Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

Taking the Danger Out of IT/OT Convergence

The Colonial Pipeline attack highlighted the risks of convergence. Unified security provides a safer way to proceed.

DARKReading
Open in Source
#vulnerability#mac#windows#git#intel#samba
How To Screencast on Windows 10

By Owais Sultan Screen recorder for Windows is a useful feature that comes in handy for a variety of tasks, especially… This is a post from HackRead.com Read the original post: How To Screencast on Windows 10

CVE-2022-28394: アラート/アドバイザリ:パスワードマネージャーの脆弱性について (CVE-2022-28394)

EOL Product CVE - Installer of Trend Micro Password Manager (Consumer) versions 3.7.0.1223 and below provided by Trend Micro Incorporated contains an issue with the DLL search path, which may lead to insecurely loading Dynamic Link Libraries (CWE-427). Please note that this was reported on an EOL version of the product, and users are advised to upgrade to the latest supported version (5.x).

ChromeLoader Browser Malware Spreading Via Pirated Games and QR Codes

By Waqas A new malvertising campaign has emerged in which ChromeLoader malware is being used to hijack browsers and steal… This is a post from HackRead.com Read the original post: ChromeLoader Browser Malware Spreading Via Pirated Games and QR Codes

Microsoft Unveils Dev Box, a Workstation-as-a-Service

Microsoft Dev Box will make it easier for developers and hybrid teams to get up and running with workstations already preconfigured with required applications and tools.

Microsoft Patch Tuesday May 2022: Edge RCE, PetitPotam LSA Spoofing, bad patches

Hello everyone! This episode will be about Microsoft Patch Tuesday for May 2022. Sorry for the delay, this month has been quite intense. As usual, I’m using my Vulristics project and going through not only the vulnerabilities that were presented on May 10th, but all the MS vulnerabilities presented by Microsoft since the previous Patch […]

CVE-2022-26774: About the security content of iTunes 12.12.4 for Windows

A logic issue was addressed with improved state management. This issue is fixed in iTunes 12.12.4 for Windows. A local attacker may be able to elevate their privileges.

CVE-2022-29632: There is a File upload vulnerability exists in roncoo-education · Issue #16 · roncoo/roncoo-education

An arbitrary file upload vulnerability in the component /course/api/upload/pic of Roncoo Education v9.0.0 allows attackers to execute arbitrary code via a crafted file.

CVE-2022-30495: OpenSource/exploit_idor_asms.md at main · nsparker1337/OpenSource

In oretnom23 Automotive Shop Management System v1.0, the name id parameter is vulnerable to IDOR - Broken Access Control allowing attackers to change the admin password(vertical privilege escalation)

CVE-2022-30516: GitHub - Danie1233/Hospital-Management-System-V1.0-SQLi

In Hospital-Management-System v1.0, the editid parameter in the doctor.php page is vulnerable to SQL injection attacks.