What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2022-07-20 12:15:08 | CVE-2022-2488 (lien direct) | A vulnerability was found in WAVLINK WN535K2 and WN535K3 and classified as critical. This issue affects some unknown processing of the file /cgi-bin/touchlist_sync.cgi. The manipulation of the argument IP leads to os command injection. The exploit has been disclosed to the public and may be used. | Vulnerability Guideline | ||
|
2022-07-20 12:15:08 | CVE-2022-2487 (lien direct) | A vulnerability has been found in WAVLINK WN535K2 and WN535K3 and classified as critical. This vulnerability affects unknown code of the file /cgi-bin/nightled.cgi. The manipulation of the argument start_hour leads to os command injection. The exploit has been disclosed to the public and may be used. | Vulnerability Guideline | ||
|
2022-07-20 12:15:08 | CVE-2022-2491 (lien direct) | A vulnerability has been found in SourceCodester Library Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file lab.php. The manipulation of the argument Section with the input 1' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,CONCAT(0x71716b7171,0x546e4444736b7743575a666d4873746a6450616261527a67627944426946507245664143694c6a4c,0x7162706b71),NULL,NULL,NULL,NULL# leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | Vulnerability Guideline | ||
|
2022-07-20 12:15:08 | CVE-2022-2490 (lien direct) | A vulnerability classified as critical has been found in SourceCodester Simple E-Learning System 1.0. Affected is an unknown function of the file search.php. The manipulation of the argument classCode with the input 1'||(SELECT 0x74666264 WHERE 5610=5610 AND (SELECT 7504 FROM(SELECT COUNT(*),CONCAT(0x7171627a71,(SELECT (ELT(7504=7504,1))),0x71717a7071,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a))||' leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | Vulnerability Guideline | ||
|
2022-07-20 12:15:08 | CVE-2022-2489 (lien direct) | A vulnerability was found in SourceCodester Simple E-Learning System 1.0. It has been rated as critical. This issue affects some unknown processing of the file classRoom.php. The manipulation of the argument classCode with the input 1'||(SELECT 0x6770715a WHERE 8795=8795 AND (SELECT 8342 FROM(SELECT COUNT(*),CONCAT(0x7171786b71,(SELECT (ELT(8342=8342,1))),0x717a7a7671,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a))||' leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | Vulnerability Guideline | ||
|
2022-07-20 12:15:08 | CVE-2022-2486 (lien direct) | A vulnerability, which was classified as critical, was found in WAVLINK WN535K2 and WN535K3. This affects an unknown part of the file /cgi-bin/mesh.cgi?page=upgrade. The manipulation of the argument key leads to os command injection. The exploit has been disclosed to the public and may be used. | Guideline | ||
|
2022-07-20 07:15:08 | CVE-2022-33967 (lien direct) | squashfs filesystem implementation of U-Boot versions from v2020.10-rc2 to v2022.07-rc5 contains a heap-based buffer overflow vulnerability due to a defect in the metadata reading process. Loading a specially crafted squashfs image may lead to a denial-of-service (DoS) condition or arbitrary code execution. | Vulnerability Guideline | ||
|
2022-07-20 06:15:07 | CVE-2021-46828 (lien direct) | In libtirpc before 1.3.3rc1, remote attackers could exhaust the file descriptors of a process that uses libtirpc because idle TCP connections are mishandled. This can, in turn, lead to an svc_run infinite loop without accepting new connections. | Guideline | ||
 |
2022-07-20 05:00:05 | Veracode Achieves Public Sector Milestone with FedRAMP Authorization (lien direct) | The software security landscape has drastically evolved over the past few years. Think back to the start of COVID-19. The sudden shift to virtual operations expediated digital transformations. Government agencies now have to release new digital products and services in tighter timeframes, causing public sector leadership to choose between speed of deployments or verifiably secure code. The data says it all... According to research conducted by the Enterprise Strategy Group (ESG), 85 percent of organizations push vulnerable code to production and 54 percent do so in order to meet critical deadlines. This need for speed isn't only driving government agencies and contractors to push vulnerable code to production – it's changing the way applications are developed. Increased reliance on microservices and open-source libraries means that applications are assembled as much as they are written. This is made evident in version 12, our most recent, State of Software Security (SOSS) report by… | Guideline | ||
