Security
Headlines
HeadlinesLatestCVEs

Tag

#alibaba

CVE-2022-42060: Vulnerabilities in Tenda's W15Ev2 AC1200 Router

Tenda AC1200 Router Model W15Ev2 V15.11.0.10(1576) was discovered to contain a stack overflow via the setWanPpoe function. This vulnerability allows attackers to cause a Denial of Service (DoS) via crafted overflow data.

CVE
#xss#vulnerability#web#mac#google#amazon#linux#dos#js#git#java#intel#perl#buffer_overflow#alibaba#auth#telnet#firefox#sap#wifi
CVE-2022-40847: Vulnerabilities in Tenda's W15Ev2 AC1200 Router

In Tenda AC1200 Router model W15Ev2 V15.11.0.10(1576), there exists a command injection vulnerability in the function formSetFixTools. This vulnerability allows attackers to run arbitrary commands on the server via the hostname parameter.

CVE-2022-27949: Fix secrets rendered in UI when task is not executed. by tirkarthi · Pull Request #22754 · apache/airflow

A vulnerability in UI of Apache Airflow allows an attacker to view unmasked secrets in rendered template values for tasks which were not executed (for example when they were depending on past and previous instances of the task failed). This issue affects Apache Airflow prior to 2.3.1.

CVE-2022-42055: GL.iNET MT300N-V2 Vulnerabilities and Hardware Teardown

Multiple command injection vulnerabilities in GL.iNet GoodCloud IoT Device Management System Version 1.00.220412.00 via the ping and traceroute tools allow attackers to read arbitrary files on the system.

GHSA-5qwq-g2hx-r6f7: Hessian Lite for Apache Dubbo deserialization vulnerability

A deserialization vulnerability existed in dubbo hessian-lite 3.2.12 and its earlier versions, which could lead to malicious code execution. This issue affects Apache Dubbo 2.7.x version 2.7.17 and prior versions; Apache Dubbo 3.0.x version 3.0.11 and prior versions; Apache Dubbo 3.1.x version 3.1.0 and prior versions.

What You Need for a Strong Security Posture

From the basics to advanced techniques, here's what you should know.

World’s Leading Blockchain DeFiChain Announces Adding Four New dTokens

By Waqas Bitcoin network’s most prosperous blockchain DeFiChain is a decentralized proof-of-stake platform created as a hard fork to enable… This is a post from HackRead.com Read the original post: World’s Leading Blockchain DeFiChain Announces Adding Four New dTokens

What is the Confidential Containers project?

Confidential Containers (CoCo) is a new sandbox project of the Cloud Native Computing Foundation (CNCF) that enables cloud-native confidential computing by taking advantage of a variety of hardware platforms and technologies.

Researchers Link Cheerscrypt Linux-Based Ransomware to Chinese Hackers

The recently discovered Linux-Based ransomware strain known as Cheerscrypt has been attributed to a Chinese cyber espionage group known for operating short-lived ransomware schemes. Cybersecurity firm Sygnia attributed the attacks to a threat actor it tracks under the name Emperor Dragonfly, which is also known as Bronze Starlight (Secureworks) and DEV-0401 (Microsoft). "Emperor Dragonfly

Cyera Survey Finds One in Three Respondents Want to Minimize Cloud Data Risk

Multiple providers say 'cloud data sprawl' makes managing cloud data risk a priority initiative within the next 12 months.