Security
Headlines
HeadlinesLatestCVEs

Tag

#apple

MSNSwitch Firmware MNT.2408 Remote Code Execution

MSNSwitch Firmware MNT.2408 suffers from a remote code execution vulnerability.

Packet Storm
Open in Source
#csrf#vulnerability#web#windows#apple#google#git#rce#auth#chrome#webkit
StrelaStealer Malware Hijacking Outlook and Thunderbird Accounts

By Deeba Ahmed Dubbed StrelaStealer, the malware is being distributed through malicious email attachments and targets Spanish-speaking people. This is a post from HackRead.com Read the original post: StrelaStealer Malware Hijacking Outlook and Thunderbird Accounts

Elon Musk's Twitter Blue Verification Is a Gift to Scammers

Anyone can get a blue tick on Twitter without proving who they are. And it’s already causing a ton of problems.

Microsoft Issues Patches to Fix 6 Active 0-Day Windows Vulnerabilities

By Deeba Ahmed Microsoft has urged Windows Administrators to install the updates urgently so make sure you have the latest patches installed! This is a post from HackRead.com Read the original post: Microsoft Issues Patches to Fix 6 Active 0-Day Windows Vulnerabilities

Ubuntu Security Notice USN-5719-1

Ubuntu Security Notice 5719-1 - It was discovered that OpenJDK incorrectly handled long client hostnames. An attacker could possibly use this issue to cause the corruption of sensitive information. It was discovered that OpenJDK incorrectly randomized DNS port numbers. A remote attacker could possibly use this issue to perform spoofing attacks. It was discovered that OpenJDK did not limit the number of connections accepted from HTTP clients. An attacker could possibly use this issue to cause a denial of service.

Install Latest Windows Update ASAP! Patches Issued for 6 Actively Exploited Zero-Days

Microsoft's latest round of monthly security updates has been released with fixes for 68 vulnerabilities spanning its software portfolio, including patches for six actively exploited zero-days. 12 of the issues are rated Critical, two are rated High, and 55 are rated Important in severity. This also includes the weaknesses that were closed out by OpenSSL the previous week. Also separately

How to Use Apple Pay or Google Wallet Instead of Plastic Cards

Cash is safe—for now. Contactless payment methods, like Apple Pay or Google Wallet, are more of a threat to the existence of physical cards.

CVE-2022-43046: bug_report/XSS-1.md at main · Oudaorui/bug_report

Food Ordering Management System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the component /foms/place-order.php.

Urlscan.io API Inadvertently Leaked Sensitive Data and URLs

By Deeba Ahmed Urlscan.io is a website scanning and analyzing engine that accepts URL submissions and creates a trove of data such as IPs, domains, DOM information, screenshots, and cookies. This is a post from HackRead.com Read the original post: Urlscan.io API Inadvertently Leaked Sensitive Data and URLs

CVE-2022-3878: GitHub - huclilu/CVE_Add

A vulnerability classified as critical has been found in Maxon ERP. This affects an unknown part of the file /index.php/purchase_order/browse_data. The manipulation of the argument tb_search leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-213039.