🛡 Cybersecurity & Privacy 🛡 - News
@cibsecurity
25.8K subscribers
89.2K links
🗞 The finest daily news on cybersecurity and privacy.

🔔 Daily releases.

💻 Is your online life secure?

📩 lalilolalo.dev@gmail.com
Download Telegram
About
Blog
Apps
Platform
Join
🛡 Cybersecurity & Privacy 🛡 - News
25.8K subscribers
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-44561 ‼

The preset launcher module has a permission verification vulnerability. Successful exploitation of this vulnerability makes unauthorized apps add arbitrary widgets and shortcuts without interaction.

📖 Read

via "National Vulnerability Database".
108 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-41039 ‼

Windows Point-to-Point Tunneling Protocol Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-41044, CVE-2022-41088.

📖 Read

via "National Vulnerability Database".
108 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2021-46851 ‼

The DRM module has a vulnerability in verifying the secure memory attributes. Successful exploitation of this vulnerability may cause abnormal video playback.

📖 Read

via "National Vulnerability Database".
112 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-31685 ‼

VMware Workspace ONE Assist prior to 22.10 contains an Authentication Bypass vulnerability. A malicious actor with network access to Workspace ONE Assist may be able to obtain administrative access without the need to authenticate to the application.

📖 Read

via "National Vulnerability Database".
110 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-44547 ‼

The Display Service module has a UAF vulnerability. Successful exploitation of this vulnerability may affect the display service availability.

📖 Read

via "National Vulnerability Database".
107 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-41095 ‼

Windows Digital Media Receiver Elevation of Privilege Vulnerability.

📖 Read

via "National Vulnerability Database".
104 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-41079 ‼

Microsoft Exchange Server Spoofing Vulnerability. This CVE ID is unique from CVE-2022-41078.

📖 Read

via "National Vulnerability Database".
106 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-39891 ‼

Heap overflow vulnerability in parse_pce function in libsavsaudio.so in Editor Lite prior to version 4.0.41.3 allows attacker to get information.

📖 Read

via "National Vulnerability Database".
105 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-39886 ‼

Improper access control vulnerability in IpcRxServiceModeBigDataInfo in RIL prior to SMR Nov-2022 Release 1 allows local attacker to access Device information.

📖 Read

via "National Vulnerability Database".
103 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-44546 ‼

The kernel module has the vulnerability that the mapping is not cleared after the memory is automatically released. Successful exploitation of this vulnerability may cause a system restart.

📖 Read

via "National Vulnerability Database".
102 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-39887 ‼

Improper access control vulnerability in clearAllGlobalProxy in MiscPolicy prior to SMR Nov-2022 Release 1 allows local attacker to configure EDM setting.

📖 Read

via "National Vulnerability Database".
103 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-44555 ‼

The DDMP/ODMF module has a service hijacking vulnerability. Successful exploit of this vulnerability may cause services to be unavailable.

📖 Read

via "National Vulnerability Database".
101 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-44557 ‼

The SmartTrimProcessEvent module has a vulnerability of obtaining the read and write permissions on arbitrary system files. Successful exploitation of this vulnerability may affect data confidentiality.

📖 Read

via "National Vulnerability Database".
101 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-41091 ‼

Windows Mark of the Web Security Feature Bypass Vulnerability. This CVE ID is unique from CVE-2022-41049.

📖 Read

via "National Vulnerability Database".
111 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-43058 ‼

Online Diagnostic Lab Management System v1.0 was discovered to contain a SQL injection vulnerability via the id parameter at /odlms//classes/Master.php?f=delete_activity.

📖 Read

via "National Vulnerability Database".
113 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-41090 ‼

Windows Point-to-Point Tunneling Protocol Denial of Service Vulnerability. This CVE ID is unique from CVE-2022-41116.

📖 Read

via "National Vulnerability Database".
112 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-41061 ‼

Microsoft Word Remote Code Execution Vulnerability.

📖 Read

via "National Vulnerability Database".
112 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-44553 ‼

The HiView module has a vulnerability of not filtering third-party apps out when the HiView module traverses to invoke the system provider. Successful exploitation of this vulnerability may cause third-party apps to start periodically.

📖 Read

via "National Vulnerability Database".
120 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-44558 ‼

The AMS module has a vulnerability of serialization/deserialization mismatch. Successful exploitation of this vulnerability may cause privilege escalation.

📖 Read

via "National Vulnerability Database".
121 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-31686 ‼

VMware Workspace ONE Assist prior to 22.10 contains a Broken Authentication Method vulnerability. A malicious actor with network access to Workspace ONE Assist may be able to obtain administrative access without the need to authenticate to the application.

📖 Read

via "National Vulnerability Database".
126 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-41103 ‼

Microsoft Word Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-41060.

📖 Read

via "National Vulnerability Database".
136 views