Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

CVE-2022-34711

Windows Defender Credential Guard Elevation of Privilege Vulnerability. This CVE ID is unique from CVE-2022-34705, CVE-2022-35771.

CVE
Open in Source
#vulnerability#windows
CVE-2020-21642: ManageEngine Analytics Plus | Release Notes

Directory Traversal vulnerability ZDBQAREFSUBDIR parameter in /zropusermgmt API in Zoho ManageEngine Analytics Plus before 4350 allows remote attackers to run arbitrary code.

CVE-2020-23622: CVE-2020-12695: CallStranger Vulnerability in Universal Plug and Play (UPnP) Puts Billions of Devices At Risk

** UNSUPPORTED WHEN ASSIGNED ** An issue in the UPnP protocol in 4thline cling 2.0.0 through 2.1.2 allows remote attackers to cause a denial of service via an unchecked CALLBACK parameter in the request header.

Most Q2 Attacks Targeted Old Microsoft Vulnerabilities

The most heavily targeted flaw last quarter was a remote code execution vulnerability in Microsoft Office that was disclosed and patched four years ago.

Windows, Linux and macOS Users Targeted by Chinese Iron Tiger APT Group

By Deeba Ahmed Chinese Espionage Group called Iron Tiger (aka LuckyMouse) is targeting Windows, Linux, and macOS Users with trojanized MiMi… This is a post from HackRead.com Read the original post: Windows, Linux and macOS Users Targeted by Chinese Iron Tiger APT Group

Windows Credential Guard Domain-Joined Device Public Key Privilege Escalation

On Windows, when registered to use a public key for computer authentication, the certificate is stored in a user accessible registry key leading to elevation of privilege.

Win32.Ransom.BlueSky MVID-2022-0632 Code Execution

The BlueSky Win32.Ransom.BlueSky ransomware looks for and executes arbitrary DLLs in its current working directory. Therefore, we can hijack a DLL, execute our own code, and control and terminate the malware pre-encryption. The exploit DLL checks if the current directory is "C:\Windows\System32" and if not we grab our own process ID and terminate. All basic tests were conducted successfully in a virtual machine environment.

CVE-2022-38221: Discovering a Buffer Overflow in The Isle Evrima Dedicated Server - TakeTheBait

A buffer overflow in the FTcpListener thread in The Isle Evrima (the dedicated server on Windows and Linux) 0.9.88.07 before 2022-08-12 allows a remote attacker to crash any server with an accessible RCON port, or possibly execute arbitrary code.

CVE-2022-37400: security - CVE-2022-37400: Apache OpenOffice Static Initialization Vector Allows to Recover Passwords for Web Connections Without Knowing the Master Password

Apache OpenOffice supports the storage of passwords for web connections in the user's configuration database. The stored passwords are encrypted with a single master key provided by the user. A flaw in OpenOffice existed where the required initialization vector for encryption was always the same which weakens the security of the encryption making them vulnerable if an attacker has access to the user's configuration data. This issue affects: Apache OpenOffice versions prior to 4.1.13. Reference: CVE-2022-26306 - LibreOffice