Security
Headlines
HeadlinesLatestCVEs

Tag

#apple

CVE-2022-27413: GitHub - HH1F/Hospital-Management-System-V1.0-SQLi

Hospital Management System v1.0 was discovered to contain a SQL injection vulnerability via the adminname parameter in admin.php.

CVE
#sql#vulnerability#web#mac#apple#git#intel#php#chrome#webkit
CVE-2022-27330: GitHub - CP04042K/Full-Ecommece-Website-Add_Product-Stored_XSS-POC

A cross-site scripting (XSS) vulnerability in /public/admin/index.php?add_product of E-Commerce Website v1.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the Product Title text field.

Is Leaking a SCOTUS Opinion a Crime? The Law Is Far From Clear

The leak of a draft opinion overturning Roe v. Wade quickly sparked a court investigation. Which laws may have been violated, if any, remains uncertain.

Airdrop phishing: what is it, and how is my cryptocurrency at risk?

We take a look at the popular tactics used in Airdrop phishing to steal access to cryptocurrency users' digital finances. The post Airdrop phishing: what is it, and how is my cryptocurrency at risk? appeared first on Malwarebytes Labs.

CVE-2022-27466: MCMS 5.2.7 SQLI · Issue #90 · ming-soft/MCMS

MCMS v5.2.27 was discovered to contain a SQL injection vulnerability in the orderBy parameter at /dict/list.do.

CVE-2022-28572: CVEIDs/TendaAX18 at main · F0und-icu/CVEIDs

Tenda AX1806 v1.0.0.1 was discovered to contain a command injection vulnerability in `SetIPv6Status` function

CVE-2022-28572: TempName/TendaAX18 at main · F0und-icu/TempName

Tenda AX1806 v1.0.0.1 was discovered to contain a command injection vulnerability in `SetIPv6Status` function

Google Releases First Developer Preview of Privacy Sandbox on Android 13

Google has officially released the first developer preview for the Privacy Sandbox on Android 13, offering an "early look" at the SDK Runtime and Topics API to boost users' privacy online. "The Privacy Sandbox on Android Developer Preview program will run over the course of 2022, with a beta release planned by the end of the year," the search giant said in an overview. A "multi-year effort,"

Critical Vulnerabilities Leave Some Network-Attached Storage Devices Open to Attack

QNAP and Synology say flaws in the Netatalk fileserver allow remote code execution and information disclosure.