π’ Exertis Enterprise announces expanded Progress partnership π’
π Read
via "ITPro".
Distributor moves to strengthen NetSecOps in the UK with availability of Progress WhatsUp Gold and Progress Flowmonπ Read
via "ITPro".
IT PRO
Exertis Enterprise announces expanded Progress partnership | IT PRO
Distributor moves to strengthen NetSecOps in the UK with availability of Progress WhatsUp Gold and Progress Flowmon
π’ U-Haul data breach exposes customer data π’
π Read
via "ITPro".
Despite the scope of the attack, the company affirmed the hack did not compromise customersβ payment card informationπ Read
via "ITPro".
IT PRO
U-Haul data breach exposes customer data | IT PRO
Despite the scope of the attack, the company affirmed the hack did not compromise customersβ payment card information
π’ Three critical vulnerabilities and one zero-day feature in Microsoft's September Patch Tuesday π’
π Read
via "ITPro".
Several issues in the monthly update require 'urgent' attention but September's Patch Tuesday only brings around half the fixes that came in Augustπ Read
via "ITPro".
ITPro
Three critical vulnerabilities and one zero-day feature in Microsoft's September Patch Tuesday
Several issues in the monthly update require 'urgent' attention but September's Patch Tuesday only brings around half the fixes that came in August
π’ Trend Micro cautions against actively exploited Apex One RCE vulnerability π’
π Read
via "ITPro".
The firm also patched a high severity security flaw that lets perpetrators bypass authenticationπ Read
via "ITPro".
IT PRO
Trend Micro cautions against actively exploited Apex One RCE vulnerability | IT PRO
The firm also patched a high severity security flaw that lets perpetrators bypass authentication
π’ WordPress plugin vulnerability leaves sites open to total takeover π’
π Read
via "ITPro".
Customers on WordFence's paid tiers will get protection from the WPGate exploit right away, but those on the free-tier face a 30-day delayπ Read
via "ITPro".
IT PRO
WordPress plugin vulnerability leaves sites open to total takeover | IT PRO
Customers on WordFence's paid tiers will get protection from the WPGate exploit right away, but those on the free-tier face a 30-day delay
βΌ CVE-2022-40734 βΌ
π Read
via "National Vulnerability Database".
UniSharp laravel-filemanager (aka Laravel Filemanager) through 2.5.1 allows download?working_dir=%2F.. directory traversal to read arbitrary files, as exploited in the wild in June 2022.π Read
via "National Vulnerability Database".
βΌ CVE-2020-36603 βΌ
π Read
via "National Vulnerability Database".
The HoYoVerse (formerly miHoYo) Genshin Impact mhyprot2.sys 1.0.0.0 anti-cheat driver does not adequately restrict unprivileged function calls, allowing local, unprivileged users to execute arbitrary code with SYSTEM privileges on Microsoft Windows systems. The mhyprot2.sys driver must first be installed by a user with administrative privileges.π Read
via "National Vulnerability Database".
βΌ CVE-2022-3221 βΌ
π Read
via "National Vulnerability Database".
Cross-Site Request Forgery (CSRF) in GitHub repository ikus060/rdiffweb prior to 2.4.3.π Read
via "National Vulnerability Database".
βΌ CVE-2022-3222 βΌ
π Read
via "National Vulnerability Database".
Uncontrolled Recursion in GitHub repository gpac/gpac prior to 2.1.0-DEV.π Read
via "National Vulnerability Database".
βΌ CVE-2022-31735 βΌ
π Read
via "National Vulnerability Database".
OpenAM Consortium Edition version 14.0.0 provided by OpenAM Consortium contains an open redirect vulnerability (CWE-601). When accessing an affected server through some specially crafted URL, the user may be redirected to an arbitrary website.π Read
via "National Vulnerability Database".
ποΈ WAPPLES web application firewall faulted for multiple flaws ποΈ
π Read
via "The Daily Swig".
