βοΈ Botched Crypto Mugging Lands Three U.K. Men in Jail βοΈ
π Read
via "Krebs on Security".
Three men in the United Kingdom were arrested this month after police responding to an attempted break-in at a residence stopped their car as they fled the scene. The authorities found weapons and a police uniform in the trunk, and say the trio intended to assault a local man and force him to hand over virtual currencies. π Read
via "Krebs on Security".
Krebs on Security
Botched Crypto Mugging Lands Three U.K. Men in Jail
Three men in the United Kingdom were arrested this month after police responding to an attempted break-in at a residence stopped their car as they fled the scene. The authorities found weapons and a police uniform in the trunk, andβ¦
βΌ CVE-2022-35193 βΌ
π Read
via "National Vulnerability Database".
TestLink v1.9.20 was discovered to contain a SQL injection vulnerability via /lib/execute/execNavigator.php.π Read
via "National Vulnerability Database".
βΌ CVE-2022-40337 βΌ
π Read
via "National Vulnerability Database".
OASES (aka Open Aviation Strategic Engineering System) 8.8.0.2 allows attackers to execute arbitrary code via the Open Print Folder menu.π Read
via "National Vulnerability Database".
βΌ CVE-2022-38878 βΌ
π Read
via "National Vulnerability Database".
School Activity Updates with SMS Notification v1.0 is vulnerable to SQL Injection via /activity/admin/modules/event/index.php?view=edit&id=.π Read
via "National Vulnerability Database".
βΌ CVE-2021-42597 βΌ
π Read
via "National Vulnerability Database".
A Cross Site Scripting (XSS) vulnerability exists in Sourcecodester Storage Unit Rental Management System PHP 8.0.10 , Apache 2.4.14, SURMS V 1.0 via the Add New Tenant List Rent List form.π Read
via "National Vulnerability Database".
βΌ CVE-2022-3225 βΌ
π Read
via "National Vulnerability Database".
Improper Access Control in GitHub repository budibase/budibase prior to 1.3.20.π Read
via "National Vulnerability Database".
βΌ CVE-2022-38409 βΌ
π Read
via "National Vulnerability Database".
Adobe Illustrator versions 26.4 (and earlier) and 25.4.7 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.π Read
via "National Vulnerability Database".
βΌ CVE-2021-42948 βΌ
π Read
via "National Vulnerability Database".
HotelDruid Hotel Management Software v3.0.3 and below was discovered to have exposed session tokens in multiple links via GET parameters, allowing attackers to access user session id's.π Read
via "National Vulnerability Database".
βΌ CVE-2022-35195 βΌ
π Read
via "National Vulnerability Database".
TestLink 1.9.20 Raijin was discovered to contain a broken access control vulnerability at /lib/attachments/attachmentdownload.phpπ Read
via "National Vulnerability Database".
βΌ CVE-2022-38412 βΌ
π Read
via "National Vulnerability Database".
Adobe Animate version 21.0.11 (and earlier) and 22.0.7 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.π Read
via "National Vulnerability Database".
βΌ CVE-2022-37775 βΌ
π Read
via "National Vulnerability Database".
Genesys PureConnect Interaction Web Tools Chat Service (up to at least 26- September- 2019) allows XSS within the Printable Chat History via the participant -> name JSON POST parameter.π Read
via "National Vulnerability Database".
βΌ CVE-2022-38877 βΌ
π Read
via "National Vulnerability Database".
Garage Management System v1.0 is vulnerable to Arbitrary code execution via ip/garage/php_action/editProductImage.php?id=1.π Read
via "National Vulnerability Database".
βΌ CVE-2022-37248 βΌ
π Read
via "National Vulnerability Database".
Craft CMS 4.2.0.1 is vulnerable to Cross Site Scripting (XSS) via src/helpers/Cp.php.π Read
via "National Vulnerability Database".
βΌ CVE-2021-41731 βΌ
π Read
via "National Vulnerability Database".
Cross Site Scripting (XSS vulnerability exists in )Sourcecodester News247 News Magazine (CMS) PHP 5.6 or higher and MySQL 5.7 or higher via the blog category name fieldπ Read
via "National Vulnerability Database".
βΌ CVE-2022-38411 βΌ
π Read
via "National Vulnerability Database".
Adobe Animate version 21.0.11 (and earlier) and 22.0.7 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.π Read
via "National Vulnerability Database".
βΌ CVE-2022-38408 βΌ
π Read
via "National Vulnerability Database".
Adobe Illustrator versions 26.4 (and earlier) and 25.4.7 (and earlier) are affected by an Improper Input Validation vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file. requires user interaction in that a victim must open a malicious file.π Read
via "National Vulnerability Database".
βΌ CVE-2022-36402 βΌ
π Read
via "National Vulnerability Database".
An integer overflow vulnerability was found in vmwgfx driver in drivers/gpu/vmxgfx/vmxgfx_execbuf.c in GPU component of Linux kernel with device file '/dev/dri/renderD128 (or Dxxx)'. This flaw allows a local attacker with a user account on the system to gain privilege, causing a denial of service(DoS).π Read
via "National Vulnerability Database".
βΌ CVE-2022-38410 βΌ
π Read
via "National Vulnerability Database".
Adobe Illustrator versions 26.4 (and earlier) and 25.4.7 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.π Read
via "National Vulnerability Database".
βΌ CVE-2022-38416 βΌ
π Read
via "National Vulnerability Database".
Adobe InDesign versions 16.4.2 (and earlier) and 17.3 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an allocated memory structure. An attacker could leverage this vulnerability to execute code in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.π Read
via "National Vulnerability Database".
βΌ CVE-2021-40023 βΌ
π Read
via "National Vulnerability Database".
Configuration defects in the secure OS module. Successful exploitation of this vulnerability will affect confidentiality.π Read
via "National Vulnerability Database".
βΌ CVE-2022-38428 βΌ
π Read
via "National Vulnerability Database".
Adobe Photoshop versions 22.5.8 (and earlier) and 23.4.2 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.π Read
via "National Vulnerability Database".