🛡 Cybersecurity & Privacy 🛡 - News
@cibsecurity
25.8K subscribers
89.2K links
🗞 The finest daily news on cybersecurity and privacy.

🔔 Daily releases.

💻 Is your online life secure?

📩 lalilolalo.dev@gmail.com
Download Telegram
About
Blog
Apps
Platform
Join
🛡 Cybersecurity & Privacy 🛡 - News
25.8K subscribers
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-46318 ‼

The HAware module has a function logic error. Successful exploitation of this vulnerability will affect the account removal function in Settings.

📖 Read

via "National Vulnerability Database".
142 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-46317 ‼

The power consumption module has an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may affect system availability.

📖 Read

via "National Vulnerability Database".
144 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-46310 ‼

The TelephonyProvider module has a vulnerability in obtaining values.Successful exploitation of this vulnerability may affect data confidentiality.

📖 Read

via "National Vulnerability Database".
148 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-39166 ‼

IBM Security Guardium 11.4 could allow a privileged user to obtain sensitive information inside of an HTTP response. IBM X-Force ID: 235405.

📖 Read

via "National Vulnerability Database".
150 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-46325 ‼

Some smartphones have the out-of-bounds write vulnerability.Successful exploitation of this vulnerability may cause system service exceptions.

📖 Read

via "National Vulnerability Database".
152 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-46319 ‼

Fingerprint calibration has a vulnerability of lacking boundary judgment. Successful exploitation of this vulnerability may cause out-of-bounds write.

📖 Read

via "National Vulnerability Database".
153 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-38733 ‼

OnCommand Insight versions 7.3.1 through 7.3.14 are susceptible to an authentication bypass vulnerability in the Data Warehouse component.

📖 Read

via "National Vulnerability Database".
156 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2021-46856 ‼

The multi-screen collaboration module has a path traversal vulnerability. Successful exploitation of this vulnerability may affect data confidentiality.

📖 Read

via "National Vulnerability Database".
163 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-41596 ‼

The system tool has inconsistent serialization and deserialization. Successful exploitation of this vulnerability will cause unauthorized startup of components.

📖 Read

via "National Vulnerability Database".
170 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-41590 ‼

Some smartphones have authentication-related (including session management) vulnerabilities as the setup wizard is bypassed. Successful exploitation of this vulnerability affects the smartphone availability.

📖 Read

via "National Vulnerability Database".
169 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-46320 ‼

The kernel module has an out-of-bounds read vulnerability. Successful exploitation of this vulnerability may cause memory overwriting.

📖 Read

via "National Vulnerability Database".
185 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-23542 ‼

OpenFGA is an authorization/permission engine built for developers and inspired by Google Zanzibar. During an internal security assessment, it was discovered that OpenFGA version 0.3.0 is vulnerable to authorization bypass under certain conditions. This issue has been patched in version 0.3.1 and is backward compatible.

📖 Read

via "National Vulnerability Database".
213 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-46313 ‼

The sensor privacy module has an authentication vulnerability. Successful exploitation of this vulnerability may cause unavailability of the smartphone's camera and microphone.

📖 Read

via "National Vulnerability Database".
243 views
🛡 Cybersecurity & Privacy 🛡 - News
🕴 Give Yourself the Gift of Secure Holiday Ecommerce 🕴

Automating your defenses can bring good tidings of great joy.

📖 Read

via "Dark Reading".
Dark Reading
Give Yourself the Gift of Secure Holiday E-Commerce
Automating your defenses can bring good tidings of great joy.
309 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-42949 ‼

Silverstripe silverstripe/subsites through 2.6.0 has Insecure Permissions.

📖 Read

via "National Vulnerability Database".
329 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-47629 ‼

Libksba before 1.6.3 is prone to an integer overflow vulnerability in the CRL signature parser.

📖 Read

via "National Vulnerability Database".
335 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-42046 ‼

WFS, Inc HeavenBurnsRed 2020.3.15.7141260 is vulnerable to Local Privilege Escalation.

📖 Read

via "National Vulnerability Database".
354 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-24431 ‼

All versions of package abacus-ext-cmdline are vulnerable to Command Injection via the execute function due to improper user-input sanitization.

📖 Read

via "National Vulnerability Database".
320 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-4617 ‼

Cross-site Scripting (XSS) - Reflected in GitHub repository microweber/microweber prior to 1.3.2.

📖 Read

via "National Vulnerability Database".
316 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-25929 ‼

The package smoothie from 1.31.0 and before 1.36.1 are vulnerable to Cross-site Scripting (XSS) due to improper user input sanitization in strokeStyle and tooltipLabel properties. Exploiting this vulnerability is possible when the user can control these properties.

📖 Read

via "National Vulnerability Database".
335 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-38546 ‼

A DNS misconfiguration was found in Zyxel NBG7510 firmware versions prior to V1.00(ABZY.3)C0, which could allow an unauthenticated attacker to access the DNS server when the device is switched to the AP mode.

📖 Read

via "National Vulnerability Database".
367 views