ποΈ Security certification body (ISC)Β² defends βundemocraticβ bylaw changes ποΈ
π Read
via "The Daily Swig".
Former chair bemoans βcoup by governanceβπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Security certification body (ISC)Β² defends βundemocraticβ bylaw changes
Former chair bemoans βcoup by governanceβ
π΄ DigiCert Appoints Industry Veteran Amit Sinha as Chief Executive Officer π΄
π Read
via "Dark Reading".
Former Zscaler president to lead DigiCert's next stage of growth as the company accelerates its strategy, expands its product offering, and works to become the de facto standard for digital trust.π Read
via "Dark Reading".
Dark Reading
DigiCert Appoints Industry Veteran Amit Sinha as Chief Executive Officer
Former Zscaler president to lead DigiCert's next stage of growth as the company accelerates its strategy, expands its product offering, and works to become the de facto standard for digital trust.
π΄ GroupSense Delivers New Ransomware Negotiation Training Service π΄
π Read
via "Dark Reading".
Training service prepares ransomware response teams for successful threat actor engagement to mitigate damage, protect brand reputation, anticipate emerging threats, and more.π Read
via "Dark Reading".
Dark Reading
GroupSense Delivers New Ransomware Negotiation Training Service
Training service prepares ransomware response teams for successful threat actor engagement to mitigate damage, protect brand reputation, anticipate emerging threats, and more.
π1
βΌ CVE-2022-43037 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in Bento4 1.6.0-639. There is a memory leak in the function AP4_File::ParseStream in /Core/Ap4File.cpp.π Read
via "National Vulnerability Database".
βΌ CVE-2022-43040 βΌ
π Read
via "National Vulnerability Database".
GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a heap buffer overflow via the function gf_isom_box_dump_start_ex at /isomedia/box_funcs.c.π Read
via "National Vulnerability Database".
βΌ CVE-2022-43038 βΌ
π Read
via "National Vulnerability Database".
Bento4 v1.6.0-639 was discovered to contain a heap overflow via the AP4_BitReader::ReadCache() function in mp42ts.π Read
via "National Vulnerability Database".
βΌ CVE-2022-43039 βΌ
π Read
via "National Vulnerability Database".
GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a segmentation violation via the function gf_isom_meta_restore_items_ref at /isomedia/meta.c.π Read
via "National Vulnerability Database".
βΌ CVE-2022-43033 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in Bento4 1.6.0-639. There is a bad free in the component AP4_HdlrAtom::~AP4_HdlrAtom() which allows attackers to cause a Denial of Service (DoS) via a crafted input.π Read
via "National Vulnerability Database".
βΌ CVE-2022-43034 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in Bento4 v1.6.0-639. There is a heap buffer overflow vulnerability in the AP4_BitReader::SkipBits(unsigned int) function in mp42ts.π Read
via "National Vulnerability Database".
βΌ CVE-2022-43184 βΌ
π Read
via "National Vulnerability Database".
D-Link DIR878 1.30B08 Hotfix_04 was discovered to contain a command injection vulnerability via the component /bin/proc.cgi.π Read
via "National Vulnerability Database".
βΌ CVE-2022-43044 βΌ
π Read
via "National Vulnerability Database".
GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a segmentation violation via the function gf_isom_get_meta_item_info at /isomedia/meta.c.π Read
via "National Vulnerability Database".
βΌ CVE-2022-23734 βΌ
π Read
via "National Vulnerability Database".
A deserialization of untrusted data vulnerability was identified in GitHub Enterprise Server that could potentially lead to remote code execution on the SVNBridge. To exploit this vulnerability, an attacker would need to gain access via a server-side request forgery (SSRF) that would let an attacker control the data being deserialized. This vulnerability affected all versions of GitHub Enterprise Server prior to v3.6 and was fixed in versions 3.5.3, 3.4.6, 3.3.11, and 3.2.16. This vulnerability was reported via the GitHub Bug Bounty program.π Read
via "National Vulnerability Database".
βΌ CVE-2022-43042 βΌ
π Read
via "National Vulnerability Database".
GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a heap buffer overflow via the function FixSDTPInTRAF at isomedia/isom_intern.c.π Read
via "National Vulnerability Database".
βΌ CVE-2022-43185 βΌ
π Read
via "National Vulnerability Database".
A stored cross-site scripting (XSS) vulnerability in the Configuration/Holidays module of Rukovoditel v3.2.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Name parameter.π Read
via "National Vulnerability Database".
βΌ CVE-2022-43032 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in Bento4 v1.6.0-639. There is a memory leak in AP4_DescriptorFactory::CreateDescriptorFromStream in Core/Ap4DescriptorFactory.cpp, as demonstrated by mp42aac.π Read
via "National Vulnerability Database".
βΌ CVE-2022-43035 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in Bento4 v1.6.0-639. There is a heap-buffer-overflow in AP4_Dec3Atom::AP4_Dec3Atom at Ap4Dec3Atom.cpp, leading to a Denial of Service (DoS), as demonstrated by mp42aac.π Read
via "National Vulnerability Database".
π1
βΌ CVE-2022-43043 βΌ
π Read
via "National Vulnerability Database".
GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a segmentation violation via the function BD_CheckSFTimeOffset at /bifs/field_decode.c.π Read
via "National Vulnerability Database".
βΌ CVE-2022-43045 βΌ
π Read
via "National Vulnerability Database".
GPAC 2.1-DEV-rev368-gfd054169b-master was discovered to contain a segmentation violation via the function gf_dump_vrml_sffield at /scene_manager/scene_dump.c.π Read
via "National Vulnerability Database".
βΌ CVE-2022-39301 βΌ
π Read
via "National Vulnerability Database".
sra-admin is a background rights management system that separates the front and back end. sra-admin version 1.1.1 has a storage cross-site scripting (XSS) vulnerability. After logging into the sra-admin background, an attacker can upload an html page containing xss attack code in "Personal Center" - "Profile Picture Upload" allowing theft of the user's personal information. This issue has been patched in 1.1.2. There are no known workarounds.π Read
via "National Vulnerability Database".
π΄ Kaspersky Launches New VPN to Amplify Speed and Convenience π΄
π Read
via "Dark Reading".
New version boosts VPN tunnel performance and lets users prioritize secure connection traffic for certain services.π Read
via "Dark Reading".
Dark Reading
Kaspersky Launches New VPN to Amplify Speed and Convenience
New version boosts VPN tunnel performance and lets users prioritize secure connection traffic for certain services.
π΄ Zscaler Advances Enterprise Data Security With Zero-Configuration Data Protection π΄
π Read
via "Dark Reading".
New data-protection innovations mitigate security risks by expediting deployment cycles and simplifying operational complexity.π Read
via "Dark Reading".
Dark Reading
Zscaler Advances Enterprise Data Security With Zero-Configuration Data Protection
New data-protection innovations mitigate security risks by expediting deployment cycles and simplifying operational complexity.