Security
Headlines
HeadlinesLatestCVEs

Tag

#mac

CVE-2022-41233: Jenkins Security Advisory 2022-09-21

Jenkins Rundeck Plugin 3.6.11 and earlier does not perform Run/Artifacts permission checks in multiple HTTP endpoints, allowing attackers with Item/Read permission to obtain information about build artifacts of a given job, if the optional Run/Artifacts permission is enabled.

CVE
Open in Source
#xss#csrf#vulnerability#web#mac#git#rce#ssrf#auth
CVE-2022-41227: Jenkins Security Advisory 2022-09-21

A cross-site request forgery (CSRF) vulnerability in Jenkins NS-ND Integration Performance Publisher Plugin 4.8.0.129 and earlier allows attackers to connect to an attacker-specified webserver using attacker-specified credentials.

CVE-2022-41255: Jenkins Security Advisory 2022-09-21

Jenkins CONS3RT Plugin 1.0.0 and earlier stores Cons3rt API token unencrypted in job config.xml files on the Jenkins controller where it can be viewed by users with access to the Jenkins controller file system.

15-Year-Old Python Flaw Slithers into Software Worldwide

An unpatched flaw in more than 350,000 unique open source repositories leaves software applications vulnerable to exploit. The path traversal-related vulnerability is tracked as CVE-2007-4559.

5 things to teach your kids about social media

Categories: Personal Tags: school Tags: back to school Tags: social media Tags: twitter Tags: facebook Tags: instagram Tags: tik-tok Tags: sharing Tags: safety Tags: kids Tags: adults Tags: parents Tags: children Tags: teens Tags: teen Tags: teenagers We have some suggestions for helping your kids keep themselves safe on social media as they head back into school. (Read more...) The post 5 things to teach your kids about social media appeared first on Malwarebytes Labs.

Tax refund phish logs keystrokes to swipe personal details

Categories: News Tags: tax refund Tags: phish Tags: phishing Tags: scam Tags: greece Tags: greek Tags: javascript Tags: keylogger The phishing mails rely on that time-honoured tradition of bogus tax returns and non-existent refunds. (Read more...) The post Tax refund phish logs keystrokes to swipe personal details appeared first on Malwarebytes Labs.

Shadowy Russian Cell Phone Companies Are Cropping Up in Ukraine

But as Ukrainians retake ground, some of the firms are erasing their online presence.

Microsoft Brings Zero Trust to Hardware in Windows 11

A stacked combination of hardware and software protects the next version of Windows against the latest generation of firmware threats.

CVE-2022-32912: About the security content of Safari 16

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in Safari 16, iOS 16, iOS 15.7 and iPadOS 15.7. Processing maliciously crafted web content may lead to arbitrary code execution.

CVE-2022-32917: About the security content of macOS Big Sur 11.7

The issue was addressed with improved bounds checks. This issue is fixed in macOS Monterey 12.6, iOS 15.7 and iPadOS 15.7, iOS 16, macOS Big Sur 11.7. An application may be able to execute arbitrary code with kernel privileges. Apple is aware of a report that this issue may have been actively exploited..