‼ CVE-2022-42165 ‼
📖 Read
via "National Vulnerability Database".
Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/formSetDeviceName.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-3553 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability, which was classified as problematic, was found in X.org Server. This affects an unknown part of the file hw/xquartz/X11Controller.m of the component xquartz. The manipulation leads to denial of service. It is recommended to apply a patch to fix this issue. The identifier VDB-211053 was assigned to this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-3546 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability was found in SourceCodester Simple Cold Storage Management System 1.0 and classified as problematic. Affected by this issue is some unknown functionality of the file /csms/admin/?page=user/list of the component Create User Handler. The manipulation of the argument First Name/Last Name leads to cross site scripting. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-211046 is the identifier assigned to this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-3549 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability was found in SourceCodester Simple Cold Storage Management System 1.0. It has been rated as problematic. This issue affects some unknown processing of the file /csms/admin/?page=user/manage_user of the component Avatar Handler. The manipulation leads to unrestricted upload. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-211049 was assigned to this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-42164 ‼
📖 Read
via "National Vulnerability Database".
Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/formSetClientState.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-2834 ‼
📖 Read
via "National Vulnerability Database".
The Helpful WordPress plugin before 4.5.26 puts the exported logs and feedbacks in a publicly accessible location and guessable names, which could allow attackers to download them and retrieve sensitive information such as IP, Names and Email Address depending on the plugin's settings📖 Read
via "National Vulnerability Database".
‼ CVE-2022-3542 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability classified as problematic was found in Linux Kernel. This vulnerability affects the function bnx2x_tpa_stop of the file drivers/net/ethernet/broadcom/bnx2x/bnx2x_cmn.c of the component BPF. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. VDB-211042 is the identifier assigned to this vulnerability.📖 Read
via "National Vulnerability Database".
🕴 Disinformation Attacks Threaten US Midterm Elections 🕴
📖 Read
via "Dark Reading".
Foreign nations continue to target various US public entities and private industries with cyberattacks, but the coming midterms are driving more disinformation than hacking, say experts.📖 Read
via "Dark Reading".
Dark Reading
Disinformation Attacks Threaten US Midterm Elections
Foreign nations continue to target various US public entities and private industries with cyberattacks, but the coming midterms are driving more disinformation than hacking, say experts.
🕴 What Fast-Talkers Can Teach Us About Vetting Vendors 🕴
📖 Read
via "Dark Reading".
Here's how to differentiate vendors that can back up their words with solutions and those that cannot.📖 Read
via "Dark Reading".
Dark Reading
What Fast-Talkers Can Teach Us About Vetting Vendors
Here's how to differentiate vendors that can back up their words with solutions and those that cannot.
🛠GNU Privacy Guard 2.3.8 ðŸ›
📖 Read
via "Packet Storm Security".
GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions.📖 Read
via "Packet Storm Security".
Packetstormsecurity
GNU Privacy Guard 2.3.8 ≈ Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
🛠GNU Privacy Guard 2.2.40 ðŸ›
📖 Read
via "Packet Storm Security".
GnuPG (the GNU Privacy Guard or GPG) is GNU's tool for secure communication and data storage. It can be used to encrypt data and to create digital signatures. It includes an advanced key management facility and is compliant with the proposed OpenPGP Internet standard as described in RFC2440. As such, it is meant to be compatible with PGP from NAI, Inc. Because it does not use any patented algorithms, it can be used without any restrictions. This is the LTS release.📖 Read
via "Packet Storm Security".
Packetstormsecurity
GNU Privacy Guard 2.2.40 ≈ Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
🕴 What Fast-Talkers Can Teach Us About Vetting Vendors 🕴
📖 Read
via "Dark Reading".
Here's how to differentiate vendors that can back up their words with solutions and those that cannot.📖 Read
via "Dark Reading".
Dark Reading
What Fast-Talkers Can Teach Us About Vetting Vendors
Here's how to differentiate vendors that can back up their words with solutions and those that cannot.
‼ CVE-2022-42170 ‼
📖 Read
via "National Vulnerability Database".
Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/formWifiWpsStart.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-42167 ‼
📖 Read
via "National Vulnerability Database".
Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/formSetFirewallCfg.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-42166 ‼
📖 Read
via "National Vulnerability Database".
Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/formSetSpeedWan.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-41471 ‼
📖 Read
via "National Vulnerability Database".
74cmsSE v3.12.0 allows authenticated attackers with low-level privileges to arbitrarily change the rights and credentials of the Super Administrator account.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-41498 ‼
📖 Read
via "National Vulnerability Database".
Billing System Project v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /phpinventory/editbrand.php.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-41542 ‼
📖 Read
via "National Vulnerability Database".
devhub 0.102.0 was discovered to contain a broken session control.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-41472 ‼
📖 Read
via "National Vulnerability Database".
74cmsSE v3.12.0 was discovered to contain a cross-site scripting (XSS) vulnerability via the component /apiadmin/notice/add. This vulnerability allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Title field.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-42171 ‼
📖 Read
via "National Vulnerability Database".
Tenda AC10 V15.03.06.23 contains a Stack overflow vulnerability via /goform/saveParentControlInfo.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-42154 ‼
📖 Read
via "National Vulnerability Database".
An arbitrary file upload vulnerability in the component /apiadmin/upload/attach of 74cmsSE v3.13.0 allows attackers to execute arbitrary code via a crafted PHP file.📖 Read
via "National Vulnerability Database".