Facebook bug could have allowed attacker to take over accounts

A vulnerability in Facebook could have allowed an attacker to take over a Facebook account without the victim needing to click on anything at all. The bug was found by a bounty hunter from Nepal called Samip Aryal and has now been fixed by Facebook. In his search for an account takeover...

Google libwebp open source library remote code execution vulnerability

WebP is an image format developed by Google, which supports lossy and lossless compression of network images, and its compression effect and speed have certain advantages over PNG and JPEG formats. libwebp is a C/C++ open source library that implements the coding and decoding of the WebP image...

CVE-2022-31887

Marval MSM v14.19.0.12476 has a 0-Click Account Takeover vulnerability which allows an attacker to change any user's password in the organization, this means that the user can also escalate achieve Privilege Escalation by changing the administrator password...

CVE-2022-31887

CVE-2022-31887 affects Marval MSM v14.19.0.12476 and enables a 0-click account takeover that allows an attacker to change any user’s password within the organization, which can lead to privilege escalation by altering the administrator password. The issue is described consistently across sources ...