Security
Headlines
HeadlinesLatestCVEs

Tag

#samsung

CVE-2022-35118: AARO-Bugs/AARO-CVE-List.md at master · Accenture/AARO-Bugs

PyroCMS v3.9 was discovered to contain multiple cross-site scripting (XSS) vulnerabilities.

CVE
Open in Source
#sql#xss#csrf#vulnerability#ios#android#mac#windows#apple#google#microsoft#linux#cisco#dos#git#java#oracle#php#rce#ssrf#vmware#buffer_overflow#samsung#auth#chrome#firefox#wifi
Apple Just Patched 37 iPhone Security Bugs

Plus: A Google Chrome patch licks the DevilsTongue spyware, Android’s kernel gets a tune-up, and Microsoft fixes 84 flaws.

Ransomware rolled through business defenses in Q2 2022

2022 is shaping up to be another banner year for ransomware, which continued to dominate the threat landscape in Q2. The post Ransomware rolled through business defenses in Q2 2022 appeared first on Malwarebytes Labs.

CVE-2022-20234: Android Automotive OS Update Bulletin—July 2022  |  Android Open Source Project

In Car Settings app, the NotificationAccessConfirmationActivity is exported. In NotificationAccessConfirmationActivity, it gets both 'mComponentName' and 'pkgTitle' from user.An unprivileged app can use a malicous mComponentName with a benign pkgTitle (e.g. Settings app) to make users enable notification access permission for the malicious app. That is, users believe they enable the notification access permission for the Settings app, but actually they enable the notification access permission for the malicious app.Once the malicious app gets the notification access permission, it can read all notifications, including users' personal information.Product: AndroidVersions: Android-12LAndroid ID: A-225189301

CVE-2022-20238: Android Security Bulletin—July 2022  |  Android Open Source Project

'remap_pfn_range' here may map out of size kernel memory (for example, may map the kernel area), and because the 'vma->vm_page_prot' can also be controlled by userspace, so userspace may map the kernel area to be writable, which is easy to be exploitedProduct: AndroidVersions: Android SoCAndroid ID: A-233154555

CVE-2022-33706

Improper access control vulnerability in Samsung Gallery prior to version 13.1.05.8 allows physical attackers to access the pictures using S Pen air gesture.

Mobile Cybersecurity Firm Cirotta Launches Anti-Hacking Phone Cases

By Deeba Ahmed Israeli Mobile Cybersecurity Startup Cirotta has launched smartphone cases that the company claims to provide complete protection while… This is a post from HackRead.com Read the original post: Mobile Cybersecurity Firm Cirotta Launches Anti-Hacking Phone Cases

The Worst Hacks and Breaches of 2022 So Far

From cryptocurrency thefts to intrusions into telecom giants, state-backed attackers have had a field day in the year’s first half.

You Need to Update Windows and Chrome Right Now

Plus: Google issues fixes for Android bugs, and Cisco, Citrix, SAP, WordPress, and more issue major patches for enterprise systems.

Ransomware Volume Nearly Doubles 2021 Totals in a Single Quarter

Like a hydra, every time one ransomware gang drops out (REvil or Conti), plenty more step up to fill the void (Black Basta).