Tag
#firefox
Yimioa v6.1 was discovered to contain a SQL injection vulnerability via the orderbyGET parameter.
Ywoa before v6.1 was discovered to contain a SQL injection vulnerability via /oa/setup/checkPool?database.
The Donot Team threat actor has updated its Jaca Windows malware toolkit with improved capabilities, including a revamped stealer module designed to plunder information from Google Chrome and Mozilla Firefox browsers. The improvements also include a new infection chain that incorporates previously undocumented components to the modular framework, Morphisec researchers Hido Cohen and Arnold
Improper buffer restrictions in the firmware for some Intel(R) NUC Laptop Kits before version BC0076 may allow a privileged user to potentially enable escalation of privilege via local access.
Insufficiently protected credentials for Intel(R) AMT and Intel(R) Standard Manageability may allow a privileged user to potentially enable information disclosure via local access.
Improper access control in the firmware for some Intel(R) E810 Ethernet Controllers before version 1.6.2.9 may allow a privileged user to potentially enable denial of service via local access.
Improper buffer restrictions for some Intel(R) NUC 9 Extreme Laptop Kit drivers before version 2.2.0.22 may allow an authenticated user to potentially enable escalation of privilege via local access.
Insufficiently protected credentials in the installation binaries for Intel(R) SEAPI in all versions may allow an authenticated user to potentially enable escalation of privilege via local access.
Authentication bypass for the Open AMT Cloud Toolkit software maintained by Intel(R) before versions 2.0.2 and 2.2.2 may allow an unauthenticated user to potentially enable escalation of privilege via network access.
Uncontrolled search path elements in the Intel(R) Datacenter Group Event Android application, all versions, may allow an authenticated user to potentially enable escalation of privilege via local access.