Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

CVE-2022-40841: cve-s/poc.txt at main · daaaalllii/cve-s

A cross-site scripting (XSS) vulnerability in NdkAdvancedCustomizationFields v3.5.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payloads injected into the "htmlNodes" parameter.

CVE
Open in Source
#xss#vulnerability#web#windows#php#auth
CVE-2022-4287: DEVO-2022-0011

Authentication bypass in local application lock feature in Devolutions Remote Desktop Manager 2022.3.26 and earlier on Windows allows malicious user to access the application.

Raspberry Robin Worm Strikes Again, Targeting Telecom and Government Systems

The Raspberry Robin worm has been used in attacks against telecommunications and government office systems across Latin America, Australia, and Europe since at least September 2022. "The main payload itself is packed with more than 10 layers for obfuscation and is capable of delivering a fake payload once it detects sandboxing and security analytics tools," Trend Micro researcher Christopher So

Senayan Library Management System 9.2.2 Cross Site Scripting

Senayan Library Management System version 9.2.2 suffers from a cross site scripting vulnerability.

CVE-2022-46662: Corel Roxio Creator LJB starts a program with an unquoted file path

Roxio Creator LJB starts another program with an unquoted file path. Since a registered Windows service path contains spaces and are unquoted, if a malicious executable is placed on a certain path, the executable may be executed with the privilege of the Windows service. The affected product and versions are as follows: Roxio Creator LJB version number 12.2 build number 106B62B, version number 12.2 build number 106B63A, version number 12.2 build number 106B69A, version number 12.2 build number 106B71A, and version number 12.2 build number 106B74A)

CVE-2022-46330: Better delay load urlmon and move official build to GH Actions by robmen · Pull Request #1807 · Squirrel/Squirrel.Windows

Squirrel.Windows is both a toolset and a library that provides installation and update functionality for Windows desktop applications. Installers generated by Squirrel.Windows 2.0.1 and earlier contain an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries. As a result, arbitrary code may be executed with the privilege of the user invoking the installer.

Ransomware Hackers Using New Way to Bypass MS Exchange ProxyNotShell Mitigations

Threat actors affiliated with a ransomware strain known as Play are leveraging a never-before-seen exploit chain that bypasses blocking rules for ProxyNotShell flaws in Microsoft Exchange Server to achieve remote code execution (RCE) through Outlook Web Access (OWA). "The new exploit method bypasses URL rewrite mitigations for the Autodiscover endpoint," CrowdStrike researchers Brian Pitchford,

CVE-2022-38391: Security Bulletin: IBM Spectrum Control is vulnerable to multiple weaknesses related IBM WebSphere Application Server Liberty and FasterXML jackson-databind

IBM Spectrum Control 5.4 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 233982.

'Blindside' Attack Subverts EDR Platforms From Windows Kernel

The technique loads a nonmonitored and unhooked DLL, and leverages debug techniques that could allow for running arbitrary code.

Google Disruption Fails to Stop Glupteba Botnet

By Deeba Ahmed In December 2021, Google announced that it had disrupted the Glupteba botnet and filed a lawsuit against two of its Russian operators, but it turned out that the botnet was back and kicking. This is a post from HackRead.com Read the original post: Google Disruption Fails to Stop Glupteba Botnet