โผ CVE-2022-26449 โผ
๐ Read
via "National Vulnerability Database".
In apusys, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07177810; Issue ID: ALPS07177810.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-26469 โผ
๐ Read
via "National Vulnerability Database".
In MtkEmail, there is a possible escalation of privilege due to fragment injection. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07216598; Issue ID: ALPS07216598.๐ Read
via "National Vulnerability Database".
โผ CVE-2021-43565 โผ
๐ Read
via "National Vulnerability Database".
The x/crypto/ssh package before 0.0.0-20211202192323-5770296d904e of golang.org/x/crypto allows an attacker to panic an SSH server.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-31790 โผ
๐ Read
via "National Vulnerability Database".
WatchGuard Firebox and XTM appliances allow an unauthenticated remote attacker to retrieve sensitive authentication server settings by sending a malicious request to exposed authentication endpoints. This is fixed in Fireware OS 12.8.1, 12.5.10, and 12.1.4.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-2462 โผ
๐ Read
via "National Vulnerability Database".
The Transposh WordPress Translation plugin for WordPress is vulnerable to sensitive information disclosure to unauthenticated users in versions up to, and including, 1.0.8.1. This is due to insufficient permissions checking on the 'tp_history' AJAX action and insufficient restriction on the data returned in the response. This makes it possible for unauthenticated users to exfiltrate usernames of individuals who have translated text.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-26466 โผ
๐ Read
via "National Vulnerability Database".
In audio ipi, there is a possible out of bounds write due to an integer overflow. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS06558777; Issue ID: ALPS06558777.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-2934 โผ
๐ Read
via "National Vulnerability Database".
The Beaver Builder รขโฌโ WordPress Page Builder for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Image URL' value found in the Media block in versions up to, and including, 2.5.5.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with access to the Beaver Builder editor to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-2939 โผ
๐ Read
via "National Vulnerability Database".
The WP Cerber Security plugin for WordPress is vulnerable to security protection bypass in versions up to, and including 9.0, that makes user enumeration possible. This is due to improper validation on the value supplied through the 'author' parameter found in the ~/cerber-load.php file. In vulnerable versions, the plugin only blocks requests if the value supplied is numeric, making it possible for attackers to supply additional non-numeric characters to bypass the protection. The non-numeric characters are stripped and the user requested is displayed. This can be used by unauthenticated attackers to gather information about users that can targeted in further attacks.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-23689 โผ
๐ Read
via "National Vulnerability Database".
Multiple vulnerabilities exist in the processing of packet data by the LLDP service of AOS-CX. Successful exploitation of these vulnerabilities may allow an attacker to impact the availability of the AOS-CX LLDP service and/or the management plane of the switch in ArubaOS-CX Switches version(s): AOS-CX 10.09.xxxx: 10.09.1010 and below, AOS-CX 10.08.xxxx: 10.08.1050 and below, AOS-CX 10.06.xxxx: 10.06.0190 and below. Aruba has released upgrades for ArubaOS-CX Switch Devices that address these security vulnerabilities.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-2716 โผ
๐ Read
via "National Vulnerability Database".
The Beaver Builder รขโฌโ WordPress Page Builder for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Text Editor' block in versions up to, and including, 2.5.5.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with access to the Beaver Builder editor to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-2540 โผ
๐ Read
via "National Vulnerability Database".
The Link Optimizer Lite plugin for WordPress is vulnerable to Cross-Site Request Forgery to Cross-Site Scripting in versions up to, and including 1.4.5. This is due to missing nonce validation on the admin_page function found in the ~/admin.php file. This makes it possible for unauthenticated attackers to modify the plugin's settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-34656 โผ
๐ Read
via "National Vulnerability Database".
Authenticated (admin+) Cross-Site Scripting (XSS) vulnerability in wpdevart Poll, Survey, Questionnaire and Voting system plugin <= 1.7.4 at WordPress.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-2432 โผ
๐ Read
via "National Vulnerability Database".
The Ecwid Ecommerce Shopping Cart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 6.10.23. This is due to missing or incorrect nonce validation on the ecwid_update_plugin_params function. This makes it possible for unauthenticated attackers to update plugin options granted they can trick a site administrator into performing an action such as clicking on a link.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-26451 โผ
๐ Read
via "National Vulnerability Database".
In ged, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07202966; Issue ID: ALPS07202966.๐ Read
via "National Vulnerability Database".
๐ด TeslaGun Primed to Blast a New Wave of Backdoor Cyberattacks ๐ด
๐ Read
via "Dark Reading".
What under-the-hood details of newly discovered attack control panel tells us about how the Evil Corp threat group manages its ServHelper backdoor malware campaigns.๐ Read
via "Dark Reading".
Dark Reading
TeslaGun Primed to Blast a New Wave of Backdoor Cyberattacks
What under-the-hood details of newly discovered attack control panel tell us about how the Evil Corp threat group manages its ServHelper backdoor malware campaigns.
๐ด Mysterious 'Worok' Group Launches Spy Effort With Obfuscated Code, Private Tools ๐ด
๐ Read
via "Dark Reading".
The threat actor โ whose techniques and procedures do not match known groups โ has created custom attack tools, including a program that hides scripts in .PNG images.๐ Read
via "Dark Reading".
Dark Reading
Mysterious 'Worok' Group Launches Spy Effort With Obfuscated Code, Private Tools
The threat actor โ whose techniques and procedures do not match known groups โ has created custom attack tools, including a program that hides scripts in .PNG images.
โผ CVE-2022-36057 โผ
๐ Read
via "National Vulnerability Database".
Discourse-Chat is an asynchronous messaging plugin for the Discourse open-source discussion platform. Users of Discourse Chat can be affected by admin users inserting HTML into chat titles and descriptions, causing a Cross-Site Scripting (XSS) attack. Version 0.9 contains a patch for this issue.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-36072 โผ
๐ Read
via "National Vulnerability Database".
SilverwareGames.io is a social network for users to play video games online. In version 1.1.8 and prior, due to an unobvious feature of PHP, hashes generated by built-in functions and starting with the `0e` symbols were being handled as zero multiplied with the `e` number. Therefore, the hash value was equal to 0. The maintainers fixed this in version 1.1.9 by using `===` instead of `==` in comparisons where it is possible (e.g. on sign in/sign up handlers).๐ Read
via "National Vulnerability Database".
โผ CVE-2022-38176 โผ
๐ Read
via "National Vulnerability Database".
An issue was discovered in YSoft SAFEQ 6 before 6.0.72. Incorrect privileges were configured as part of the installer package for the Client V3 services, allowing for local user privilege escalation by overwriting the executable file via an alternative data stream. NOTE: this is not the same as CVE-2021-31859.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-36043 โผ
๐ Read
via "National Vulnerability Database".
Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to a double free in bobj.c:rz_bin_reloc_storage_free() when freeing relocations generated from qnx binary plugin. A user opening a malicious qnx binary could be affected by this vulnerability, allowing an attacker to execute code on the user's machine. Commit number a3d50c1ea185f3f642f2d8180715f82d98840784 contains a patch for this issue.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-36061 โผ
๐ Read
via "National Vulnerability Database".
Elrond go is the go implementation for the Elrond Network protocol. In versions prior to 1.3.35, read only calls between contracts can generate smart contracts results. For example, if contract A calls in read only mode contract B and the called function will make changes upon the contract's B state, the state will be altered for contract B as if the call was not made in the read-only mode. This can lead to some effects not designed by the original smart contracts programmers. This issue was patched in version 1.3.35. There are no known workarounds.๐ Read
via "National Vulnerability Database".