243 ‼

MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting (XSS) via the whitelist endpoint.

📖 Read

via "National Vulnerability Database".
78 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-37068 ‼

H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function UpdateMacCloneFinal.

📖 Read

via "National Vulnerability Database".
80 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-37096 ‼

H3C H200 H200V100R004 was discovered to contain a stack overflow via the function EnableIpv6.

📖 Read

via "National Vulnerability Database".
76 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-36520 ‼

H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function DEleteusergroup.

📖 Read

via "National Vulnerability Database".
79 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-37819 ‼

Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the timezone parameter in the function fromSetSysTime.

📖 Read

via "National Vulnerability Database".
79 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-37812 ‼

Tenda AC1206 V15.03.06.23 was discovered to contain a stack overflow via the firewallEn parameter in the function formSetFirewallCfg.

📖 Read

via "National Vulnerability Database".
80 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-36478 ‼

H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function Edit_BasicSSID.

📖 Read

via "National Vulnerability Database".
81 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-36475 ‼

H3C B5 Mini B5MiniV100R005 was discovered to contain a stack overflow via the function AddMacList.

📖 Read

via "National Vulnerability Database".
86 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-36505 ‼

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function EDitusergroup.

📖 Read

via "National Vulnerability Database".
92 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-37069 ‼

H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function UpdateSnat.

📖 Read

via "National Vulnerability Database".
95 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-36516 ‼

H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a stack overflow via the function ap_version_check.

📖 Read

via "National Vulnerability Database".
109 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-36501 ‼

H3C Magic NX18 Plus NX18PV100R003 was discovered to contain a stack overflow via the function UpdateSnat.

📖 Read

via "National Vulnerability Database".
121 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-37820 ‼

Tenda AX1803 v1.0.0.1 was discovered to contain a stack overflow via the ddnsEn parameter in the function formSetSysToolDDNS.

📖 Read

via "National Vulnerability Database".
130 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-36458 ‼

TOTOLINK A3700R V9.1.2u.6134_B20201202 was discovered to contain a command injection vulnerability via the command parameter in the function setTracerouteCfg.

📖 Read

via "National Vulnerability Database".
161 views
🛡 Cybersecurity & Privacy 🛡 - News
🕴 ReasonLabs Launches Free Online Security Tool to Power Secure Web Experience for Millions of Global Users 🕴

Online Security autonomously blocks malicious URLs, extensions, ad trackers, and pop-ups 24/7, protecting consumers from complex and rapidly evolving cyber threats online.

📖 Read

via "Dark Reading".
Dark Reading
ReasonLabs Launches Free Online Security Tool to Power Secure Web Experience for Millions of Global Users
Online Security autonomously blocks malicious URLs, extensions, ad trackers, and pop-ups 24/7, protecting consumers from complex and rapidly evolving cyber threats online.
182 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-37161 ‼

Claroline 13.5.7 and prior is vulnerable to Cross Site Scripting (XSS) via SVG file upload.

📖 Read

via "National Vulnerability Database".
160 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-37238 ‼

MDaemon Technologies SecurityGateway for Email Servers 8.5.2 is vulnerable to Cross Site Scripting (XSS) via the currentRequest parameter.

📖 Read

via "National Vulnerability Database".
159 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-37159 ‼

Claroline 13.5.7 and prior is vulnerable to Remote code execution via arbitrary file upload.

📖 Read

via "National Vulnerability Database".
159 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-37160 ‼

Claroline 13.5.7 and prior allows an authenticated attacker to elevate privileges via the arbitrary creation of a privileged user. By combining the XSS vulnerability present in several upload forms and a javascript request to the present API, it is possible to trigger the creation of a user with administrative rights by opening an SVG file as an administrator user.

📖 Read

via "National Vulnerability Database".
135 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-37162 ‼

Claroline 13.5.7 and prior is vulnerable to Cross Site Scripting (XSS). An attacker can obtain javascript code execution by adding arbitrary javascript code in the 'Location' field of a calendar event.

📖 Read

via "National Vulnerability Database".
147 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-37158 ‼

RuoYi v3.8.3 has a Weak password vulnerability in the management system.

📖 Read

via "National Vulnerability Database".
148 views