🛡 Cybersecurity & Privacy 🛡 - News
@cibsecurity
25.8K subscribers
89.2K links
🗞 The finest daily news on cybersecurity and privacy.

🔔 Daily releases.

💻 Is your online life secure?

📩 lalilolalo.dev@gmail.com
Download Telegram
About
Blog
Apps
Platform
Join
🛡 Cybersecurity & Privacy 🛡 - News
25.8K subscribers
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-32641

In meta wifi, there is a possible out of bounds read due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07453594; Issue ID: ALPS07453594.

📖 Read

via "National Vulnerability Database".
284 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-44036

RESERVED There is an arbitrary file upload vulnerability in b2evolution v7.2.5. Attackers can use this vulnerability to execute remote commands.

📖 Read

via "National Vulnerability Database".
316 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-32638

In isp, there is a possible out of bounds write due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Patch ID: ALPS07494449; Issue ID: ALPS07494449.

📖 Read

via "National Vulnerability Database".
379 views
🛡 Cybersecurity & Privacy 🛡 - News
🕴 2023 Will See Renewed Focus on Quantum Computing 🕴

Adopting post-quantum cryptography is something that has been discussed for years; it's time for organizations to get to work.

📖 Read

via "Dark Reading".
Dark Reading
2023 Will See Renewed Focus on Quantum Computing
Adopting post-quantum cryptography has been discussed for years; now it's time for organizations to get to work.
533 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-46081

In Garmin Connect 4.61, terminating a LiveTrack session wouldn't prevent the LiveTrack API from continued exposure of private personal information.

📖 Read

via "National Vulnerability Database".
👍1
509 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-39084

In network service, there is a missing permission check. This could lead to local escalation of privilege with System execution privileges needed.

📖 Read

via "National Vulnerability Database".
437 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-44445

In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.

📖 Read

via "National Vulnerability Database".
419 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2019-25094

A vulnerability, which was classified as problematic, was found in innologi appointments Extension up to 2.0.5. This affects an unknown part of the component Appointment Handler. The manipulation of the argument formfield leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to version 2.0.6 is able to address this issue. The name of the patch is 986d3cb34e5e086c6f04e061f600ffc5837abe7f. It is recommended to upgrade the affected component. The identifier VDB-217353 was assigned to this vulnerability.

📖 Read

via "National Vulnerability Database".
350 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-44430

In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.

📖 Read

via "National Vulnerability Database".
229 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-39104

In contacts service, there is a missing permission check. This could lead to local denial of service in Contacts service with no additional execution privileges needed.

📖 Read

via "National Vulnerability Database".
213 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-44434

In messaging service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed.

📖 Read

via "National Vulnerability Database".
200 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2014-125039

A vulnerability, which was classified as problematic, has been found in kkokko NeoXplora. Affected by this issue is some unknown functionality of the component Trainer Handler. The manipulation leads to cross site scripting. The attack may be launched remotely. The name of the patch is dce1aecd6ee050a29f953ffd8f02f21c7c13f1e6. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-217352.

📖 Read

via "National Vulnerability Database".
193 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-39087

In network service, there is a missing permission check. This could lead to local escalation of privilege with System execution privileges needed.

📖 Read

via "National Vulnerability Database".
180 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-44439

In messaging service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed.

📖 Read

via "National Vulnerability Database".
179 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-39083

In network service, there is a missing permission check. This could lead to local escalation of privilege with System execution privileges needed.

📖 Read

via "National Vulnerability Database".
171 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-44428

In wlan driver, there is a possible missing bounds check. This could lead to local denial of service in wlan services.

📖 Read

via "National Vulnerability Database".
167 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2010-10003

A vulnerability classified as critical was found in gesellix titlelink. Affected by this vulnerability is an unknown functionality of the file plugin_content_title.php. The manipulation of the argument phrase leads to sql injection. The name of the patch is b4604e523853965fa981a4e79aef4b554a535db0. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-217351.

📖 Read

via "National Vulnerability Database".
167 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-38682

In contacts service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed.

📖 Read

via "National Vulnerability Database".
161 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-39082

In network service, there is a missing permission check. This could lead to local escalation of privilege with System execution privileges needed.

📖 Read

via "National Vulnerability Database".
166 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-44438

In messaging service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed.

📖 Read

via "National Vulnerability Database".
169 views
🛡 Cybersecurity & Privacy 🛡 - News
CVE-2022-44437

In messaging service, there is a missing permission check. This could lead to local denial of service in contacts service with no additional execution privileges needed.

📖 Read

via "National Vulnerability Database".
179 views