🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-44198 ‼

Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameter openvpn_push1.

📖 Read

via "National Vulnerability Database".

356 views15:12

‼ CVE-2022-42989 ‼

ERP Sankhya before v4.11b81 was discovered to contain a cross-site scripting (XSS) vulnerability via the component Caixa de Entrada.

📖 Read

via "National Vulnerability Database".

347 views15:12

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-44191 ‼

Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameters KEY1 and KEY2.

📖 Read

via "National Vulnerability Database".

325 views15:13

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-41445 ‼

A cross-site scripting (XSS) vulnerability in Record Management System using CodeIgniter 1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Add Subject page.

📖 Read

via "National Vulnerability Database".

306 views15:13

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-44187 ‼

Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via wan_dns1_pri.

📖 Read

via "National Vulnerability Database".

292 views15:13

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-42098 ‼

KLiK SocialMediaWebsite version v1.0.1 is vulnerable to SQL Injection via the profile.php.

📖 Read

via "National Vulnerability Database".

282 views15:13

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-44188 ‼

Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameter enable_band_steering.

📖 Read

via "National Vulnerability Database".

283 views15:13

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-38462 ‼

Silverstripe silverstripe/framework through 4.11 is vulnerable to XSS by carefully crafting a return URL on a /dev/build or /Security/login request.

📖 Read

via "National Vulnerability Database".

279 views15:13

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-0222 ‼

A CWE-269: Improper Privilege Management vulnerability exists that could cause a denial of service of the Ethernet communication of the controller when sending a specific request over SNMP. Affected products: Modicon M340 CPUs(BMXP34* versions prior to V3.40), Modicon M340 X80 Ethernet Communication modules:BMXNOE0100 (H), BMXNOE0110 (H), BMXNOR0200H RTU(BMXNOE* all versions)(BMXNOR* versions prior to v1.7 IR24)

📖 Read

via "National Vulnerability Database".

275 views15:13

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-33012 ‼

Microweber v1.2.15 was discovered to allow attackers to perform an account takeover via a host header injection attack.

📖 Read

via "National Vulnerability Database".

270 views15:13

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-44193 ‼

Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameters: starthour, startminute , endhour, and endminute.

📖 Read

via "National Vulnerability Database".

267 views15:13

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-42094 ‼

Backdrop CMS version 1.23.0 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the 'Card' content.

📖 Read

via "National Vulnerability Database".

266 views15:13

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-44186 ‼

Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow in /usr/sbin/httpd via parameter wan_dns1_pri.

📖 Read

via "National Vulnerability Database".

266 views15:13

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-44199 ‼

Netgear R7000P V1.3.1.64 is vulnerable to Buffer Overflow via parameter openvpn_server_ip.

📖 Read

via "National Vulnerability Database".

268 views15:13

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-44194 ‼

Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via parameters apmode_dns1_pri and apmode_dns1_sec.

📖 Read

via "National Vulnerability Database".

276 views15:13

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-44197 ‼

Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via parameter openvpn_server_ip.

📖 Read

via "National Vulnerability Database".

283 views15:13

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-3910 ‼

Use After Free vulnerability in Linux Kernel allows Privilege Escalation. An improper Update of Reference Count in io_uring leads to Use-After-Free and Local Privilege Escalation. When io_msg_ring was invoked with a fixed file, it called io_fput_file() which improperly decreased its reference count (leading to Use-After-Free and Local Privilege Escalation). Fixed files are permanently registered to the ring, and should not be put separately. We recommend upgrading past commit https://github.com/torvalds/linux/commit/fc7222c3a9f56271fba02aabbfbae999042f1679 https://github.com/torvalds/linux/commit/fc7222c3a9f56271fba02aabbfbae999042f1679

📖 Read

via "National Vulnerability Database".

322 views15:13

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-44196 ‼

Netgear R7000P V1.3.0.8 is vulnerable to Buffer Overflow via parameter openvpn_push1.

📖 Read

via "National Vulnerability Database".

336 views15:13

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-44200 ‼

Netgear R7000P V1.3.0.8, V1.3.1.64 is vulnerable to Buffer Overflow via parameters: stamode_dns1_pri and stamode_dns1_sec.

📖 Read

via "National Vulnerability Database".

350 views15:13

🛡 Cybersecurity & Privacy 🛡 - News

🕴 How Tech Companies Can Slow Down Spike in Breaches 🕴

Cybercrime continues to evolve — and shows no signs of slowing down.

📖 Read

via "Dark Reading".

Dark Reading

How Tech Companies Can Slow Down Spike in Breaches

Cybercrime continues to evolve — and shows no signs of slowing down.

413 views15:19

🛡 Cybersecurity & Privacy 🛡 - News

🗓️ Mastodon vulnerable to multiple system configuration problems 🗓️

The whole toot

📖 Read

via "The Daily Swig".

The Daily Swig | Cybersecurity news and views

Mastodon vulnerable to multiple system configuration problems

The whole toot

427 views15:32

About

Blog

Apps

Platform