 |
2022-07-20 02:44:15 | Unpatched GPS Tracker Bugs Could Let Attackers Disrupt Vehicles Remotely (lien direct) | The U.S. Cybersecurity and Infrastructure Security Agency (CISA) is warning of a handful of unpatched security vulnerabilities in MiCODUS MV720 Global Positioning System (GPS) trackers outfitted in over 1.5 million vehicles that could lead to remote disruption of critical operations. "Successful exploitation of these vulnerabilities may allow a remote actor to exploit access and gain control of | Guideline | ||
 |
2022-07-20 02:00:00 | Breaking down CIS\'s new software supply chain security guidance (lien direct) | Securing the software supply chain continues to be one of the most discussed topics currently among IT and cybersecurity leaders. A study by In-Q-Tel researchers shows a rapid rise in software supply chain attacks starting around 2016, going from almost none in 2015 to about 1,500 in 2020. The Cloud Native Computing Foundation's (CNCF's) catalog of software supply chain attacks also supports a rise in this attack vector.To read this article in full, please click here | Guideline | ||
|
2022-07-19 17:15:08 | CVE-2022-22417 (lien direct) | IBM Sterling Partner Engagement Manager 6.1.2, 6.2, and Cloud/SasS 22.2 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 223127. | Vulnerability Guideline | ||
|
2022-07-19 17:15:08 | CVE-2022-22416 (lien direct) | IBM Sterling Partner Engagement Manager 6.1.2, 6.2, and Cloud/SasS 22.2 is vulnerable to server-side request forgery (SSRF). This may allow an authenticated attacker to send unauthorized requests from the system, potentially leading to network enumeration or facilitating other attacks. IBM X-Force ID: 223126. | Guideline | ||
 |
2022-07-19 15:33:01 | Authentication Risks Discovered in Okta Platform (lien direct) | Four newly discovered attack paths could lead to PII exposure, account takeover, even organizational data destruction. | Guideline | ||
 |
2022-07-19 15:10:00 | Anomali Cyber Watch: H0lyGh0st Ransomware Earns for North Korea, OT Unlocking Tools Drop Sality, Switch-Case-Oriented Programming for ChromeLoader, and More (lien direct) | The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: APT, DDoS, North Korea, Obfuscation, Phishing, Ransomware, Russia, Trojans, and Vulnerabilities. The IOCs related to these stories are attached to Anomali Cyber Watch and can be used to check your logs for potential malicious activity.
Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.
Trending Cyber News and Threat Intelligence
Digium Phones Under Attack: Insight Into the Web Shell Implant
(published: July 15, 2022)
Palo Alto Unit42 researchers have uncovered a large-scale campaign targeting Elastix VoIP telephony servers used in Digium phones. The attackers were exploiting CVE-2021-45461, a remote code execution (RCE) vulnerability in the Rest Phone Apps (restapps) module. The attackers used a two-stage malware: initial dropper shell script was installing the PHP web shell backdoor. The malware achieves polymorphism through binary padding by implanting a random junk string into each malware download. This polymorphism allowed Unit42 to detect more than 500,000 unique malware samples from late December 2021 till the end of March 2022. The attackers use multilayer obfuscation, schedules tasks, and new user creation for persistence.
Analyst Comment: Potentially affected FreePBX users should update their restapps (the fixed versions are 15.0.20 and 16.0.19, or newer). New polymorphic threats require a defense-in-depth strategy including malware sandbox detection and orchestrating multiple security appliances and applications.
