โผ CVE-2022-2939 โผ
๐ Read
via "National Vulnerability Database".
The WP Cerber Security plugin for WordPress is vulnerable to security protection bypass in versions up to, and including 9.0, that makes user enumeration possible. This is due to improper validation on the value supplied through the 'author' parameter found in the ~/cerber-load.php file. In vulnerable versions, the plugin only blocks requests if the value supplied is numeric, making it possible for attackers to supply additional non-numeric characters to bypass the protection. The non-numeric characters are stripped and the user requested is displayed. This can be used by unauthenticated attackers to gather information about users that can targeted in further attacks.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-23689 โผ
๐ Read
via "National Vulnerability Database".
Multiple vulnerabilities exist in the processing of packet data by the LLDP service of AOS-CX. Successful exploitation of these vulnerabilities may allow an attacker to impact the availability of the AOS-CX LLDP service and/or the management plane of the switch in ArubaOS-CX Switches version(s): AOS-CX 10.09.xxxx: 10.09.1010 and below, AOS-CX 10.08.xxxx: 10.08.1050 and below, AOS-CX 10.06.xxxx: 10.06.0190 and below. Aruba has released upgrades for ArubaOS-CX Switch Devices that address these security vulnerabilities.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-2716 โผ
๐ Read
via "National Vulnerability Database".
The Beaver Builder รขโฌโ WordPress Page Builder for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Text Editor' block in versions up to, and including, 2.5.5.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers with access to the Beaver Builder editor to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-2540 โผ
๐ Read
via "National Vulnerability Database".
The Link Optimizer Lite plugin for WordPress is vulnerable to Cross-Site Request Forgery to Cross-Site Scripting in versions up to, and including 1.4.5. This is due to missing nonce validation on the admin_page function found in the ~/admin.php file. This makes it possible for unauthenticated attackers to modify the plugin's settings and inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-34656 โผ
๐ Read
via "National Vulnerability Database".
Authenticated (admin+) Cross-Site Scripting (XSS) vulnerability in wpdevart Poll, Survey, Questionnaire and Voting system plugin <= 1.7.4 at WordPress.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-2432 โผ
๐ Read
via "National Vulnerability Database".
The Ecwid Ecommerce Shopping Cart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 6.10.23. This is due to missing or incorrect nonce validation on the ecwid_update_plugin_params function. This makes it possible for unauthenticated attackers to update plugin options granted they can trick a site administrator into performing an action such as clicking on a link.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-26451 โผ
๐ Read
via "National Vulnerability Database".
In ged, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07202966; Issue ID: ALPS07202966.๐ Read
via "National Vulnerability Database".
๐ด TeslaGun Primed to Blast a New Wave of Backdoor Cyberattacks ๐ด
๐ Read
via "Dark Reading".
What under-the-hood details of newly discovered attack control panel tells us about how the Evil Corp threat group manages its ServHelper backdoor malware campaigns.๐ Read
via "Dark Reading".
Dark Reading
TeslaGun Primed to Blast a New Wave of Backdoor Cyberattacks
What under-the-hood details of newly discovered attack control panel tell us about how the Evil Corp threat group manages its ServHelper backdoor malware campaigns.
๐ด Mysterious 'Worok' Group Launches Spy Effort With Obfuscated Code, Private Tools ๐ด
๐ Read
via "Dark Reading".
The threat actor โ whose techniques and procedures do not match known groups โ has created custom attack tools, including a program that hides scripts in .PNG images.๐ Read
via "Dark Reading".
Dark Reading
Mysterious 'Worok' Group Launches Spy Effort With Obfuscated Code, Private Tools
The threat actor โ whose techniques and procedures do not match known groups โ has created custom attack tools, including a program that hides scripts in .PNG images.
โผ CVE-2022-36057 โผ
๐ Read
via "National Vulnerability Database".
