βοΈ Accused βRaccoonβ Malware Developer Fled Ukraine After Russian Invasion βοΈ
π Read
via "Krebs on Security".
A 26-year-old Ukrainian man is awaiting extradition to the United States on charges that he acted as a core developer for Raccoon, a "malware-as-a-service" offering that helped paying customers steal passwords and financial data from millions of cybercrime victims. KrebsOnSecurity has learned that the defendant was busted in March 2022, after fleeing mandatory military service in Ukraine in the weeks following the Russian invasion.π Read
via "Krebs on Security".
Krebs on Security
Accused βRaccoonβ Malware Developer Fled Ukraine After Russian Invasion
A 26-year-old Ukrainian man is awaiting extradition to the United States on charges that he acted as a core developer for Raccoon, a "malware-as-a-service" offering that helped paying customers steal passwords and financial data from millions of cybercrimeβ¦
βΌ CVE-2022-41688 βΌ
π Read
via "National Vulnerability Database".
Delta Electronics InfraSuite Device Master versions 00.00.01a and prior lack proper authentication for functions that create and modify user groups. An attacker could provide malicious serialized objects that could run these functions without authentication to create a new user and add them to the administrator group.π Read
via "National Vulnerability Database".
βΌ CVE-2022-40293 βΌ
π Read
via "National Vulnerability Database".
The application was vulnerable to a session fixation that could be used hijack accounts.π Read
via "National Vulnerability Database".
βΌ CVE-2022-41644 βΌ
π Read
via "National Vulnerability Database".
Delta Electronics InfraSuite Device Master versions 00.00.01a and prior lacks authentication for a function that changes group privileges. An attacker could use this to create a denial-of-service state or escalate their own privileges.π Read
via "National Vulnerability Database".
βΌ CVE-2022-40288 βΌ
π Read
via "National Vulnerability Database".
The application was vulnerable to an authenticated Stored Cross-Site Scripting (XSS) in the user profile data fields, which could be leveraged to escalate privileges within and compromise any account that views their user profile.π Read
via "National Vulnerability Database".
βΌ CVE-2022-28763 βΌ
π Read
via "National Vulnerability Database".
The Zoom Client for Meetings (for Android, iOS, Linux, macOS, and Windows) before version 5.12.2 is susceptible to a URL parsing vulnerability. If a malicious Zoom meeting URL is opened, the malicious link may direct the user to connect to an arbitrary network address, leading to additional attacks including session takeovers.π Read
via "National Vulnerability Database".
βΌ CVE-2022-41772 βΌ
π Read
via "National Vulnerability Database".
Delta Electronics InfraSuite Device Master Versions 00.00.01a and prior mishandle .ZIP archives containing characters used in path traversal. This path traversal could result in remote code execution.π Read
via "National Vulnerability Database".
βΌ CVE-2022-41657 βΌ
π Read
via "National Vulnerability Database".
Delta Electronics InfraSuite Device Master Versions 00.00.01a and prior allow attacker provided data already serialized into memory to be used in file operation application programmable interfaces (APIs). This could create arbitrary files, which could be used in API operations and could ultimately result in remote code execution.π Read
via "National Vulnerability Database".
βΌ CVE-2022-42923 βΌ
π Read
via "National Vulnerability Database".
Forma LMS on its 3.1.0 version and earlier is vulnerable to a SQL injection vulnerability. The exploitation of this vulnerability could allow an authenticated attacker (with the role of student) to perform a SQL injection on the 'id' parameter in the 'appCore/index.php?r=adm/mediagallery/delete' function in order to dump the entire database or delete all contents from the 'core_user_file' table.π Read
via "National Vulnerability Database".
βΌ CVE-2022-40287 βΌ
π Read
via "National Vulnerability Database".
The application was found to be vulnerable to an authenticated Stored Cross-Site Scripting (XSS) vulnerability in messaging functionality, leading to privilege escalation or a compromise of a targeted account.π Read
via "National Vulnerability Database".
βΌ CVE-2022-40294 βΌ
π Read
via "National Vulnerability Database".
The application was identified to have an CSV injection in data export functionality, allowing for malicious code to be embedded within export data and then triggered in exported data viewers.π Read
via "National Vulnerability Database".
