βΌ CVE-2022-41833 βΌ
π Read
via "National Vulnerability Database".
In all BIG-IP 13.1.x versions, when an iRule containing the HTTP::collect command is configured on a virtual server, undisclosed requests can cause Traffic Management Microkernel (TMM) to terminate.π Read
via "National Vulnerability Database".
π΄ Microsoft Customer Data Exposed by Misconfigured Server π΄
π Read
via "Dark Reading".
The data exposure was the result of an "unintentional misconfiguration on an endpoint" and not a security vulnerability, Microsoft said.π Read
via "Dark Reading".
Dark Reading
Microsoft Customer Data Exposed by Misconfigured Server
The data exposure was the result of an "unintentional misconfiguration on an endpoint" and not a security vulnerability, Microsoft said.
π€―2π€1
βΌ CVE-2022-3327 βΌ
π Read
via "National Vulnerability Database".
Missing Authentication for Critical Function in GitHub repository ikus060/rdiffweb prior to 2.5.0a6.π Read
via "National Vulnerability Database".
βΌ CVE-2022-41358 βΌ
π Read
via "National Vulnerability Database".
A stored cross-site scripting (XSS) vulnerability in Garage Management System v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the categoriesName parameter in createCategories.php.π Read
via "National Vulnerability Database".
βΌ CVE-2022-37598 βΌ
π Read
via "National Vulnerability Database".
Prototype pollution vulnerability in function DEFNODE in ast.js in mishoo UglifyJS 3.13.2 via the name variable in ast.js.π Read
via "National Vulnerability Database".
βΌ CVE-2021-33231 βΌ
π Read
via "National Vulnerability Database".
Cross Site Scripting (XSS) vulnerability in New equipment page in EasyVista Service Manager 2018.1.181.1 allows remote attackers to run arbitrary code via the notes field.π Read
via "National Vulnerability Database".
βΌ CVE-2020-12744 βΌ
π Read
via "National Vulnerability Database".
The MSI installer in Verint Desktop Resources 15.2 allows an unprivileged local user to elevate their privileges during install or repair.π Read
via "National Vulnerability Database".
βΌ CVE-2022-26954 βΌ
π Read
via "National Vulnerability Database".
Multiple open redirect vulnerabilities in NopCommerce 4.10 through 4.50.1 allow remote attackers to conduct phishing attacks by redirecting users to attacker-controlled web sites via the returnUrl parameter, processed by the (1) ChangePassword function, (2) SignInCustomerAsync function, (3) SuccessfulAuthentication method, or (4) NopRedirectResultExecutor class.π Read
via "National Vulnerability Database".
βΌ CVE-2022-37298 βΌ
π Read
via "National Vulnerability Database".
Shinken Solutions Shinken Monitoring Version 2.4.3 affected is vulnerable to Incorrect Access Control. The SafeUnpickler class found in shinken/safepickle.py implements a weak authentication scheme when unserializing objects passed from monitoring nodes to the Shinken monitoring server.π Read
via "National Vulnerability Database".
β Women in Cryptology β USPS celebrates WW2 codebreakers β
π Read
via "Naked Security".
What did you do in the war, Mom? Oh, y'know, a bit of this and that...π Read
via "Naked Security".
Naked Security
Women in Cryptology β USPS celebrates WW2 codebreakers
What did you do in the war, Mom? Oh, yβknow, a bit of this and thatβ¦
π΄ 8 Trends Driving Cybersecurity in the Public Sector π΄
π Read
via "Dark Reading".
CISOs and security leaders in state and local governments are dealing with increasing threats like ransomware β with varying degrees of cyber maturity.π Read
via "Dark Reading".
Dark Reading
8 Trends Driving Cybersecurity in the Public Sector
CISOs and security leaders in state and local governments are dealing with increasing threats like ransomware β with varying degrees of cyber maturity.
π΄ Bolster Deepens Platform with Dark Web Threat Intelligence and 24/7 Support π΄
π Read
via "Dark Reading".
Bolster delivers intelligence and remediation across web, social media, app stores, and Dark Web, with 24/7, live SOC support.π Read
via "Dark Reading".
Dark Reading
Bolster Deepens Platform with Dark Web Threat Intelligence and 24/7 Support
Bolster delivers intelligence and remediation across web, social media, app stores, and Dark Web, with 24/7, live SOC support.
π΄ HP Launches Sure Access Enterprise to Protect High Value Data and Systems π΄
π Read
via "Dark Reading".
HP enhances HP Wolf Security portfolio to stop attackers hijacking privileged access to sensitive data.π Read
via "Dark Reading".
Dark Reading
HP Launches Sure Access Enterprise to Protect High Value Data and Systems
HP enhances HP Wolf Security portfolio to stop attackers hijacking privileged access to sensitive data.
βΌ CVE-2022-42197 βΌ
π Read
via "National Vulnerability Database".
In Simple Exam Reviewer Management System v1.0 the User List function has improper access control that allows low privileged users to modify user permissions to higher privileges.π Read
via "National Vulnerability Database".
βΌ CVE-2022-42201 βΌ
π Read
via "National Vulnerability Database".
Simple Exam Reviewer Management System v1.0 is vulnerable to Insecure file upload.π Read
via "National Vulnerability Database".
βΌ CVE-2022-42200 βΌ
π Read
via "National Vulnerability Database".
Simple Exam Reviewer Management System v1.0 is vulnerable to Stored Cross Site Scripting (XSS) via the Exam List.π Read
via "National Vulnerability Database".
βΌ CVE-2022-31366 βΌ
π Read
via "National Vulnerability Database".
An arbitrary file upload vulnerability in the apiImportLabs function in api_labs.php of EVE-NG 2.0.3-112 Community allows attackers to execute arbitrary code via a crafted UNL file.π Read
via "National Vulnerability Database".
βΌ CVE-2022-42198 βΌ
π Read
via "National Vulnerability Database".
In Simple Exam Reviewer Management System v1.0 the User List function suffers from insecure file upload.π Read
via "National Vulnerability Database".
βΌ CVE-2022-42199 βΌ
π Read
via "National Vulnerability Database".
Simple Exam Reviewer Management System v1.0 is vulnerable to Cross Site Request Forgery (CSRF) via the Exam List.π Read
via "National Vulnerability Database".
π΄ Datadog Launches Cloud Security Management to Provide Cloud Native Application Protection π΄
π Read
via "Dark Reading".
Product brings together workload and infrastructure security into a single platform to provide a unified approach to protecting cloud environments.π Read
via "Dark Reading".
Dark Reading
Datadog Launches Cloud Security Management to Provide Cloud Native Application Protection
Product brings together workload and infrastructure security into a single platform to provide a unified approach to protecting cloud environments.
π΄ CyCognito Launches Next Generation of Exploit Intelligence Threat Remediation Platform π΄
π Read
via "Dark Reading".
External attack surface management leader unveils evolution of risk intelligence solution, including a virtual sandbox environment to safely validate steps to remediation.π Read
via "Dark Reading".
Dark Reading
CyCognito Launches Next Generation of Exploit Intelligence Threat Remediation Platform
External attack surface management leader unveils evolution of risk intelligence solution, including a virtual sandbox environment to safely validate steps to remediation.