#ssl

CVE-2021-44425: Remote Desktop Software for Windows – AnyDesk

An issue was discovered in AnyDesk before 6.2.6 and 6.3.x before 6.3.3. An unnecessarily open listening port on a machine in the LAN of an attacker, opened by the Anydesk Windows client when using the tunneling feature, allows the attacker unauthorized access to the local machine's AnyDesk tunneling protocol stack (and also to any remote destination machine software that is listening to the AnyDesk tunneled port).

2 years ago

CVE

Open in Source

#web #ios #android #mac #windows #linux #java #auth #chrome #ssl

Infix LMS 4.3.0 Shell Upload

Infix LMS version 4.3.0 suffers from a remote shell upload vulnerability.

2 years ago

Packet Storm

Open in Source

#vulnerability #web #windows #apple #ubuntu #linux #js #php #auth #chrome #webkit #ssl

CVE-2022-37767: command execution vulnerability in pebble 3.1.5(latest) · Issue #3 · Y4tacker/Web-Security

Pebble Templates 3.1.5 allows attackers to bypass a protection mechanism and implement arbitrary code execution with springbok

2 years ago

CVE

Open in Source

#sql #vulnerability #web #apache #js #java #rce #maven #ssl

iOS 16 Has Two New Security Features for Worst-Case Scenarios

Safety Check and Lockdown Mode give people in vulnerable situations ways to quarantine themselves from acute risks.

2 years ago

Wired

Open in Source

#vulnerability #ios #mac #apple #git #asus #ssl

Shadow IT and shadow IoT

Can an IoT coffee maker leak company secrets? Where do you put the 'S' in 'IoT'? Join Alison Naylor, Senior Manager for Information Security at Red Hat, in this episode of Security Detail as she discusses the importance of securing IoT devices and how to proceed with caution.

2 years ago

Red Hat Blog

Open in Source

#vulnerability #web #ios #mac #linux #red_hat #ddos #dos #git #botnet #auth #ssh #telnet #ssl

CVE-2022-38266: While processing, division by zero causes an arithmetic exception · Issue #3498 · tesseract-ocr/tesseract

An issue in the Leptonica linked library (v1.79.0) in Tesseract v5.0.0 allows attackers to cause an arithmetic exception leading to a Denial of Service (DoS) via a crafted JPEG file.

2 years ago

CVE

Open in Source

#web #ubuntu #linux #dos #c++#ssh #ssl

Red Hat Security Advisory 2022-6407-01

Red Hat Security Advisory 2022-6407-01 - A minor version update is now available for Red Hat Camel K that includes CVE fixes in the base images, which are documented in the Release Notes document linked in the References section. Issues addressed include denial of service, information leakage, integer overflow, and resource exhaustion vulnerabilities.

2 years ago

Packet Storm

Open in Source

#sql #vulnerability #web #red_hat #dos #apache #js #java #perl #xpath #auth #ibm #ssl

CVE-2022-38093: All in One SEO – Best WordPress SEO Plugin – Easily Improve SEO Rankings & Increase Traffic

Multiple Cross-Site Request Forgery (CSRF) vulnerabilities in All in One SEO plugin <= 4.2.3.1 at WordPress.

2 years ago

CVE

Open in Source

#sql #csrf #vulnerability #web #ios #mac #google #microsoft #apache #js #git #java #wordpress #php #perl #nginx #auth #ssh #sap #ssl

CVE-2022-2526: resolved: pin stream while calling callbacks for it · systemd/systemd@d973d94

A use-after-free vulnerability was found in systemd. This issue occurs due to the on_stream_io() function and dns_stream_complete() function in 'resolved-dns-stream.c' not incrementing the reference counting for the DnsStream object. Therefore, other functions and callbacks called can dereference the DNSStream object, causing the use-after-free when the reference is still used later.

2 years ago

CVE

Open in Source

#vulnerability #ssl

CVE-2022-38068: Export Post Info

Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Apasionados Export Post Info plugin <= 1.1.0 at WordPress.

2 years ago

CVE

Open in Source

#xss #vulnerability #mac #windows #linux #wordpress #php #oauth #auth #ssl

Tag

#ssl