🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-46062 ‼

Gym Management System v0.0.1 is vulnerable to Cross Site Request Forgery (CSRF).

📖 Read

via "National Vulnerability Database".

231 views19:21

‼ CVE-2022-45028 ‼

A cross-site scripting (XSS) vulnerability in Arris NVG443B 9.3.0h3d36 allows attackers to execute arbitrary web scripts or HTML via a crafted POST request sent to /cgi-bin/logs.ha.

📖 Read

via "National Vulnerability Database".

217 views19:21

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-4454 ‼

A vulnerability, which was classified as critical, has been found in m0ver bible-online. Affected by this issue is the function query of the file src/main/java/custom/application/search.java of the component Search Handler. The manipulation leads to sql injection. The name of the patch is 6ef0aabfb2d4ccd53fcaa9707781303af357410e. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-215444.

📖 Read

via "National Vulnerability Database".

208 views19:21

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2019-25078 ‼

A vulnerability classified as problematic was found in pacparser up to 1.3.x. Affected by this vulnerability is the function pacparser_find_proxy of the file src/pacparser.c. The manipulation of the argument url leads to buffer overflow. Attacking locally is a requirement. Upgrading to version 1.4.0 is able to address this issue. The name of the patch is 853e8f45607cb07b877ffd270c63dbcdd5201ad9. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-215443.

📖 Read

via "National Vulnerability Database".

196 views19:21

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-46364 ‼

A SSRF vulnerability in parsing the href attribute of XOP:Include in MTOM requests in versions of Apache CXF before 3.5.5 and 3.4.10 allows an attacker to perform SSRF style attacks on webservices that take at least one parameter of any type.

📖 Read

via "National Vulnerability Database".

221 views19:21

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-27518 ‼

Unauthenticated remote arbitrary code execution

📖 Read

via "National Vulnerability Database".

234 views19:21

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-4456 ‼

A vulnerability has been found in falling-fruit and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross site scripting. The attack can be initiated remotely. The name of the patch is 15adb8e1ea1f1c3e3d152fc266071f621ef0c621. It is recommended to apply a patch to fix this issue. VDB-215446 is the identifier assigned to this vulnerability.

📖 Read

via "National Vulnerability Database".

276 views19:21

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-4455 ‼

A vulnerability, which was classified as problematic, was found in sproctor php-calendar. This affects an unknown part of the file index.php. The manipulation of the argument $_SERVER['PHP_SELF'] leads to cross site scripting. It is possible to initiate the attack remotely. The name of the patch is a2941109b42201c19733127ced763e270a357809. It is recommended to apply a patch to fix this issue. The identifier VDB-215445 was assigned to this vulnerability.

📖 Read

via "National Vulnerability Database".

285 views19:21

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-44704 ‼

Microsoft Windows Sysmon Elevation of Privilege Vulnerability.

📖 Read

via "National Vulnerability Database".

259 views21:27

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-44702 ‼

Windows Terminal Remote Code Execution Vulnerability.

📖 Read

via "National Vulnerability Database".

257 views21:27

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-44707 ‼

Windows Kernel Denial of Service Vulnerability.

📖 Read

via "National Vulnerability Database".

254 views21:27

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-44713 ‼

Microsoft Outlook for Mac Spoofing Vulnerability.

📖 Read

via "National Vulnerability Database".

236 views21:27

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-44699 ‼

Azure Network Watcher Agent Security Feature Bypass Vulnerability.

📖 Read

via "National Vulnerability Database".

216 views21:28

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-44697 ‼

Windows Graphics Component Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-41121, CVE-2022-44671, CVE-2022-44680.

📖 Read

via "National Vulnerability Database".

196 views21:28

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-44696 ‼

Microsoft Office Visio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-44694, CVE-2022-44695.

📖 Read

via "National Vulnerability Database".

191 views21:28

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-45005 ‼

IP-COM EW9 V15.11.0.14(9732) was discovered to contain a command injection vulnerability in the cmd_get_ping_output function.

📖 Read

via "National Vulnerability Database".

192 views21:28

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-44710 ‼

DirectX Graphics Kernel Elevation of Privilege Vulnerability.

📖 Read

via "National Vulnerability Database".

189 views21:28

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-47211 ‼

Microsoft Office Graphics Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-26804, CVE-2022-26805, CVE-2022-26806, CVE-2022-44692, CVE-2022-47212, CVE-2022-47213.

📖 Read

via "National Vulnerability Database".

193 views21:28

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-44695 ‼

Microsoft Office Visio Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-44694, CVE-2022-44696.

📖 Read

via "National Vulnerability Database".

204 views21:28

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-44698 ‼

Windows SmartScreen Security Feature Bypass Vulnerability.

📖 Read

via "National Vulnerability Database".

211 views21:28

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2022-44708 ‼

Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability.

📖 Read

via "National Vulnerability Database".

226 views21:28

About

Blog

Apps

Platform