🕴 Uyghurs Targeted With Spyware, Courtesy of PRC 🕴
📖 Read
via "Dark Reading".
Chinese government employs spyware to detect so-called "pre-crimes" including using a VPN, religious apps, or WhatsApp, new analysis reveals.📖 Read
via "Dark Reading".
Dark Reading
Uyghurs Targeted With Spyware, Courtesy of PRC
Chinese government employs spyware to detect so-called "pre-crimes" including using a VPN, religious apps, or WhatsApp, new analysis reveals.
🕴 Cybersecurity 'Nutrition' Labels Still a Work in Progress 🕴
📖 Read
via "Dark Reading".
Pretty much every aspect of the effort to create easy-to-understand labels for Internet-of-Things (IoT) products is up in the air, according to participants in the process.📖 Read
via "Dark Reading".
Dark Reading
Cybersecurity 'Nutrition' Labels Still a Work in Progress
Pretty much every aspect of the effort to create easy-to-understand labels for Internet of Things (IoT) products is up in the air, according to participants in the process.
‼ CVE-2022-36380 ‼
📖 Read
via "National Vulnerability Database".
Uncontrolled search path in the installer software for some Intel(r) NUC Kit Wireless Adapter drivers for Windows 10 before version 22.40 may allow an authenticated user to potentially enable escalation of privilege via local access.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-27187 ‼
📖 Read
via "National Vulnerability Database".
Uncontrolled search path element in the Intel(R) Quartus Prime Standard edition software before version 21.1 Patch 0.02std may allow an authenticated user to potentially enable escalation of privilege via local access.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-3945 ‼
📖 Read
via "National Vulnerability Database".
Improper Restriction of Excessive Authentication Attempts in GitHub repository kareadita/kavita prior to 0.6.0.3.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-26341 ‼
📖 Read
via "National Vulnerability Database".
Insufficiently protected credentials in software in Intel(R) AMT SDK before version 16.0.4.1, Intel(R) EMA before version 1.7.1 and Intel(R) MC before version 2.3.2 may allow an authenticated user to potentially enable escalation of privilege via network access.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-43074 ‼
📖 Read
via "National Vulnerability Database".
AyaCMS v3.1.2 was discovered to contain an arbitrary file upload vulnerability via the component /admin/fst_upload.inc.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-36776 ‼
📖 Read
via "National Vulnerability Database".
IBM Cloud Pak for Security (CP4S) 1.10.0.0 79and 1.10.2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 233663.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-35740 ‼
📖 Read
via "National Vulnerability Database".
dotCMS before 22.06 allows remote attackers to bypass intended access control and obtain sensitive information by using a semicolon in a URL to introduce a matrix parameter. (This is also fixed in 5.3.8.12, 21.06.9, and 22.03.2 for LTS users.) Some Java application frameworks, including those used by Spring or Tomcat, allow the use of matrix parameters: these are URI parameters separated by semicolons. Through precise semicolon placement in a URI, it is possible to exploit this feature to avoid dotCMS's path-based XSS prevention (such as "require login" filters), and consequently access restricted resources. For example, an attacker could place a semicolon immediately before a / character that separates elements of a filesystem path. This could reveal file content that is ordinarily only visible to signed-in users. This issue can be chained with other exploit code to achieve XSS attacks against dotCMS.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-35276 ‼
📖 Read
via "National Vulnerability Database".
Improper access control in BIOS firmware for some Intel(R) NUC 8 Compute Elements before version CBWHL357.0096 may allow a privileged user to potentially enable escalation of privilege via local access.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-3940 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability, which was classified as problematic, was found in lanyulei ferry. This affects an unknown part of the file apis/process/task.go. The manipulation of the argument file_name leads to path traversal. The associated identifier of this vulnerability is VDB-213447.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-41882 ‼
📖 Read
via "National Vulnerability Database".
The Nextcloud Desktop Client is a tool to synchronize files from Nextcloud Server with your computer. In version 3.6.0, if a user received a malicious file share and has it synced locally or the virtual filesystem enabled and clicked a nc://open/ link it will open the default editor for the file type of the shared file, which on Windows can also sometimes mean that a file depending on the type, e.g. "vbs", is being executed. It is recommended that the Nextcloud Desktop client is upgraded to version 3.6.1. As a workaround, users can block the Nextcloud Desktop client 3.6.0 by setting the `minimum.supported.desktop.version` system config to `3.6.1` on the server, so new files designed to use this attack vector are not downloaded anymore. Already existing files can still be used. Another workaround would be to enforce shares to be accepted by setting the `sharing.force_share_accept` system config to `true` on the server, so new files designed to use this attack vector are not downloaded anymore. Already existing shares can still be abused.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-26006 ‼
📖 Read
via "National Vulnerability Database".
Improper input validation in the BIOS firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-26124 ‼
📖 Read
via "National Vulnerability Database".
Improper buffer restrictions in BIOS firmware for some Intel(R) NUC Boards, Intel(R) NUC 8 Boards, Intel(R) NUC 8 Rugged Boards and Intel(R) NUC 8 Rugged Kits before version CHAPLCEL.0059 may allow a privileged user to potentially enable escalation of privilege via local access.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-27499 ‼
📖 Read
via "National Vulnerability Database".
Premature release of resource during expected lifetime in the Intel(R) SGX SDK software may allow a privileged user to potentially enable information disclosure via local access.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-26508 ‼
📖 Read
via "National Vulnerability Database".
Improper authentication in the Intel(R) SDP Tool before version 3.0.0 may allow an unauthenticated user to potentially enable information disclosure via network access.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-26369 ‼
📖 Read
via "National Vulnerability Database".
Out-of-bounds read in some Intel(R) XMM(TM) 7560 Modem software before version M2_7560_R_01.2146.00 may allow a privileged user to potentially enable escalation of privilege via adjacent access.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-3939 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability, which was classified as critical, has been found in lanyulei ferry. Affected by this issue is some unknown functionality of the file apis/public/file.go of the component API. The manipulation of the argument file leads to path traversal. The attack may be launched remotely. VDB-213446 is the identifier assigned to this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-26513 ‼
📖 Read
via "National Vulnerability Database".
Out-of-bounds write in some Intel(R) XMM(TM) 7560 Modem software before version M2_7560_R_01.2146.00 may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-41906 ‼
📖 Read
via "National Vulnerability Database".
OpenSearch Notifications is a notifications plugin for OpenSearch that enables other plugins to send notifications via Email, Slack, Amazon Chime, Custom web-hook etc channels. A potential SSRF issue in OpenSearch Notifications Plugin 2.2.0 and below could allow an existing privileged user to enumerate listening services or interact with configured resources via HTTP requests exceeding the Notification plugin's intended scope. OpenSearch 2.2.1+ contains the fix for this issue. There are currently no recommended workarounds.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-41879 ‼
📖 Read
via "National Vulnerability Database".
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. In versions prior to 5.3.3 or 4.10.20, a compromised Parse Server Cloud Code Webhook target endpoint allows an attacker to use prototype pollution to bypass the Parse Server `requestKeywordDenylist` option. This issue has been patched in versions 5.3.3 and 4.10.20. There are no known workarounds.📖 Read
via "National Vulnerability Database".