MITRE ATT&CK: [MITRE ATT&CK] Obfuscated Files or Information - T1027 | [MITRE ATT&CK] Scheduled Task - T1053 | [MITRE ATT&CK] Create Account - T1136 | [MITRE ATT&CK] Indicator Removal on Host - T1070 | [MITRE ATT&CK] Ingress Tool Transfer - T1105
Tags: CVE-2021-45461, Digium Asterisk, PHP Web Shell, Binary padding, Rest Phone Apps, restapps, FreePBX, Elastix
North Korean Threat Actor Targets Small and Midsize Businesses with H0lyGh0st Ransomware
(published: July 14, 2022)
Microsoft researchers have linked an emerging ransomware group, H0lyGh0st Ransomware (DEV-0530) to financially-motivated North Korean state-sponsored actors. In June-October 2021, H0lyGh0st used SiennaPurple ransomware family payloads written in C++, then switched to variants of the SiennaBlue ransomware family written in Go. Microsoft detected several successfully compromised small-to-mid-sized businesses, including banks, event and meeting planning companies, manufacturing organizations, and schools.
Analyst Comment: Small-to-mid-sized businesses should consider enforcing multi-factor authentication (MFA) on all accounts, cloud hardening, and regular deployment of updates with Active Directory being the top priority.
MITRE ATT&CK: [MITRE ATT&CK] Data Encrypted for Impact - T1486 | [MITRE ATT&CK] Scheduled Task - T1053 | |
Ransomware Malware Tool Vulnerability Threat Guideline | ||
 |
2022-07-19 13:13:44 | British Jeweller Graff Paid £6 Million Ransom To Attackers Then Sued Insurers (lien direct) | As reported by SecurityAffairs, in September 2021, the Conti ransomware gang hit high society jeweller Graff and threatens to release private details of world leaders, actors and tycoons. Graff decided to pay a £6m ($7.5 million) ransom to Conti to avoid the leak of its customers' data and sued its insurance company Travelers for refusing […] | Ransomware Guideline | ||
|
2022-07-19 10:15:08 | CVE-2022-2467 (lien direct) | A vulnerability has been found in SourceCodester Garage Management System 1.0 and classified as critical. This vulnerability affects unknown code of the file /login.php. The manipulation of the argument username with the input 1@a.com' AND (SELECT 6427 FROM (SELECT(SLEEP(5)))LwLu) AND 'hsvT'='hsvT leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | Vulnerability Guideline | ||
|
2022-07-19 10:15:08 | CVE-2022-2468 (lien direct) | A vulnerability was found in SourceCodester Garage Management System 1.0 and classified as critical. This issue affects some unknown processing of the file /editbrand.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | Vulnerability Guideline | ||
 |
2022-07-19 10:00:00 | What roles do humans play in cyber breaches (lien direct) | This blog was written by an independent guest blogger. Data is the most valuable asset of any organization, and most employees have access to secure business data. This makes them the first line of defense against combating a cyber-attack. However, hackers target vulnerable employees with insecure devices and sophisticated techniques to access the company's network and compromise valuable data. Human error enables a vast majority of cybersecurity problems. Many employees are already aware of the dangers that their mistakes can pose. A study found that nearly 88% of all data breaches result from employee mistakes. In addition, 60% of cybersecurity professionals accepted that their staff is the weakest link in IT security. It is high time for organizations and employees to take measures to reduce the attack surface and ensure a robust cybersecurity culture. Why humans are the weakest link in any organization? The cybersecurity threat landscape is becoming complex and threatening even with practicing strict cybersecurity regulations and using emerging technologies. Against this growing threat landscape, 57% of businesses assume that their IT security team might become compromised, and the most significant threat against the cyber-attacks is their employees. Humans are the weakest link in any business organization and continue to drive data breaches. The Verizon Data Breach Incident Report 2022 finds that 82% of cyber breaches involved the human element. By human element, it is meant that a breach can occur because of clicking on a link in a phishing email, reusing the same old passwords, or using the internet without hiding their IP. For example, a notable venture capital firm, Sequoia Capital, got hacked in February 2021. The hacking incident occurred because employees fell victim to a phishing attack