Security
Headlines
HeadlinesLatestCVEs

Tag

#mac

Senayan Library Management System 9.4.0 Cross Site Scripting

Senayan Library Management System version 9.4.0 suffers from a cross site scripting vulnerability.

Packet Storm
Open in Source
#xss#csrf#vulnerability#web#mac#windows#apple#google#apache#js#git#java#php#auth#chrome#webkit#ssl
Zombinder on Dark Web Lets Hackers Add Malware to Legit Apps

By Deeba Ahmed At the moment, Zombinder is focusing entirely on Android apps but the service operators are offering Windows apps binding services. This is a post from HackRead.com Read the original post: Zombinder on Dark Web Lets Hackers Add Malware to Legit Apps

Threat Round up for December 2 to December 9

Today, Talos is publishing a glimpse into the most prevalent threats we've observed between Dec. 2 and Dec. 9. As with previous roundups, this post isn't meant to be an in-depth analysis. Instead, this post will summarize the threats we've observed by highlighting key

CVE-2022-23484: Integer Overflow in xrdp_mm_process_rail_update_window_text

xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Integer Overflow in xrdp_mm_process_rail_update_window_text() function. There are no known workarounds for this issue. Users are advised to upgrade.

CVE-2022-23478: Out of Bound Write in xrdp_mm_trans_process_drdynvc_channel_open

xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Out of Bound Write in xrdp_mm_trans_process_drdynvc_channel_open() function. There are no known workarounds for this issue. Users are advised to upgrade.

CVE-2022-23482: Out-of-Bound Read in xrdp_sec_process_mcs_data_CS_CORE

xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Out of Bound Read in xrdp_sec_process_mcs_data_CS_CORE() function. There are no known workarounds for this issue. Users are advised to upgrade.

CVE-2022-23468: Buffer Overflow in xrdp_login_wnd_create

xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a buffer over flow in xrdp_login_wnd_create() function. There are no known workarounds for this issue. Users are advised to upgrade.

CVE-2022-23481: Out-of-Bound Read in xrdp_caps_process_confirm_active

xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a Out of Bound Read in xrdp_caps_process_confirm_active() function. There are no known workarounds for this issue. Users are advised to upgrade.

CVE-2022-23479: Buffer Overflow occurs in xrdp_mm_chan_data_in

xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a buffer over flow in xrdp_mm_chan_data_in() function. There are no known workarounds for this issue. Users are advised to upgrade.

CVE-2022-23480: Buffer Overflow in devredir_proc_client_devlist_announce_req

xrdp is an open source project which provides a graphical login to remote machines using Microsoft Remote Desktop Protocol (RDP). xrdp < v0.9.21 contain a buffer over flow in devredir_proc_client_devlist_announce_req() function. There are no known workarounds for this issue. Users are advised to upgrade.