Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

Demanzo Matrimony 1.5 Cross Site Request Forgery

Demanzo Matrimony version 1.5 suffers from a cross site request forgery vulnerability.

Packet Storm
Open in Source
#csrf#vulnerability#web#windows#google#php#auth#firefox
Argon Dashboard 1.1.2 SQL Injection

Argon Dashboard version 1.1.2 suffers from a remote SQL injection vulnerability that allows for authentication bypass.

CVE-2022-32972: CVE-2022-32972: Infoblox BloxOne Endpoint for Windows local privilege escalation

Infoblox BloxOne Endpoint for Windows through 2.2.7 allows DLL injection that can result in local privilege escalation.

⚡Top Cybersecurity News Stories This Week — Cybersecurity Newsletter

Hey 👋 there, cyber friends! Welcome to this week's cybersecurity newsletter, where we aim to keep you informed and empowered in the ever-changing world of cyber threats. In today's edition, we will cover some interesting developments in the cybersecurity landscape and share some insightful analysis of each to help you protect yourself against potential attacks. 1. Apple 📱 Devices Hacked with

CVE-2022-40347: GitHub - h4md153v63n/CVE-2022-40347_Intern-Record-System-phone-V1.0-SQL-Injection-Vulnerability-Unauthenticated: CVE-2022-40347: Intern Record System - 'phone', 'email', 'deptType' and 'name' SQL Inje

SQL Injection vulnerability in Intern Record System version 1.0 in /intern/controller.php in 'phone', 'email', 'deptType' and 'name' parameters, allows attackers to execute arbitrary code and gain sensitive information.

Mortal Kombat ransomware forms tag team with crypto-stealing malware

Categories: News Tags: mortal kombat Tags: ransomware Tags: laplas clipper Tags: cryptocurrency Tags: encrypt Tags: network Tags: infect Tags: ransom Tags: demand Tags: BAT file Tags: email Tags: phish Tags: phishing Tags: attachment It’s like a choose your own adventure game gone horribly wrong. (Read more...) The post Mortal Kombat ransomware forms tag team with crypto-stealing malware appeared first on Malwarebytes Labs.

CVE-2023-0882: UPDATE PATCH [RDP Proxy IDOR Vulnerability] - Kron Docs

Improper Input Validation, Authorization Bypass Through User-Controlled Key vulnerability in Kron Tech Single Connect on Windows allows Privilege Abuse.This issue affects Single Connect: 2.16.

Critical RCE Vulnerability Discovered in ClamAV Open-Source Antivirus Software

Cisco has rolled out security updates to address a critical flaw reported in the ClamAV open source antivirus engine that could lead to remote code execution on susceptible devices. Tracked as CVE-2023-20032 (CVSS score: 9.8), the issue relates to a case of remote code execution residing in the HFS+ file parser component. The flaw affects versions 1.0.0 and earlier, 0.105.1 and earlier, and

CVE-2022-27808: INTEL-SA-00761

Insufficient control flow management in some Intel(R) Ethernet Controller Administrative Tools drivers for Windows before version 1.5.0.2 may allow an authenticated user to potentially enable escalation of privilege via local access.