that exposed its investors' personal and financial information to third parties. Besides this, there are a few other reasons that make employees vulnerable: Inadequate software security Employees tend to be careless when they perform the same task regularly. It turns their work into something that focuses more on efficiency than carefulness. As a result, they start neglecting to follow proper security procedures and practices and often compromise the cybersecurity of the entire organization. They even neglect updates because they consume more time or the pop-ups are inconvenient, leaving software vulnerable to cyber-attacks. Moreover, some employees continue to use legacy software with known vulnerabilities. They typically use such software because they’re used to it - not because it has exclusive features. In addition, employees sometimes disable security update options because they think it hinders their work. Such actions compromise the entire security of the organization. Low security awareness Hackers easily install malware, spyware, or ransomware through vulnerable or careless employees. Most employees have low security awareness about the evolving cyber threats and attacks that expose them to malicious actors to access the company's data. Employees even use or download unauthor | Data Breach Malware Threat Guideline | ||
 |
2022-07-19 08:45:52 | (Déjà vu) Vulnerability Spotlight: Issue in Accusoft ImageGear could lead to memory corruption, code execution (lien direct) |  Emmanuel Tacheau of Cisco Talos discovered these vulnerabilities. Blog by Jon Munshaw. Cisco Talos recently discovered a use-after-free vulnerability in Accusoft ImageGear's PSD header processing function. The ImageGear library is a document-imaging developer toolkit that allows users to create, edit, annotate and convert various images. It supports more than 100 file formats such as DICOM, PDF and Microsoft Office. This vulnerability, TALOS-2022-1526 (CVE-2022-29465) could allow an attacker to cause a use-after-free condition by tricking the targeted user into opening a malformed .psd file in the application. The vulnerability leads to out-of-bounds heap writes, which causes memory corruption and, possibly, code execution. In adherence to Cisco's vulnerability disclosure policy, Accusoft patched this issue and released an update for ImageGear.Talos tested and confirmed Accusoft ImageGear, version 19.10, is affected by this vulnerability.  The following Snort rules will detect exploitation attempts against this vulnerability: 60228 and 60229. Additional rules may be released in the future and current rules are subject to change, pending additional vulnerability information. For the most current rule information, please refer to your Cisco Secure Firewall Management Center or Snort.org. |
Vulnerability Guideline | ||
|
2022-07-19 03:34:00 | Unauthorized access jumped 4x in 2021 (lien direct) | Security breaches from issues associated with supply chain and third-party suppliers have recorded an unprecedented jump of 297%, representing about a fourth of all the security breaches in 2021 in the US, according to a study by digital identity and access management platform ForgeRock.The 2022 Consumer Identity and Breach Report found unauthorized access to be the leading infection vector for the breaches, accounting for 50% of all records compromised in 2021.The average cost of a breach in the US, according to the report, was $9.5 million, which is the highest in the world and up 16% from $8.2 million in 2020.For the study, ForgeRock gathered data from several sources including the Identity Theft Resource Centre, Forrester Research, and the Ponemon Institute, between January 1, 2021 and December 1, 2021.To read this article in full, please click here | Guideline | ||
|
2022-07-18 18:15:08 | CVE-2021-29788 (lien direct) | IBM Engineering Requirements Quality Assistant On-Premises (All versions) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 203310. | Vulnerability Guideline | ||
|
2022-07-18 18:15:08 | CVE-2021-29790 (lien direct) | IBM Engineering Requirements Quality Assistant On-Premises (All versions) is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 203440. | Vulnerability Guideline | ||
 |
2022-07-18 16:15:39 | Get Comprehensive Insights into Your Network with Secure Analytics and MITRE Mappings (lien direct) | A deep dive into the latest updates from Secure Network and Cloud Analytics that show Cisco's leadership in the Security Industry. | Guideline | ||
