Security
Headlines
HeadlinesLatestCVEs

Tag

#apple

CVE-2022-32056: GitHub - JackyG0/Online-Accreditation-Management-System-v1.0-SQLi

Online Accreditation Management v1.0 was discovered to contain a SQL injection vulnerability via the USERNAME parameter at process.php.

CVE
#sql#vulnerability#web#mac#apple#git#intel#php#chrome#webkit
CVE-2022-32055: CVEs/Inout-Homestay-2-2-sqli.md at main · bigb0x/CVEs

Inout Homestay v2.2 was discovered to contain a SQL injection vulnerability via the guests parameter at /index.php?page=search/rentals.

CVE-2015-5236: Invalid Bug ID

It was discovered that the IcedTea-Web used codebase attribute of the <applet> tag on the HTML page that hosts Java applet in the Same Origin Policy (SOP) checks. As the specified codebase does not have to match the applet's actual origin, this allowed malicious site to bypass SOP via spoofed codebase value.

Buggy 'Log in With Google' API Implementation Opens Crypto Wallets to Account Takeover

Improper implementations of authentication APIs at a global crypto wallet service provider could have resulted in the loss of account control — and millions of dollars — from personal and business accounts.

Apple Lockdown Mode helps protect users from spyware

Apple has announced a new feature called Lockdown Mode, designed to provide a safer environment on iOS for people at high risk of what Apple refers to as "mercenary spyware." The post Apple Lockdown Mode helps protect users from spyware appeared first on Malwarebytes Labs.

Apple's New "Lockdown Mode" Protects iPhone, iPad, and Mac Against Spyware

Apple on Wednesday announced it plans to introduce an enhanced security setting called Lockdown Mode in iOS 16, iPadOS 16, and macOS Ventura to safeguard high-risk users against "highly targeted cyberattacks." The "extreme, optional protection" feature, now available for preview in beta versions of its upcoming software, is designed to counter a surge in threats posed by private companies

Apple Debuts Spyware Protection for State-Sponsored Cyberattacks

Apple's new Lockdown Mode protects devices targeted by sophisticated state-sponsored mercenary spyware attacks.

CVE-2022-34595: IOT_Vul/readme_en.md at main · zhefox/IOT_Vul

Tenda AX1803 v1.0.0.1_2890 was discovered to contain a command injection vulnerability via the function setipv6status.

CVE-2022-34597: IOT_Vul/readme_en.md at main · zhefox/IOT_Vul

Tenda AX1806 v1.0.0.1 was discovered to contain a command injection vulnerability via the function WanParameterSetting.