# pdf

#intel #pdf #amd #auth

CVE-2022-31219

Vulnerabilities in the Drive Composer allow a low privileged attacker to create and write to a file anywhere on the file system as SYSTEM with arbitrary content as long as the file does not already exist. The Drive Composer installer file allows a low-privileged user to run a "repair" operation on the product.

3 years ago

CVE-2022-24127: REDCap Change Log - Eastern Virginia Medical School (EVMS), Norfolk, Hampton Roads

#vulnerability #pdf

A Stored Cross-Site Scripting (XSS) vulnerability was discovered in ProjectGeneral/edit_project_settings.php in REDCap 12.0.11. This issue allows any user with project management permissions to inject arbitrary code into the project title (app_title) field when editing an existing project. The payload is then reflected within the title tag of the page.

3 years ago

#sql #xss #csrf #vulnerability #web #ios #mac #windows #google #microsoft #amazon #linux #nodejs #js #git #java #php #rce #perl #ldap #pdf #aws #acer #oauth #auth #ruby #chrome #firefox #sap #ssl

CVE-2017-20049

A vulnerability, was found in legacy Axis devices such as P3225 and M3005. This affects an unknown part of the component CGI Script. The manipulation leads to improper privilege management. It is possible to initiate the attack remotely.

3 years ago

CVE-2017-20050: Full Disclosure: Axis Camera Multiple Vulnerabilities

#vulnerability #js #pdf

A vulnerability has been found in AXIS P1204, P3225, P3367, M3045, M3005 and M3007 and classified as problematic. This vulnerability affects unknown code of the component Web Interface. The manipulation leads to improper access controls. The attack can be initiated remotely. It is recommended to upgrade the affected component.

3 years ago

Dark web awash with breached credentials, study finds

#xss #csrf #vulnerability #web #google #apache #js #java #backdoor #pdf #auth

Many consumers still relying on easy-to-crack passwords, warns Digital Shadows

3 years ago

LenelS2 access control vulnerabilities leave door open to lock manipulation

#web #git #intel #pdf #auth

Vendor addresses threat to integrity and availability of physical access systems

3 years ago

HID Mercury access control vulnerabilities leave door open to lock manipulation

#vulnerability #web #linux #dos #git #rce #pdf #buffer_overflow #auth

Manufacturer addresses threat to integrity and availability of physical access systems sold by LenelS2

3 years ago

What is the Essential Eight (And Why Non-Aussies Should Care)

#vulnerability #web #linux #dos #git #rce #pdf #buffer_overflow #auth #zero_day

In 2017, The Australian Cyber Security Center (ACSC) published a set of mitigation strategies that were designed to help organizations to protect themselves against cyber security incidents. These strategies, which became known as the Essential Eight, are designed specifically for use on Windows networks, although variations of these strategies are commonly applied to other platforms. What is

3 years ago

The Hacker News

Oblivious DNS-over-HTTPS offers privacy enhancements to secure lookup protocol

#vulnerability #web #mac #windows #microsoft #git #java #intel #pdf #auth #The Hacker News

ODoH is said to enhance user privacy without compromising performance

3 years ago