🕴 Fake Accounts Are Not Your Friends! 🕴
📖 Read
via "Dark Reading".
Inflated user bases and fake engagement cause more harm than good, especially when the artificial accounts are based on stolen human identities.📖 Read
via "Dark Reading".
Darkreading
Fake Accounts Are Not Your Friends!
Inflated user bases and fake engagement cause more harm than good, especially when the artificial accounts are based on stolen human identities.
‼ CVE-2022-31628 ‼
📖 Read
via "National Vulnerability Database".
In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the phar uncompressor code would recursively uncompress "quines" gzip files, resulting in an infinite loop.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-39264 ‼
📖 Read
via "National Vulnerability Database".
nheko is a desktop client for the Matrix communication application. All versions below 0.10.2 are vulnerable homeservers inserting malicious secrets, which could lead to man-in-the-middle attacks. Users can upgrade to version 0.10.2 to protect against this issue. As a workaround, one may apply the patch manually, avoid doing verifications of one's own devices, and/or avoid pressing the request button in the settings menu.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-31629 ‼
📖 Read
via "National Vulnerability Database".
In PHP versions before 7.4.31, 8.0.24 and 8.1.11, the vulnerability enables network and same-site attackers to set a standard insecure cookie in the victim's browser which is treated as a `__Host-` or `__Secure-` cookie by PHP applications.📖 Read
via "National Vulnerability Database".
‼ CVE-2019-20308 ‼
📖 Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during the year 2019. Notes: none.📖 Read
via "National Vulnerability Database".
‼ CVE-2019-20247 ‼
📖 Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during the year 2019. Notes: none.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-42048 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in the Growth extension in MediaWiki through 1.36.2. Any admin can add arbitrary JavaScript code to the Newcomer home page footer, which can be executed by viewers with zero edits.📖 Read
via "National Vulnerability Database".
‼ CVE-2019-20325 ‼
📖 Read
via "National Vulnerability Database".
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-15338 ‼
📖 Read
via "National Vulnerability Database".
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has a "Use of GET Request Method With Sensitive Query Strings" issue for /cnr requests.📖 Read
via "National Vulnerability Database".
👍1
‼ CVE-2019-20318 ‼
📖 Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.📖 Read
via "National Vulnerability Database".
‼ CVE-2016-2338 ‼
📖 Read
via "National Vulnerability Database".
An exploitable heap overflow vulnerability exists in the Psych::Emitter start_document function of Ruby. In Psych::Emitter start_document function heap buffer "head" allocation is made based on tags array length. Specially constructed object passed as element of tags array can increase this array size after mentioned allocation and cause heap overflow.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-15332 ‼
📖 Read
via "National Vulnerability Database".
Zyxel CloudCNM SecuManager 3.1.0 and 3.1.1 has weak /opt/axess/etc/default/axess permissions.📖 Read
via "National Vulnerability Database".
‼ CVE-2019-20314 ‼
📖 Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during the year 2019. Notes: none.📖 Read
via "National Vulnerability Database".
‼ CVE-2019-20292 ‼
📖 Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during the year 2019. Notes: none.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-1718 ‼
📖 Read
via "National Vulnerability Database".
The trudesk application allows large characters to insert in the input field "Full Name" on the signup field which can allow attackers to cause a Denial of Service (DoS) via a crafted HTTP request in GitHub repository polonel/trudesk prior to 1.2.2. This can lead to Denial of service.📖 Read
via "National Vulnerability Database".
👍1
‼ CVE-2019-20317 ‼
📖 Read
via "National Vulnerability Database".
DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.📖 Read
via "National Vulnerability Database".
‼ CVE-2019-20282 ‼
📖 Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2019. Notes: none.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-40695 ‼
📖 Read
via "National Vulnerability Database".
It was possible for a student to view their quiz grade before it had been released, using a quiz web service.📖 Read
via "National Vulnerability Database".
‼ CVE-2019-20289 ‼
📖 Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during the year 2019. Notes: none.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-3326 ‼
📖 Read
via "National Vulnerability Database".
Weak Password Requirements in GitHub repository ikus060/rdiffweb prior to 2.4.9.📖 Read
via "National Vulnerability Database".
‼ CVE-2014-0144 ‼
📖 Read
via "National Vulnerability Database".
QEMU before 2.0.0 block drivers for CLOOP, QCOW2 version 2 and various other image formats are vulnerable to potential memory corruptions, integer/buffer overflows or crash caused by missing input validations which could allow a remote user to execute arbitrary code on the host with the privileges of the QEMU process.📖 Read
via "National Vulnerability Database".
👍1