Discourse-Chat is an asynchronous messaging plugin for the Discourse open-source discussion platform. Users of Discourse Chat can be affected by admin users inserting HTML into chat titles and descriptions, causing a Cross-Site Scripting (XSS) attack. Version 0.9 contains a patch for this issue.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-36072 โผ
๐ Read
via "National Vulnerability Database".
SilverwareGames.io is a social network for users to play video games online. In version 1.1.8 and prior, due to an unobvious feature of PHP, hashes generated by built-in functions and starting with the `0e` symbols were being handled as zero multiplied with the `e` number. Therefore, the hash value was equal to 0. The maintainers fixed this in version 1.1.9 by using `===` instead of `==` in comparisons where it is possible (e.g. on sign in/sign up handlers).๐ Read
via "National Vulnerability Database".
โผ CVE-2022-38176 โผ
๐ Read
via "National Vulnerability Database".
An issue was discovered in YSoft SAFEQ 6 before 6.0.72. Incorrect privileges were configured as part of the installer package for the Client V3 services, allowing for local user privilege escalation by overwriting the executable file via an alternative data stream. NOTE: this is not the same as CVE-2021-31859.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-36043 โผ
๐ Read
via "National Vulnerability Database".
Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to a double free in bobj.c:rz_bin_reloc_storage_free() when freeing relocations generated from qnx binary plugin. A user opening a malicious qnx binary could be affected by this vulnerability, allowing an attacker to execute code on the user's machine. Commit number a3d50c1ea185f3f642f2d8180715f82d98840784 contains a patch for this issue.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-36061 โผ
๐ Read
via "National Vulnerability Database".
Elrond go is the go implementation for the Elrond Network protocol. In versions prior to 1.3.35, read only calls between contracts can generate smart contracts results. For example, if contract A calls in read only mode contract B and the called function will make changes upon the contract's B state, the state will be altered for contract B as if the call was not made in the read-only mode. This can lead to some effects not designed by the original smart contracts programmers. This issue was patched in version 1.3.35. There are no known workarounds.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-26861 โผ
๐ Read
via "National Vulnerability Database".
Dell BIOS versions contain an Insecure Automated Optimization vulnerability. A local authenticated malicious user could exploit this vulnerability by sending malicious input via SMI to obtain arbitrary code execution during SMM.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-36044 โผ
๐ Read
via "National Vulnerability Database".
Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to an out-of-bounds write when getting data from Luac files. A user opening a malicious Luac file could be affected by this vulnerability, allowing an attacker to execute code on the user's machine. Commits 07b43bc8aa1ffebd9b68d60624c9610cf7e460c7 and 05bbd147caccc60162d6fba9baaaf24befa281cd contain fixes for the issue.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-32277 โผ
๐ Read
via "National Vulnerability Database".
Squiz Matrix CMS 6.20 is vulnerable to an Insecure Direct Object Reference caused by failure to correctly validate authorization when submitting a request to change a user's contact details.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-36757 โผ
๐ Read
via "National Vulnerability Database".
Xaomi Mi Browser v13.10.0-gn contains a vulnerability which allows attackers to execute arbitrary code via user interaction with a crafted URL.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-36041 โผ
๐ Read
via "National Vulnerability Database".
Rizin is a UNIX-like reverse engineering framework and command-line toolset. Versions 0.4.0 and prior are vulnerable to an out-of-bounds write when parsing Mach-O files. A user opening a malicious Mach-O file could be affected by this vulnerability, allowing an attacker to execute code on the user's machine. Commit number 7323e64d68ecccfb0ed3ee480f704384c38676b2 contains a patch.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-37253 โผ
๐ Read
via "National Vulnerability Database".
Persistent cross-site scripting (XSS) in Crime Reporting System 1.0 allows a remote attacker to introduce arbitary Javascript via manipulation of an unsanitized POST parameter๐ Read
via "National Vulnerability Database".
โผ CVE-2022-26859 โผ
๐ Read
via "National Vulnerability Database".
Dell BIOS contains a race condition vulnerability. A local attacker could exploit this vulnerability by sending malicious input via SMI in order to bypass security checks during SMM.๐ Read
via "National Vulnerability Database".