Security
Headlines
HeadlinesLatestCVEs

Tag

#ios

CVE-2021-4285

A vulnerability classified as problematic was found in Nagios NCPA. This vulnerability affects unknown code of the file agent/listener/templates/tail.html. The manipulation of the argument name leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 2.4.0 is able to address this issue. The name of the patch is 5abbcd7aa26e0fc815e6b2b0ffe1c15ef3e8fab5. It is recommended to upgrade the affected component. VDB-216874 is the identifier assigned to this vulnerability.

CVE
Open in Source
#xss#vulnerability#ios
CVE-2022-26969: Cross-Origin Resource Sharing (CORS) - HTTP | MDN

In Directus before 9.7.0, the default settings of CORS_ORIGIN and CORS_ENABLED are true.

CVE-2021-43395: Topicbox

An issue was discovered in illumos before f859e7171bb5db34321e45585839c6c3200ebb90, OmniOS Community Edition r151038, OpenIndiana Hipster 2021.04, and SmartOS 20210923. A local unprivileged user can cause a deadlock and kernel panic via crafted rename and rmdir calls on tmpfs filesystems. Oracle Solaris 10 and 11 is also affected.

A week in security (December 19 - 25)

Categories: News Tags: security vulnerabilities Tags: cryptocurrency Tags: lock and code Tags: SevenRooms Tags: adult popunder Tags: ad fraud Tags: AV-TEST Tags: Gemini Tags: cryptocurrency Tags: Play ransomware Tags: ransomware Tags: blocking IP addresses Tags: BEC scam Tags: BEC Tags: Bricklink Tags: Lego Tags: Netflix Tags: Disney+ Tags: password sharing Tags: The Guardian Tags: ransomware attack Tags: Godfather malware Tags: Godfather Tags: Android banking malware The most interesting security related news from the week of December 19 to 25. (Read more...) The post A week in security (December 19 - 25) appeared first on Malwarebytes Labs.

CVE-2022-43848: Security Bulletin: AIX is vulnerable to denial of service vulnerabilities

IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX perfstat kernel extension to cause a denial of service. IBM X-Force ID: 239169.

CVE-2022-41290: Security Bulletin: AIX is affected by a root privilege escalation vulnerability (CVE-2022-41290)

IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the rm_rlcache_file command to obtain root privileges. IBM X-Force ID: 236690.

CVE-2022-43849: IBM AIX denial of service CVE-2022-43849 Vulnerability Report

IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1could allow a non-privileged local user to exploit a vulnerability in the AIX pfcdd kernel extension to cause a denial of service. IBM X-Force ID: 239170.

CVE-2022-43381: Security Bulletin: AIX is vulnerable to a denial of service due to the AIX SMB client (CVE-2022-43381)

IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1could allow a non-privileged local user to exploit a vulnerability in the AIX SMB client to cause a denial of service. IBM X-Force ID: 238639.

CVE-2022-40233: IBM AIX denial of service CVE-2022-40233 Vulnerability Report

IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a vulnerability in the AIX TCP/IP kernel extension to cause a denial of service. IBM X-Force ID: 235599.

CVE-2022-39165: IBM AIX denial of service CVE-2022-39165 Vulnerability Report

IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1could allow a non-privileged local user to exploit a vulnerability in CAA to cause a denial of service. IBM X-Force ID: 235183.