🛡 Cybersecurity & Privacy 🛡 - News
@cibsecurity
25.8K subscribers
89.2K links
🗞 The finest daily news on cybersecurity and privacy.

🔔 Daily releases.

💻 Is your online life secure?

📩 lalilolalo.dev@gmail.com
Download Telegram
About
Blog
Apps
Platform
Join
🛡 Cybersecurity & Privacy 🛡 - News
25.8K subscribers
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-45470

** UNSUPPORTED WHEN ASSIGNED ** missing input validation in Apache Hama may cause information disclosure through path traversal and XSS. Since Apache Hama is EOL, we do not expect these issues to be fixed.

📖 Read

via "National Vulnerability Database".
478 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-44163

Tenda AC21 V16.03.08.15 is vulnerable to Buffer Overflow via function formSetMacFilterCfg.

📖 Read

via "National Vulnerability Database".
489 views
🛡 Cybersecurity & Privacy 🛡 - News
🕴 MIT Research Documents Effectiveness of Consensus Cyber Risk Oversight Principles 🕴

Organizations that use the consensus principles can significantly improve their cyber resilience without raising costs, MIT research shows.

📖 Read

via "Dark Reading".
Dark Reading
MIT Research Documents Effectiveness of Consensus Cyber Risk Oversight Principles
Organizations that use the consensus principles can significantly improve their cyber resilience without raising costs, MIT research shows.
👍2
557 views
🛡 Cybersecurity & Privacy 🛡 - News
🕴 Time to Get Kids Hacking: Our 2022 Holiday Gift Guide 🕴

Check out our slideshow of 10 fun games and toys that teach programming principles, electronics, and engineering concepts to get kids ready to hack the planet.

📖 Read

via "Dark Reading".
Dark Reading
Time to Get Kids Hacking: Our 2022 Holiday Gift Guide
Check out our slideshow of 10 fun games and toys that teach programming principles, electronics, and engineering concepts to get kids ready to hack the planet.
👍1
497 views
🛡 Cybersecurity & Privacy 🛡 - News
🕴 Major Security Breach From Business Users' Low-Code Apps Could Come in 2023, Analysts Warn 🕴

Here's what that means about our current state as an industry, and why we should be happy about it.

📖 Read

via "Dark Reading".
Dark Reading
Major Security Breach From Business Users' Low-Code Apps Could Come in 2023, Analysts Warn
Here's what that means about our current state as an industry, and why we should be happy about it.
497 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-43117

Sourcecodester Password Storage Application in PHP/OOP and MySQL 1.0 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities via the Name, Username, Description and Site Feature parameters.

📖 Read

via "National Vulnerability Database".
424 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-44174

Tenda AC18 V15.03.05.05 is vulnerable to Buffer Overflow via function formSetDeviceName.

📖 Read

via "National Vulnerability Database".
419 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-44183

Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function formSetWifiGuestBasic.

📖 Read

via "National Vulnerability Database".
404 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-44180

Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function addWifiMacFilter.

📖 Read

via "National Vulnerability Database".
385 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-44171

Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function form_fast_setting_wifi_set.

📖 Read

via "National Vulnerability Database".
363 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-35897

An stack buffer overflow vulnerability leads to arbitrary code execution issue was discovered in Insyde InsydeH2O with kernel 5.0 through 5.5. If the attacker modifies specific UEFI variables, it can cause a stack overflow, leading to arbitrary code execution. The specific variables are normally locked (read-only) at the OS level and therefore an attack would require direct SPI modification. If an attacker can change the values of at least two variables out of three (SecureBootEnforce, SecureBoot, RestoreBootSettings), it is possible to execute arbitrary code.

📖 Read

via "National Vulnerability Database".
358 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-44172

Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function R7WebsSecurityHandler.

📖 Read

via "National Vulnerability Database".
340 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-44830

Sourcecodester Event Registration App v1.0 was discovered to contain multiple CSV injection vulnerabilities via the First Name, Contact and Remarks fields. These vulnerabilities allow attackers to execute arbitrary code via a crafted excel file.

📖 Read

via "National Vulnerability Database".
340 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-38755

A vulnerability has been identified in Micro Focus Filr in versions prior to 4.3.1.1. The vulnerability could be exploited to allow a remote unauthenticated attacker to enumerate valid users of the system. Remote unauthenticated user enumeration. This issue affects: Micro Focus Filr versions prior to 4.3.1.1.

📖 Read

via "National Vulnerability Database".
344 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-40746

IBM i Access Family 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.0 could allow a local authenticated attacker to execute arbitrary code on the system, caused by DLL search order hijacking vulnerability. By placing a specially crafted file in a compromised folder, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 236581.

📖 Read

via "National Vulnerability Database".
348 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-45422

When LG SmartShare is installed, local privilege escalation is possible through DLL Hijacking attack. The LG ID is LVE-HOT-220005.

📖 Read

via "National Vulnerability Database".
359 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-44178

Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow. via function formWifiWpsOOB.

📖 Read

via "National Vulnerability Database".
372 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-44177

Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function formWifiWpsStart.

📖 Read

via "National Vulnerability Database".
375 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-44175

Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function formSetMacFilterCfg.

📖 Read

via "National Vulnerability Database".
387 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-44176

Tenda AC18 V15.03.05.19 is vulnerable to Buffer Overflow via function fromSetRouteStatic.

📖 Read

via "National Vulnerability Database".
423 views
🛡 Cybersecurity & Privacy 🛡 - News
🕴 Name That Toon: Fall Cleanup 🕴

Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.

📖 Read

via "Dark Reading".
Dark Reading
Name That Toon: Fall Cleanup
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.
459 views