 |
2022-07-18 12:51:46 | Extortionists target restaurants, demand money to take down bad reviews (lien direct) | We take a look at reports of organised review bombing, leading to extortion threats to get the negative ratings removed. | Guideline | ||
|
2022-07-18 09:15:08 | CVE-2016-15003 (lien direct) | A vulnerability has been found in FileZilla Client 3.17.0.0 and classified as problematic. This vulnerability affects unknown code of the file C:\Program Files\FileZilla FTP Client\uninstall.exe of the component Installer. The manipulation leads to unquoted search path. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. | Vulnerability Guideline | ||
 |
2022-07-18 07:23:20 | Graff paid a $7.5M ransom and sued its insurance firm for refusing to cover this payment (lien direct) | >The high-end British jeweler Graff paid a £6 million ransom after the ransomware attack it suffered in 2021. In September 2021, the Conti ransomware gang hit high society jeweler Graff and threatens to release private details of world leaders, actors and tycoons The customers of the company are the richest people on the globe, including […] | Ransomware Guideline | ||
|
2022-07-17 22:15:08 | CVE-2022-26352 (lien direct) | An issue was discovered in the ContentResource API in dotCMS 3.0 through 22.02. Attackers can craft a multipart form request to post a file whose filename is not initially sanitized. This allows directory traversal, in which the file is saved outside of the intended storage location. If anonymous content creation is enabled, this allows an unauthenticated attacker to upload an executable file, such as a .jsp file, that can lead to remote code execution. | Guideline | ||
|
2022-07-17 19:15:18 | CVE-2022-30550 (lien direct) | An issue was discovered in the auth component in Dovecot 2.2 and 2.3 before 2.3.20. When two passdb configuration entries exist with the same driver and args settings, incorrect username_filter and mechanism settings can be applied to passdb definitions. These incorrectly applied settings can lead to an unintended security configuration and can permit privilege escalation in certain configurations. The documentation does not advise against the use of passdb definitions that have the same driver and args settings. One such configuration would be where an administrator wishes to use the same PAM configuration or passwd file for both normal and master users but use the username_filter setting to restrict which of the users is able to be a master user. | Guideline | ||
|
2022-07-17 11:15:09 | CVE-2022-2168 (lien direct) | The Download Manager WordPress plugin before 3.2.44 does not escape a generated URL before outputting it back in an attribute of the history dashboard, leading to Reflected Cross-Site Scripting | Guideline | ||
|
2022-07-17 11:15:09 | CVE-2022-2173 (lien direct) | The Advanced Database Cleaner WordPress plugin before 3.1.1 does not escape numerous generated URLs before outputting them back in href attributes of admin dashboard pages, leading to Reflected Cross-Site Scripting | Guideline | ||
|
2022-07-17 11:15:09 | CVE-2022-2187 (lien direct) | The Contact Form 7 Captcha WordPress plugin before 0.1.2 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsers | Guideline | ||
|
2022-07-17 11:15:08 | CVE-2022-2090 (lien direct) | The Discount Rules for WooCommerce WordPress plugin before 2.4.2 does not escape a parameter before outputting it back in an attribute of the plugin's discount rule page, leading to Reflected Cross-Site Scripting | Guideline | ||
|
2022-07-17 11:15:08 | CVE-2022-1933 (lien direct) | The CDI WordPress plugin before 5.1.9 does not sanitise and escape a parameter before outputting it back in the response of an AJAX action (available to both unauthenticated and authenticated users), leading to a Reflected Cross-Site Scripting | Guideline | ||
|
2022-07-17 07:15:07 | CVE-2015-10003 (lien direct) | A vulnerability, which was classified as problematic, was found in FileZilla Server up to 0.9.50. This affects an unknown part of the component PORT Handler. The manipulation leads to unintended intermediary. It is possible to initiate the attack remotely. Upgrading to version 0.9.51 is able to address this issue. It is recommended to upgrade the affected component. | Guideline | ||
|
2022-07-16 07:15:08 | CVE-2017-20134 (lien direct) | A vulnerability, which was classified as critical, has been found in Itech Freelancer Script 5.13. Affected by this issue is some unknown functionality of the file /category.php. The manipulation of the argument sk leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. | Guideline | ||