βΌ CVE-2022-42924 βΌ
π Read
via "National Vulnerability Database".
Forma LMS on its 3.1.0 version and earlier is vulnerable to a SQL injection vulnerability. The exploitation of this vulnerability could allow an authenticated attacker (with the role of student) to perform a SQL injection on the 'dyn_filter' parameter in the 'appLms/ajax.adm_server.php?r=widget/userselector/getusertabledata' function in order to dump the entire database.π Read
via "National Vulnerability Database".
βΌ CVE-2022-3783 βΌ
π Read
via "National Vulnerability Database".
A vulnerability, which was classified as problematic, has been found in node-red-dashboard. This issue affects some unknown processing of the file components/ui-component/ui-component-ctrl.js of the component ui_text Format Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The name of the patch is 9305d1a82f19b235dfad24a7d1dd4ed244db7743. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-212555.π Read
via "National Vulnerability Database".
βΌ CVE-2022-40290 βΌ
π Read
via "National Vulnerability Database".
The application was vulnerable to an unauthenticated Reflected Cross-Site Scripting (XSS) vulnerability in the barcode generation functionality, allowing attackers to generate an unsafe link that could compromise users.π Read
via "National Vulnerability Database".
βΌ CVE-2022-41681 βΌ
π Read
via "National Vulnerability Database".
There is a vulnerability on Forma LMS version 3.1.0 and earlier that could allow an authenticated attacker (with the role of student) to privilege escalate in order to upload a Zip file through the SCORM importer feature. The exploitation of this vulnerability could lead to a remote code injection.π Read
via "National Vulnerability Database".
βΌ CVE-2022-41679 βΌ
π Read
via "National Vulnerability Database".
Forma LMS version 3.1.0 and earlier are affected by an Cross-Site scripting vulnerability, that could allow a remote attacker to inject javascript code on the Γ’β¬Εback_urlΓ’β¬οΏ½ parameter in appLms/index.php?modname=faq&op=play function. The exploitation of this vulnerability could allow an attacker to steal the userΓΒ΄s cookies in order to log in to the application.π Read
via "National Vulnerability Database".
βΌ CVE-2022-40190 βΌ
π Read
via "National Vulnerability Database".
SAUTER Controls moduWeb firmware version 2.7.1 is vulnerable to reflective cross-site scripting (XSS). The web application does not adequately sanitize request strings of malicious JavaScript. An attacker utilizing XSS could then execute malicious code in usersΓ’β¬β’ browsers and steal sensitive information, including user credentials.π Read
via "National Vulnerability Database".
βΌ CVE-2022-3784 βΌ
π Read
via "National Vulnerability Database".
A vulnerability classified as critical was found in Axiomatic Bento4 5e7bb34. Affected by this vulnerability is the function AP4_Mp4AudioDsiParser::ReadBits of the file Ap4Mp4AudioInfo.cpp of the component mp4hls. The manipulation leads to heap-based buffer overflow. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-212563.π Read
via "National Vulnerability Database".
βΌ CVE-2022-3785 βΌ
π Read
via "National Vulnerability Database".
A vulnerability, which was classified as critical, has been found in Axiomatic Bento4. Affected by this issue is the function AP4_DataBuffer::SetDataSize of the component Avcinfo. The manipulation leads to heap-based buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-212564.π Read
via "National Vulnerability Database".
βΌ CVE-2022-40291 βΌ
π Read
via "National Vulnerability Database".
The application was vulnerable to Cross-Site Request Forgery (CSRF) attacks, allowing an attacker to coerce users into sending malicious requests to the site to delete their account, or in rare circumstances, hijack their account and create other admin accounts.π Read
via "National Vulnerability Database".
βΌ CVE-2022-41680 βΌ
π Read
via "National Vulnerability Database".
Forma LMS on its 3.1.0 version and earlier is vulnerable to a SQL injection vulnerability. The exploitation of this vulnerability could allow an authenticated attacker (with the role of student) to perform a SQL injection on the 'search[value] parameter in the appLms/ajax.server.php?r=mycertificate/getMyCertificates' function in order to dump the entire database.π Read
via "National Vulnerability Database".