The vulnerability of the web interface of the microprogramming software for industrial LTE modems of the Moxa OnCell G3150A-LTE, OnCell G3470A-LTE, and WDR-3124A series, as well as the microprogramming software for wireless access points for industrial systems of the Moxa AWK-3131A, AWK-4131A, AWK-1131A, and AWK-1137C models, allows a perpetrator to execute arbitrary commands.

The vulnerability of the web interface of microprogramming software for industrial LTE modems of the Moxa OnCell G3150A-LTE, OnCell G3470A-LTE, and WDR-3124A series, as well as of microprogramming software for wireless access points for industrial systems of the Moxa AWK-3131A, AWK-4131A,...

VPN vs. DNS Security

When you are trying to get another layer of cyber protection that would not require a lot of resources, you are most likely choosing between a VPN service & a DNS Security solution. Let's discuss both. VPN Explained VPN stands for Virtual Private Networks and basically hides your IP and provides ...

The vulnerability of the USB Serial Driver driver for the Windows operating system allows a perpetrator to gain unauthorized access to confidential information.

The vulnerability of the USB Serial Driver driver for the Windows operating system is related to the lack of protection for service data. Exploiting this vulnerability can allow an attacker to gain unauthorized access to confidential information...

PT-2022-5641 · Microsoft · 365 Apps For Enterprise +2

Name of the Vulnerable Software and Affected Versions: Microsoft 365 Apps for Enterprise versions affected versions not specified Microsoft Office versions affected versions not specified Microsoft Excel versions affected versions not specified Description: The issue is related to a lack of...

PT-2022-5494 · Microsoft · Windows

Name of the Vulnerable Software and Affected Versions: Windows affected versions not specified Description: The issue is related to insufficient protection of internal data in the Windows GDI+ interface, which can allow an attacker to gain unauthorized access to protected information using a...

PT-2022-5451 · Microsoft · Windows Network Policy Server +1

Name of the Vulnerable Software and Affected Versions: Windows Network Policy Server NPS affected versions not specified Description: The issue is related to insufficient protection of service data in the Network Policy Server NPS of Windows operating systems. This can allow a remote attacker to...

PT-2022-5471 · Microsoft · Dynamics 365 Business Central +1

Name of the Vulnerable Software and Affected Versions: Microsoft Dynamics 365 Business Central affected versions not specified Microsoft Dynamics NAV affected versions not specified Description: The issue is related to insufficient protection of sensitive data in Microsoft Dynamics 365 Business...

Identifying cyberthreats quickly with proactive security testing

The security community is continuously changing, growing, and learning from each other to better position the world against cyberthreats. In the latest post of our Community Voices blog series, Microsoft Security Senior Product Marketing Manager Brooke Lynn Weenig talks with Matthew Hickey,...

Identifying cyberthreats quickly with proactive security testing

The security community is continuously changing, growing, and learning from each other to better position the world against cyberthreats. In the latest post of our Community Voices blog series, Microsoft Security Senior Product Marketing Manager Brooke Lynn Weenig talks with Matthew Hickey,...

The vulnerability of the full-screen mode implementations of Google Chrome and Microsoft Edge allows a perpetrator to compromise the integrity, accessibility, and confidentiality of the protected information.

The vulnerability of the full-screen mode implementations of Google Chrome and Microsoft Edge is related to insufficient protection of service data. Exploiting this vulnerability allows a malicious actor to compromise the integrity, accessibility, and confidentiality of the protected information...

The vulnerability of the IBM CICS TX Advanced application server, related to insufficient protection of operational data, allows attackers to gain unauthorized access to protected information.

The vulnerability of the IBM CICS TX Advanced application server is related to insufficient protection for operational data. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

CVE-2022-42818

This issue was addressed with improved data protection. This issue is fixed in macOS Ventura 13. A user in a privileged network position may be able to track user activity...

CVE-2022-42815

This issue was addressed with improved data protection. This issue is fixed in macOS Ventura 13. An app may be able to access user-sensitive data...

CVE-2022-42815

This issue was addressed with improved data protection. This issue is fixed in macOS Ventura 13. An app may be able to access user-sensitive data...

CVE-2022-42818

This issue was addressed with improved data protection. This issue is fixed in macOS Ventura 13. A user in a privileged network position may be able to track user activity...

CVE-2022-32918

This issue was addressed with improved data protection. This issue is fixed in iOS 16, macOS Ventura 13. An app may be able to bypass Privacy preferences...

CVE-2022-32862

This issue was addressed with improved data protection. This issue is fixed in macOS Big Sur 11.7.1, macOS Ventura 13, macOS Monterey 12.6.1. An app with root privileges may be able to access private information...

CVE-2022-32867

This issue was addressed with improved data protection. This issue is fixed in iOS 16, macOS Ventura 13. A user with physical access to an iOS device may be able to read past diagnostic logs...

Design/Logic Flaw

This issue was addressed with improved data protection. This issue is fixed in iOS 16, macOS Ventura 13. A user with physical access to an iOS device may be able to read past diagnostic logs...

Authentication flaw

This issue was addressed with improved data protection. This issue is fixed in iOS 16, macOS Ventura 13. An app may be able to bypass Privacy preferences...