Security
Headlines
HeadlinesLatestCVEs

Tag

#mac

CVE-2022-36482: vuln/TOTOLINK/N350RT/6 at main · Darry-lang1/vuln

TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a command injection vulnerability via the lang parameter in the function setLanguageCfg.

CVE
Open in Source
#vulnerability#web#mac#windows#js#java#auth#firefox
CVE-2022-36484: vuln/TOTOLINK/N350RT/7 at main · Darry-lang1/vuln

TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a stack overflow via the function setDiagnosisCfg.

CVE-2022-36485: vuln/TOTOLINK/N350RT/5 at main · Darry-lang1/vuln

TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a command injection vulnerability via the hostName parameter in the function setOpModeCfg.

CVE-2022-36480: vuln/TOTOLINK/N350RT/8 at main · Darry-lang1/vuln

TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a stack overflow via the command parameter in the function setTracerouteCfg.

CVE-2022-36481: vuln/TOTOLINK/N350RT/1 at main · Darry-lang1/vuln

TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a command injection vulnerability via the ip parameter in the function setDiagnosisCfg.

CVE-2022-36483: vuln/TOTOLINK/N350RT/9 at main · Darry-lang1/vuln

TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a stack overflow via the pppoeUser parameter.

CVE-2022-36479: vuln/TOTOLINK/N350RT/3 at main · Darry-lang1/vuln

TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a command injection vulnerability via the host_time parameter in the function NTPSyncWithHost.

CVE-2022-36486: vuln/TOTOLINK/N350RT/4 at main · Darry-lang1/vuln

TOTOLINK N350RT V9.3.5u.6139_B20201216 was discovered to contain a command injection vulnerability via the FileName parameter in the function UploadFirmwareFile.

Researchers Uncover Kimusky Infra Targeting South Korean Politicians and Diplomats

The North Korean nation-state group Kimusky has been linked to a new set of malicious activities directed against political and diplomatic entities located in its southern counterpart in early 2022. Russian cybersecurity firm Kaspersky codenamed the cluster GoldDragon, with the infection chains leading to the deployment of Windows malware designed to file lists, user keystrokes, and stored web

RHSA-2022:6184: Red Hat Security Advisory: Self Node Remediation Operator 0.4.1 security update

This is an updated release of the Self Node Remediation Operator. The Self Node Remediation Operator replaces the Poison Pill Operator, and is delivered by Red Hat Workload Availability. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-30631: golang: compress/gzip: stack exhaustion in Reader.Read