πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
@cibsecurity
25.8K subscribers
89.2K links
πŸ—ž The finest daily news on cybersecurity and privacy.

πŸ”” Daily releases.

πŸ’» Is your online life secure?

πŸ“© lalilolalo.dev@gmail.com
Download Telegram
About
Blog
Apps
Platform
Join
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
25.8K subscribers
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-46544 β€Ό

Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the cmdinput parameter at /goform/exeCommand.

πŸ“– Read

via "National Vulnerability Database".
244 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-40624 β€Ό

pfSense pfBlockerNG through 2.1.4_27 allows remote attackers to execute arbitrary OS commands as root via the HTTP Host header, a different vulnerability than CVE-2022-31814.

πŸ“– Read

via "National Vulnerability Database".
220 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-46550 β€Ό

Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the urls parameter at /goform/saveParentControlInfo.

πŸ“– Read

via "National Vulnerability Database".
193 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-46546 β€Ό

Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the entrys parameter at /goform/RouteStatic.

πŸ“– Read

via "National Vulnerability Database".
189 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-46540 β€Ό

Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the entrys parameter at /goform/addressNat.

πŸ“– Read

via "National Vulnerability Database".
185 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-45666 β€Ό

Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the list parameter in the formwrlSSIDset function.

πŸ“– Read

via "National Vulnerability Database".
181 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-46532 β€Ό

Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the deviceMac parameter at /goform/addWifiMacFilter.

πŸ“– Read

via "National Vulnerability Database".
181 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-46533 β€Ό

Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the limitSpeed parameter at /goform/SetClientState.

πŸ“– Read

via "National Vulnerability Database".
178 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-46542 β€Ό

Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the page parameter at /goform/addressNat.

πŸ“– Read

via "National Vulnerability Database".
180 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-46545 β€Ό

Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the page parameter at /goform/NatStaticSetting.

πŸ“– Read

via "National Vulnerability Database".
179 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-45665 β€Ό

Tenda i22 V1.0.0.3(4687) was discovered to contain a buffer overflow via the funcpara1 parameter in the formSetCfm function.

πŸ“– Read

via "National Vulnerability Database".
173 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-46547 β€Ό

Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the page parameter at /goform/VirtualSer.

πŸ“– Read

via "National Vulnerability Database".
173 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-46538 β€Ό

Tenda F1203 V2.0.1.6 was discovered to contain a command injection vulnerability via the mac parameter at /goform/WriteFacMac.

πŸ“– Read

via "National Vulnerability Database".
178 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-46548 β€Ό

Tenda F1203 V2.0.1.6 was discovered to contain a buffer overflow via the page parameter at /goform/DhcpListClient.

πŸ“– Read

via "National Vulnerability Database".
181 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-44643 β€Ό

In Grafana Enterprise Metrics (GEM) before 1.7.1 and 2.x before 2.3.1, after creating an Access Policy that is granted access to all tenants as well as specified a specific label matcher, the label matcher is erroneously not propagated to queries performed with this access policy. Thus, more access is granted to the policy than intended.

πŸ“– Read

via "National Vulnerability Database".
193 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-4619 β€Ό

The Sidebar Widgets by CodeLights plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Γ’β‚¬ΛœExtra CSS classÒ€ℒ parameter in versions up to, and including, 1.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.

πŸ“– Read

via "National Vulnerability Database".
202 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-46020 β€Ό

WBCE CMS v1.5.4 can implement getshell by modifying the upload file type.

πŸ“– Read

via "National Vulnerability Database".
205 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ—“οΈ How to become a penetration tester: Part 2 – β€˜Mr hacking’ John Jackson on the virtue of β€˜endless curiosity’ πŸ—“οΈ

Marine Corps engineer-turned offensive security expert offers careers advice and his best and worst experiences

πŸ“– Read

via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
How to become a penetration tester: Part 2 – β€˜Mr Hacking’ John Jackson on the virtue of β€˜endless curiosity’
Marine Corps engineer-turned offensive security expert offers careers advice and his best and worst experiences
236 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
⚠ OneCoin scammer Sebastian Greenwood pleads guilty, β€œCryptoqueen” still missing ⚠

The Cryptoqueen herself is still missing, but her co-conspirator, who is said to have pocketed over $20m a month, has been convicted.

πŸ“– Read

via "Naked Security".
Naked Security
OneCoin scammer Sebastian Greenwood pleads guilty, β€œCryptoqueen” still missing
The Cryptoqueen herself is still missing, but her co-conspirator, who is said to have pocketed over $20m a month, has been convicted.
243 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ•΄ Cybersecurity VMRay Extends Series B Investment to a Total of $34 million USD to Drive Growth Into New Markets πŸ•΄

VMRay announces the closing of a Series B led by global alternative asset manager Tikehau Capital, which will fuel further expansion of the product portfolio to target a broader set of market segments.

πŸ“– Read

via "Dark Reading".
Dark Reading
Cybersecurity Company VMRay Extends Series B Investment to a Total of $34M USD to Drive Growth into New Markets
VMRay announces the closing of a Series B led by global alternative asset manager Tikehau Capital, which will fuel further expansion of the product portfolio to target a broader set of market segments.
221 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ•΄ Coming to a SOC Near You: New Browsers, 'Posture' Management, Virtual Assistants πŸ•΄

Startups are coalescing around effective data loss prevention, reducing data attack surfaces, and viable AI automation.

πŸ“– Read

via "Dark Reading".
Dark Reading
Coming to a SOC Near You: New Browsers, 'Posture' Management, Virtual Assistants
Startups are coalescing around effective data loss prevention, reducing data attack surfaces, and viable AI automation.
246 views