‼ CVE-2022-3534 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability classified as critical has been found in Linux Kernel. Affected is the function btf_dump_name_dups of the file tools/lib/bpf/btf_dump.c of the component libbpf. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211032.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-42980 ‼
📖 Read
via "National Vulnerability Database".
go-admin (aka GO Admin) 2.0.12 uses the string go-admin as a production JWT key.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-39052 ‼
📖 Read
via "National Vulnerability Database".
An external attacker is able to send a specially crafted email (with many recipients) and trigger a potential DoS of the system📖 Read
via "National Vulnerability Database".
‼ CVE-2022-3535 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability classified as problematic was found in Linux Kernel. Affected by this vulnerability is the function mvpp2_dbgfs_port_init of the file drivers/net/ethernet/marvell/mvpp2/mvpp2_debugfs.c of the component mvpp2. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier VDB-211033 was assigned to this vulnerability.📖 Read
via "National Vulnerability Database".
🕴 4 Stakeholders Critical to Addressing the Cybersecurity Workforce Gap 🕴
📖 Read
via "Dark Reading".
A cross-disciplinary effort of change is needed to attract new professionals in the coming decade.📖 Read
via "Dark Reading".
Dark Reading
4 Stakeholders Critical to Addressing the Cybersecurity Workforce Gap
A cross-disciplinary effort of change is needed to attract new professionals in the coming decade.
🕴 Imprivata Expands Its Integrated Digital Identity Platform to Defragment Identities Across Disparate Applications 🕴
📖 Read
via "Dark Reading".
Offers solution to accelerate identity intelligence through simplified, yet extensive, visibility of user activity.📖 Read
via "Dark Reading".
Dark Reading
Imprivata Expands Its Integrated Digital Identity Platform to Defragment Identities Across Disparate Applications
Offers solution to accelerate identity intelligence through simplified, yet extensive, visibility of user activity.
‼ CVE-2022-3149 ‼
📖 Read
via "National Vulnerability Database".
The WP Custom Cursors WordPress plugin before 3.0.1 does not have CSRF check in place when creating and editing cursors, which could allow attackers to made a logged in admin perform such actions via CSRF attacks. Furthermore, due to the lack of sanitisation and escaping in some of the cursor options, it could also lead to Stored Cross-Site Scripting📖 Read
via "National Vulnerability Database".
‼ CVE-2022-3243 ‼
📖 Read
via "National Vulnerability Database".
The Import all XML, CSV & TXT WordPress plugin before 6.5.8 does not properly sanitise and escape imported data before using them back SQL statements, leading to SQL injection exploitable by high privilege users such as admin📖 Read
via "National Vulnerability Database".
👍1
‼ CVE-2022-3126 ‼
📖 Read
via "National Vulnerability Database".
The Frontend File Manager Plugin WordPress plugin before 21.4 does not have CSRF check when uploading files, which could allow attackers to make logged in users upload files on their behalf📖 Read
via "National Vulnerability Database".
‼ CVE-2022-3282 ‼
📖 Read
via "National Vulnerability Database".
The Drag and Drop Multiple File Upload WordPress plugin before 1.3.6.5 does not properly check for the upload size limit set in forms, taking the value from user input sent when submitting the form. As a result, attackers could control the file length limit and bypass the limit set by admins in the contact form.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-3206 ‼
📖 Read
via "National Vulnerability Database".
The Passster WordPress plugin before 3.5.5.5.2 stores the password inside a cookie named "passster" using base64 encoding method which is easy to decode. This puts the password at risk in case the cookies get leaked.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-3545 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211045 was assigned to this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-3544 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability, which was classified as problematic, was found in Linux Kernel. Affected is the function damon_sysfs_add_target of the file mm/damon/sysfs.c of the component Netfilter. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211044.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-3150 ‼
📖 Read
via "National Vulnerability Database".
The WP Custom Cursors WordPress plugin through 3.0 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privileged users such as admin📖 Read
via "National Vulnerability Database".
‼ CVE-2022-3244 ‼
📖 Read
via "National Vulnerability Database".
The Import all XML, CSV & TXT WordPress plugin before 6.5.8 does not have authorisation in some places, which could allow any authenticated users to access some of the plugin features if they manage to get the related nonce📖 Read
via "National Vulnerability Database".
‼ CVE-2022-3555 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability was found in X.org libX11 and classified as problematic. This issue affects the function _XFreeX11XCBStructure of the file xcb_disp.c. The manipulation of the argument dpy leads to memory leak. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211055.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-3548 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability was found in SourceCodester Simple Cold Storage Management System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the component Add New Storage Handler. The manipulation of the argument Name leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-211048.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-3131 ‼
📖 Read
via "National Vulnerability Database".
The Search Logger WordPress plugin through 0.9 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by high privilege users📖 Read
via "National Vulnerability Database".
‼ CVE-2022-3554 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability has been found in X.org libX11 and classified as problematic. This vulnerability affects the function _XimRegisterIMInstantiateCallback of the file modules/im/ximcp/imsClbk.c. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. VDB-211054 is the identifier assigned to this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-42165 ‼
📖 Read
via "National Vulnerability Database".
Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/formSetDeviceName.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-3553 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability, which was classified as problematic, was found in X.org Server. This affects an unknown part of the file hw/xquartz/X11Controller.m of the component xquartz. The manipulation leads to denial of service. It is recommended to apply a patch to fix this issue. The identifier VDB-211053 was assigned to this vulnerability.📖 Read
via "National Vulnerability Database".