|
2022-07-16 07:15:08 | CVE-2017-20137 (lien direct) | A vulnerability was found in Itech B2B Script 4.28. It has been rated as critical. This issue affects some unknown processing of the file /catcompany.php. The manipulation of the argument token with the input 704667c6a1e7ce56d3d6fa748ab6d9af3fd7' AND 6539=6539 AND 'Fakj'='Fakj leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | Vulnerability Guideline | ||
|
2022-07-16 07:15:08 | CVE-2017-20132 (lien direct) | A vulnerability was found in Itech Multi Vendor Script 6.49 and classified as critical. This issue affects some unknown processing of the file /multi-vendor-shopping-script/product-list.php. The manipulation of the argument pl leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. | Vulnerability Guideline | ||
|
2022-07-16 07:15:08 | CVE-2017-20135 (lien direct) | A vulnerability classified as critical was found in Itech Dating Script 3.26. Affected by this vulnerability is an unknown functionality of the file /see_more_details.php. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | Vulnerability Guideline | ||
|
2022-07-16 07:15:08 | CVE-2017-20136 (lien direct) | A vulnerability classified as critical has been found in Itech Classifieds Script 7.27. Affected is an unknown function of the file /subpage.php. The manipulation of the argument scat with the input =51' AND 4941=4941 AND 'hoCP'='hoCP leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | Vulnerability Guideline | ||
|
2022-07-16 07:15:08 | CVE-2017-20133 (lien direct) | A vulnerability, which was classified as critical, was found in Itech Job Portal Script 9.13. This affects an unknown part of the file /admin. The manipulation leads to improper authentication. It is possible to initiate the attack remotely. | Guideline | ||
|
2022-07-16 07:15:08 | CVE-2017-20138 (lien direct) | A vulnerability was found in Itech Auction Script 6.49. It has been classified as critical. This affects an unknown part of the file /mcategory.php. The manipulation of the argument mcid with the input 4' AND 1734=1734 AND 'Ggks'='Ggks leads to sql injection (Blind). It is possible to initiate the attack remotely. | Vulnerability Guideline | ||
|
2022-07-16 07:15:07 | CVE-2017-20130 (lien direct) | A vulnerability was found in Itech Real Estate Script 3.12. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file /real-estate-script/search_property.php. The manipulation of the argument property_for leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. | Vulnerability Guideline | ||
|
2022-07-16 07:15:07 | CVE-2017-20131 (lien direct) | A vulnerability was found in Itech News Portal 6.28. It has been classified as critical. Affected is an unknown function of the file /news-portal-script/information.php. The manipulation of the argument inf leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. | Vulnerability Guideline | ||
|
2022-07-15 21:07:41 | New Netwrix Auditor Bug Could Let Attackers Compromise Active Directory Domain (lien direct) | Researchers have disclosed details about a security vulnerability in the Netwrix Auditor application that, if successfully exploited, could lead to arbitrary code execution on affected devices. "Since this service is typically executed with extensive privileges in an Active Directory environment, the attacker would likely be able to compromise the Active Directory domain," Bishop Fox said in an | Vulnerability Guideline | ||
|
2022-07-15 16:15:16 | CVE-2022-34252 (lien direct) | Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | Vulnerability Guideline | ||
|
2022-07-15 16:15:14 | CVE-2022-34236 (lien direct) | Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | Vulnerability Guideline | ||
|
2022-07-15 16:15:14 | CVE-2022-34237 (lien direct) | Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.. | Vulnerability Guideline | ||
|
2022-07-15 16:15:14 | CVE-2022-34244 (lien direct) | Adobe Photoshop versions 22.5.7 (and earlier) and 23.3.2 (and earlier) are affected by an Access of Uninitialized Pointer vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | Vulnerability Guideline | ||
|
2022-07-15 16:15:14 | CVE-2022-34239 (lien direct) | Adobe Acrobat Reader versions 22.001.20142 (and earlier), 20.005.30334 (and earlier) and 17.012.30229 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file. | Vulnerability Guideline |
To see everything:
Our RSS (filtrered)
