βΌ CVE-2022-44356 βΌ
π Read
via "National Vulnerability Database".
WAVLINK Quantum D4G (WL-WN531G3) running firmware versions M31G3.V5030.201204 and M31G3.V5030.200325 has an access control issue which allows unauthenticated attackers to download configuration data and log files.π Read
via "National Vulnerability Database".
βΌ CVE-2022-4172 βΌ
π Read
via "National Vulnerability Database".
An integer overflow and buffer overflow issues were found in the ACPI Error Record Serialization Table (ERST) device of QEMU in the read_erst_record() and write_erst_record() functions. Both issues may allow the guest to overrun the host buffer allocated for the ERST memory device. A malicious guest could use these flaws to crash the QEMU process on the host.π Read
via "National Vulnerability Database".
βΌ CVE-2022-46152 βΌ
π Read
via "National Vulnerability Database".
OP-TEE Trusted OS is the secure side implementation of OP-TEE project, a Trusted Execution Environment. Versions prior to 3.19.0, contain an Improper Validation of Array Index vulnerability. The function `cleanup_shm_refs()` is called by both `entry_invoke_command()` and `entry_open_session()`. The commands `OPTEE_MSG_CMD_OPEN_SESSION` and `OPTEE_MSG_CMD_INVOKE_COMMAND` can be executed from the normal world via an OP-TEE SMC. This function is not validating the `num_params` argument, which is only limited to `OPTEE_MSG_MAX_NUM_PARAMS` (127) in the function `get_cmd_buffer()`. Therefore, an attacker in the normal world can craft an SMC call that will cause out-of-bounds reading in `cleanup_shm_refs` and potentially freeing of fake-objects in the function `mobj_put()`. A normal-world attacker with permission to execute SMC instructions may exploit this flaw. Maintainers believe this problem permits local privilege escalation from the normal world to the secure world. Version 3.19.0 contains a fix for this issue. There are no known workarounds.π Read
via "National Vulnerability Database".
βΌ CVE-2022-44355 βΌ
π Read
via "National Vulnerability Database".
SolarView Compact 7.0 is vulnerable to Cross-site Scripting (XSS) via /network_test.php.π Read
via "National Vulnerability Database".
βΌ CVE-2022-21126 βΌ
π Read
via "National Vulnerability Database".
The package com.github.samtools:htsjdk before 3.0.1 are vulnerable to Creation of Temporary File in Directory with Insecure Permissions due to the createTempDir() function in util/IOUtil.java not checking for the existence of the temporary directory before attempting to create it.π Read
via "National Vulnerability Database".
βΌ CVE-2022-4144 βΌ
π Read
via "National Vulnerability Database".
An out-of-bounds read flaw was found in the QXL display device emulation in QEMU. The qxl_phys2virt() function does not check the size of the structure pointed to by the guest physical address, potentially reading past the end of the bar space into adjacent pages. A malicious guest user could use this flaw to crash the QEMU process on the host causing a denial of service condition.π Read
via "National Vulnerability Database".
βΌ CVE-2022-25848 βΌ
π Read
via "National Vulnerability Database".
This affects all versions of package static-dev-server. This is because when paths from users to the root directory are joined, the assets for the path accessed are relative to that of the root directory.π Read
via "National Vulnerability Database".
βΌ CVE-2022-44354 βΌ
π Read
via "National Vulnerability Database".
SolarView Compact 4.0 and 5.0 is vulnerable to Unrestricted File Upload via a crafted php file.π Read
via "National Vulnerability Database".
βΌ CVE-2022-46148 βΌ
π Read
via "National Vulnerability Database".
Discourse is an open-source messaging platform. In versions 2.8.10 and prior on the `stable` branch and versions 2.9.0.beta11 and prior on the `beta` and `tests-passed` branches, users composing malicious messages and navigating to drafts page could self-XSS. This vulnerability can lead to a full XSS on sites which have modified or disabled DiscourseΓ’β¬β’s default Content Security Policy. This issue is patched in the latest stable, beta and tests-passed versions of Discourse.π Read
via "National Vulnerability Database".
βΌ CVE-2022-46150 βΌ
π Read
via "National Vulnerability Database".
Discourse is an open-source discussion platform. Prior to version 2.8.13 of the `stable` branch and version 2.9.0.beta14 of the `beta` and `tests-passed` branches, unauthorized users may learn of the existence of hidden tags and that they have been applied to topics that they have access to. This issue is patched in version 2.8.13 of the `stable` branch and version 2.9.0.beta14 of the `beta` and `tests-passed` branches. As a workaround, use the `disable_email` site setting to disable all emails to non-staff users.π Read
via "National Vulnerability Database".
