Security
Headlines
HeadlinesLatestCVEs

Tag

#apple

Apple’s child safety features are coming to a Messages app near you

Apple will soon be rolling out its promised child safety features in the Messages app for users in Australia, Canada, New Zealand, and the UK The post Apple’s child safety features are coming to a Messages app near you appeared first on Malwarebytes Labs.

Malwarebytes
#vulnerability#web#ios#mac#apple#google
CVE-2022-27429: V1.9.5: SSRF Vulnerability · Issue #67 · Cherry-toto/jizhicms

Jizhicms v1.9.5 was discovered to contain a Server-Side Request Forgery (SSRF) vulnerability via /admin.php/Plugins/update.html.

Threat Source newsletter (April 21, 2022) — Sideloading apps is as safe as you make it

By Jon Munshaw.  Welcome to this week’s edition of the Threat Source newsletter.  If you pay attention to the video game community as much as I do, you’ve been closely following the ongoing legal battle between Apple and Epic over the sale of “Fortnite” on the Apple App Store. (I promise... [[ This is only the beginning! Please visit the blog for the complete entry ]]

Zero-Day Exploit Use Exploded in 2021

Ransomware and other financially motivated threat actors joined nation-state-backed groups in leveraging unpatched flaws in attack campaigns, new data shows.

CVE-2022-28022: bug_report/SQLi-1.md at main · k0xx11/bug_report

Purchase Order Management System v1.0 was discovered to contain a SQL injection vulnerability via /purchase_order/classes/Master.php?f=delete_item.

CVE-2022-28414: bug_report/SQLi-1.md at main · k0xx11/bug_report

Home Owners Collection Management System v1.0 was discovered to contain a SQL injection vulnerability via /hocms/classes/Master.php?f=delete_member.

CVE-2022-28410: bug_report/SQLi-4.md at main · k0xx11/bug_report

Simple Real Estate Portal System v1.0 was discovered to contain a SQL injection vulnerability via /reps/classes/Users.php?f=delete_agent.

CVE-2022-28413: bug_report/SQLi-2.md at main · k0xx11/bug_report

Car Driving School Management System v1.0 was discovered to contain a SQL injection vulnerability via /cdsms/classes/Master.php?f=delete_enrollment.