‼ CVE-2022-34434 ‼
📖 Read
via "National Vulnerability Database".
Cloud Mobility for Dell Storage versions 1.3.0 and earlier contains an Improper Access Control vulnerability within the Postgres database. A threat actor with root level access to either the vApp or containerized versions of Cloud Mobility may potentially exploit this vulnerability, leading to the modification or deletion of tables that are required for many of the core functionalities of Cloud Mobility. Exploitation may lead to the compromise of integrity and availability of the normal functionality of the Cloud Mobility application.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-33978 ‼
📖 Read
via "National Vulnerability Database".
Reflected Cross-Site Scripting (XSS) vulnerability FontMeister plugin <= 1.08 at WordPress.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-34430 ‼
📖 Read
via "National Vulnerability Database".
Dell Hybrid Client below 1.8 version contains a Zip Bomb Vulnerability in UI. A guest privilege attacker could potentially exploit this vulnerability, leading to system files modification.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-38388 ‼
📖 Read
via "National Vulnerability Database".
IBM Navigator Mobile Android 3.4.1.1 and 3.4.1.2 app could allow a local user to obtain sensitive information due to improper access control. IBM X-Force ID: 233968.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-34432 ‼
📖 Read
via "National Vulnerability Database".
Dell Hybrid Client below 1.8 version contains a gedit vulnerability. A guest attacker could potentially exploit this vulnerability, allowing deletion of user and some system files and folders.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-32492 ‼
📖 Read
via "National Vulnerability Database".
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user may potentially exploit this vulnerability by using an SMI to gain arbitrary code execution in SMRAM.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-41376 ‼
📖 Read
via "National Vulnerability Database".
Metro UI v4.4.0 to v4.5.0 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the Javascript function.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-34426 ‼
📖 Read
via "National Vulnerability Database".
Dell Container Storage Modules 1.2 contains an Improper Limitation of a Pathname to a Restricted Directory in goiscsi and gobrick libraries which could lead to OS command injection. A remote unauthenticated attacker could exploit this vulnerability leading to unintentional access to path outside of restricted directory.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-34427 ‼
📖 Read
via "National Vulnerability Database".
Dell Container Storage Modules 1.2 contains an OS Command Injection in goiscsi and gobrick libraries. A remote unauthenticated attacker could exploit this vulnerability leading to modification of intended OS command execution.📖 Read
via "National Vulnerability Database".
🕴 OT Cybersecurity Leader Paul Brager Passes Away 🕴
📖 Read
via "Dark Reading".
IT security executive led ICS/OT, IT/OT integration, and other security programs, as well as diversity and inclusion efforts in the industry.📖 Read
via "Dark Reading".
Dark Reading
OT Cybersecurity Leader Paul Brager Passes Away
The IT security executive led ICS/OT, IT/OT integration, and other security programs, as well as diversity and inclusion efforts in the industry.
🕴 Intel Processor UEFI Source Code Leaked 🕴
📖 Read
via "Dark Reading".
Exposed code included private key for Intel Boot Guard, meaning it can no longer be trusted, according to a researcher.📖 Read
via "Dark Reading".
Dark Reading
Intel Processor UEFI Source Code Leaked
Exposed code included private key for Intel Boot Guard, meaning it can no longer be trusted, according to a researcher.
🕴 Critical Open Source vm2 Sandbox Escape Bug Affects Millions 🕴
📖 Read
via "Dark Reading".
Attackers could exploit the "Sandbreak" security bug, which has earned a 10 out of 10 on the CVSS scale, to execute a sandbox escape, achieve RCE, and run shell commands on a hosting machine.📖 Read
via "Dark Reading".
Dark Reading
Critical Open Source vm2 Sandbox Escape Bug Affects Millions
Attackers could exploit the "Sandbreak" security bug, which has earned a 10 out of 10 on the CVSS scale, to execute a sandbox escape, achieve RCE, and run shell commands on a hosting machine.
🕴 AI and Residual Finger Heat Could Be a Password Cracker's Latest Tools 🕴
📖 Read
via "Dark Reading".
New research demonstrates the use of thermal camera images of keyboards and screens in concert with AI to correctly guess computer passwords faster and more accurately.📖 Read
via "Dark Reading".
Dark Reading
AI and Residual Finger Heat Could Be a Password Cracker's Latest Tools
New research demonstrates the use of thermal camera images of keyboards and screens in concert with AI to correctly guess computer passwords faster and more accurately.
‼ CVE-2022-38039 ‼
📖 Read
via "National Vulnerability Database".
Windows Kernel Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37988, CVE-2022-37990, CVE-2022-37991, CVE-2022-37995, CVE-2022-38022, CVE-2022-38037, CVE-2022-38038.📖 Read
via "National Vulnerability Database".
🤯1
‼ CVE-2022-38026 ‼
📖 Read
via "National Vulnerability Database".
Windows DHCP Client Information Disclosure Vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-38051 ‼
📖 Read
via "National Vulnerability Database".
Windows Graphics Component Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-37997.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-38042 ‼
📖 Read
via "National Vulnerability Database".
Active Directory Domain Services Elevation of Privilege Vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-37997 ‼
📖 Read
via "National Vulnerability Database".
Windows Graphics Component Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-38051.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-41037 ‼
📖 Read
via "National Vulnerability Database".
Microsoft SharePoint Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-38053, CVE-2022-41036, CVE-2022-41038.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-38034 ‼
📖 Read
via "National Vulnerability Database".
Windows Workstation Service Elevation of Privilege Vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-38044 ‼
📖 Read
via "National Vulnerability Database".
Windows CD-ROM File System Driver Remote Code Execution Vulnerability.📖 Read
via "National Vulnerability Database".