‼ CVE-2022-48069 ‼
📖 Read
via "National Vulnerability Database".
Totolink A830R V4.1.2cu.5182 was discovered to contain a command injection vulnerability via the QUERY_STRING parameter.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-48066 ‼
📖 Read
via "National Vulnerability Database".
An issue in the component global.so of Totolink A830R V4.1.2cu.5182 allows attackers to bypass authentication via a crafted cookie.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-48073 ‼
📖 Read
via "National Vulnerability Database".
Phicomm K2 v22.6.534.263 was discovered to store the root and admin passwords in plaintext.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-48067 ‼
📖 Read
via "National Vulnerability Database".
An information disclosure vulnerability in Totolink A830R V4.1.2cu.5182 allows attackers to obtain the root password via a brute-force attack.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-48072 ‼
📖 Read
via "National Vulnerability Database".
Phicomm K2G v22.6.3.20 was discovered to contain a command injection vulnerability via the autoUpTime parameter in the automatic upgrade function.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-21395 ‼
📖 Read
via "National Vulnerability Database".
Magneto LTS (Long Term Support) is a community developed alternative to the Magento CE official releases. Versions prior to 19.4.22 and 20.0.19 are vulnerable to Cross-Site Request Forgery. The password reset form is vulnerable to CSRF between the time the reset password link is clicked and user submits new password. This issue is patched in versions 19.4.22 and 20.0.19. There are no workarounds.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-47632 ‼
📖 Read
via "National Vulnerability Database".
Razer Synapse before 3.7.0830.081906 allows privilege escalation due to an unsafe installation path, improper privilege management, and improper certificate validation. Attackers can place malicious DLLs into %PROGRAMDATA%\Razer\Synapse3\Service\bin if they do so before the service is installed and if they deny write access for the SYSTEM user. Although the service will not start if the malicious DLLs are unsigned, it suffices to use self-signed DLLs. The validity of the DLL signatures is not checked. As a result, local Windows users can abuse the Razer driver installer to obtain administrative privileges on Windows.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-48070 ‼
📖 Read
via "National Vulnerability Database".
Phicomm K2 v22.6.534.263 was discovered to contain a command injection vulnerability via the autoUpTime parameter in the automatic upgrade function.📖 Read
via "National Vulnerability Database".
⚠ Hive ransomware servers shut down at last, says FBI ⚠
📖 Read
via "Naked Security".
Unfortunately, you've probably already heard the cliche that "cybercrime abhors a vacuum"...📖 Read
via "Naked Security".
Sophos News
Naked Security – Sophos News
👍1
‼ CVE-2022-46192 ‼
📖 Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-46191 ‼
📖 Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-46211 ‼
📖 Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-4335 ‼
📖 Read
via "National Vulnerability Database".
A blind SSRF vulnerability was identified in all versions of GitLab EE prior to 15.4.6, 15.5 prior to 15.5.5, and 15.6 prior to 15.6.1 which allows an attacker to connect to a local host.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-46202 ‼
📖 Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-46195 ‼
📖 Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-46207 ‼
📖 Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-46219 ‼
📖 Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-46216 ‼
📖 Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-46193 ‼
📖 Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-46184 ‼
📖 Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-46213 ‼
📖 Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none.📖 Read
via "National Vulnerability Database".