π΄ Oracle Fusion Middleware Flaw Flagged by CISA π΄
π Read
via "Dark Reading".
The bug could allow unauthorized access and takeover, earning it a spot on the Known Exploited Vulnerabilities Catalog.π Read
via "Dark Reading".
Dark Reading
Oracle Fusion Middleware Flaw Flagged by CISA
The bug could allow unauthorized access and takeover, earning it a spot on the Known Exploited Vulnerabilities Catalog.
βΌ CVE-2022-44279 βΌ
π Read
via "National Vulnerability Database".
Garage Management System v1.0 is vulnerable to Cross Site Scripting (XSS) via /garage/php_action/createBrand.php.π Read
via "National Vulnerability Database".
π΄ Cyberattackers Selling Access to Networks Compromised via Recent Fortinet Flaw π΄
π Read
via "Dark Reading".
The vulnerability, disclosed In October, gives an unauthenticated attacker a way to take control of an affected product.π Read
via "Dark Reading".
Dark Reading
Cyberattackers Selling Access to Networks Compromised via Recent Fortinet Flaw
The vulnerability, disclosed In October, gives an unauthenticated attacker a way to take control of an affected product.
π΄ How to Use Cyber Deception to Counter an Evolving and Advanced Threat Landscape π΄
π Read
via "Dark Reading".
Organizations must be prepared to root out bad actors by any means possible, even if it means setting traps and stringing lures.π Read
via "Dark Reading".
Dark Reading
How to Use Cyber Deception to Counter an Evolving and Advanced Threat Landscape
Organizations must be prepared to root out bad actors by any means possible, even if it means setting traps and stringing lures.
π΄ Microsoft Defender Gets New Security Protections π΄
π Read
via "Dark Reading".
The new Microsoft Defender for Endpoint capabilities include built-in protection and scanning network traffic for malicious activity.π Read
via "Dark Reading".
Dark Reading
Microsoft Defender Gets New Security Protections
The new Microsoft Defender for Endpoint capabilities include built-in protection and scanning network traffic for malicious activity.
π1
βΌ CVE-2022-4027 βΌ
π Read
via "National Vulnerability Database".
The Simple:Press plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'postitem' parameter manipulated during a forum response in versions up to, and including, 6.8 due to insufficient input sanitization and output escaping that makes injecting object and embed tags possible. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages when responding to forum threads that will execute whenever a user accesses an injected page.π Read
via "National Vulnerability Database".
βΌ CVE-2022-4033 βΌ
π Read
via "National Vulnerability Database".
The Quiz and Survey Master plugin for WordPress is vulnerable to input validation bypass via the 'question[id]' parameter in versions up to, and including, 8.0.4 due to insufficient input validation that allows attackers to inject content other than the specified value (i.e. a number, file path, etc..). This makes it possible attackers to submit values other than the intended input type.π Read
via "National Vulnerability Database".
βΌ CVE-2022-3898 βΌ
π Read
via "National Vulnerability Database".
The WP Affiliate Platform plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 6.3.9. This is due to missing or incorrect nonce validation on various functions including the affiliates_menu method. This makes it possible for unauthenticated attackers to delete affiliate records, via forged request granted they can trick a site administrator into performing an action such as clicking on a link.π Read
via "National Vulnerability Database".
βΌ CVE-2022-4032 βΌ
π Read
via "National Vulnerability Database".
The Quiz and Survey Master plugin for WordPress is vulnerable to iFrame Injection via the 'question[id]' parameter in versions up to, and including, 8.0.4 due to insufficient input sanitization and output escaping that allowed iframe tags to be injected. This makes it possible for unauthenticated attackers to inject iFrames in pages that will execute whenever a user accesses an injected page.π Read
via "National Vulnerability Database".
βΌ CVE-2022-36962 βΌ
π Read
via "National Vulnerability Database".
SolarWinds Platform was susceptible to Command Injection. This vulnerability allows a remote adversary with complete control over the SolarWinds database to execute arbitrary commands.π Read
via "National Vulnerability Database".
βΌ CVE-2022-4031 βΌ
π Read
via "National Vulnerability Database".
The Simple:Press plugin for WordPress is vulnerable to arbitrary file modifications in versions up to, and including, 6.8 via the 'file' parameter which does not properly restrict files to be edited in the context of the plugin. This makes it possible with attackers, with high-level permissions such as an administrator, to supply paths to arbitrary files on the server that can be modified outside of the intended scope of the plugin.π Read
via "National Vulnerability Database".