Researcher uncovers RCE and undocumented backdoor risksπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
WAPPLES web application firewall faulted for multiple flaws
Researcher uncovers RCE and undocumented backdoor risks
ποΈ Open source CMS TYPO3 tackles XSS vulnerability ποΈ
π Read
via "The Daily Swig".
Bug spawned by parsing problem in upstream packageπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Open source CMS TYPO3 tackles XSS vulnerability
Bug spawned by parsing problem in upstream package
βΌ CVE-2022-37207 βΌ
π Read
via "National Vulnerability Database".
JFinal CMS 5.1.0 is affected by: SQL Injection. These interfaces do not use the same component, nor do they have filters, but each uses its own SQL concatenation method, resulting in SQL injectionπ Read
via "National Vulnerability Database".
βΌ CVE-2022-2471 βΌ
π Read
via "National Vulnerability Database".
Stack-based Buffer Overflow vulnerability in the EZVIZ Motion Detection component as used in camera models CS-CV248, CS-C6N-A0-1C2WFR, CS-DB1C-A0-1E2W2FR, CS-C6N-B0-1G2WF, CS-C3W-A0-3H4WFRL allows a remote attacker to execute remote code on the device. This issue affects: EZVIZ CS-CV248 versions prior to 5.2.3 build 220725. EZVIZ CS-C6N-A0-1C2WFR versions prior to 5.3.0 build 220428. EZVIZ CS-DB1C-A0-1E2W2FR versions prior to 5.3.0 build 220802. EZVIZ CS-C6N-B0-1G2WF versions prior to 5.3.0 build 220712. EZVIZ CS-C3W-A0-3H4WFRL versions prior to 5.3.5 build 220723.π Read
via "National Vulnerability Database".
βΌ CVE-2022-38864 βΌ
π Read
via "National Vulnerability Database".
Certain The MPlayer Project products are vulnerable to Buffer Overflow via the function mp_unescape03() of libmpdemux/mpeg_hdr.c. This affects mencoder SVN-r38374-13.0.1 and mplayer SVN-r38374-13.0.1.π Read
via "National Vulnerability Database".
βΌ CVE-2022-38856 βΌ
π Read
via "National Vulnerability Database".
Certain The MPlayer Project products are vulnerable to Buffer Overflow via function mov_build_index() of libmpdemux/demux_mov.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.π Read
via "National Vulnerability Database".
βΌ CVE-2022-38853 βΌ
π Read
via "National Vulnerability Database".
Certain The MPlayer Project products are vulnerable to Buffer Overflow via function asf_init_audio_stream() of libmpdemux/asfheader.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.π Read
via "National Vulnerability Database".
βΌ CVE-2022-38866 βΌ
π Read
via "National Vulnerability Database".
Certain The MPlayer Project products are vulnerable to Buffer Overflow via read_avi_header() of libmpdemux/aviheader.c . This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.π Read
via "National Vulnerability Database".
βΌ CVE-2022-38858 βΌ
π Read
via "National Vulnerability Database".
Certain The MPlayer Project products are vulnerable to Buffer Overflow via function mov_build_index() of libmpdemux/demux_mov.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.π Read
via "National Vulnerability Database".
βΌ CVE-2022-38855 βΌ
π Read
via "National Vulnerability Database".
Certain The MPlayer Project products are vulnerable to Buffer Overflow via function gen_sh_video () of mplayer/libmpdemux/demux_mov.c. This affects mplayer SVN-r38374-13.0.1 and mencoder SVN-r38374-13.0.1.π Read
via "National Vulnerability Database".
βΌ CVE-2022-38863 βΌ
π Read
via "National Vulnerability Database".
Certain The MPlayer Project products are vulnerable to Buffer Overflow via function mp_getbits() of libmpdemux/mpeg_hdr.c which affects mencoder and mplayer. This affects mecoder SVN-r38374-13.0.1 and mplayer SVN-r38374-13.0.1.π Read
via "National Vulnerability Database".