Security
Headlines
HeadlinesLatestCVEs

Tag

#zero_day

Black Hat Europe redux: The top web hacking talks for 2022

Catch up on the highlights of last week’s cybersecurity conference

PortSwigger
Open in Source
#sql#vulnerability#web#android#google#amazon#js#java#intel#aws#zero_day#ruby
CVE-2021-3942: Certain HP Print Products, Digital Sending Products - Potential remote code execution and buffer overflow

Certain HP Print products and Digital Sending products may be vulnerable to potential remote code execution and buffer overflow with use of Link-Local Multicast Name Resolution or LLMNR.

CVE-2022-44648: ZDI-22-1618

An Out-of-bounds read vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is similar to, but not the same as CVE-2022-44647.

CVE-2022-44649: ZDI-22-1619

An out-of-bounds access vulnerability in the Unauthorized Change Prevention service of Trend Micro Apex One and Apex One as a Service could allow a local attacker to elevate privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.

CVE-2022-44647: ZDI-22-1617

An Out-of-bounds read vulnerability in Trend Micro Apex One and Apex One as a Service could allow a local attacker to disclose sensitive information on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. This is similar to, but not the same as CVE-2022-44648.

Zombinder on Dark Web Lets Hackers Add Malware to Legit Apps

By Deeba Ahmed At the moment, Zombinder is focusing entirely on Android apps but the service operators are offering Windows apps binding services. This is a post from HackRead.com Read the original post: Zombinder on Dark Web Lets Hackers Add Malware to Legit Apps

43 Trillion Security Data Points Illuminate Our Most Pressing Threats

A new report helps companies understand an ever-changing threat landscape and how to strengthen their defenses against emerging cybersecurity trends.

CVE-2022-38765: Canon Medical Software Security Updates

Canon Medical Informatics Vitrea Vision 7.7.76.1 does not adequately enforce access controls. An authenticated user is able to gain unauthorized access to imaging records by tampering with the vitrea-view/studies/search patientId parameter.

Pwn2Own Day 1 and 2: Samsung, HP, MikroTik & Netgear Pwned

By Habiba Rashid Here is everything you need to know about the first two days at the Pwn2Own hacking contest. This is a post from HackRead.com Read the original post: Pwn2Own Day 1 and 2: Samsung, HP, MikroTik & Netgear Pwned