94 matches found
EUVD-2022-30454
Malicious code in bioql PyPI...
CVE-2022-25819
OOB read vulnerability in hdcp2 device node prior to SMR Mar-2022 Release 1 allow an attacker to view Kernel stack memory...
Israeli Spyware Vendor Uses Chrome 0day to Target Journalists
By Deeba Ahmed The spyware vendor Candiru used the Chrome zero-day in March 2022 to target journalists and other unsuspected victims… This is a post from HackRead.com Read the original post: Israeli Spyware Vendor Uses Chrome 0day to Target Journalists...
Azure File Sync Agent v15.0 Release – March 2022 (KB5003882)
Update for Azure File Sync agent version 15.0.0.0. For more details, see the associated Microsoft Knowledge Base article...
Azure File Sync Agent v15.0 Release – March 2022 (KB5003882)
Update for Azure File Sync agent version 15.0.0.0. For more details, see the associated Microsoft Knowledge Base article...
Azure File Sync Agent v15.0 Release – March 2022 (KB5003882)
Update for Azure File Sync agent version 15.0.0.0. For more details, see the associated Microsoft Knowledge Base article...
A week in security (April 11 – 17)
Last week on Malwarebytes Labs: Credential-stealing malware disguises itself as Telegram, targets social media users Old Play Store apps served notice by upcoming API level changes Denonia cryptominer is first malware to target AWS Lambda Ransomware: March 2022 review Why identity management...
Monthly Threat Digest: March 2022
...
Ransomware: March 2022 review
The Malwarebytes Threat Intelligence team continuously monitors the threat landscape to stay on top of existing and emerging attacks. In this March 2022 ransomware review, we go over some of the most successful ransomware incidents based on both open source and dark web intelligence. The March da...
Vulnerability in Spring Framework Affecting Cisco Products: March 2022
On March 31, 2022, the following critical vulnerability in the Spring Framework affecting Spring MVC and Spring WebFlux applications running on JDK 9+ was released: CVE-2022-22965: Spring Framework RCE via Data Binding on JDK 9+ For a description of this vulnerability, see VMware Spring Framework...
kr.bingo-care.com Cross Site Scripting vulnerability OBB-2457443
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
Trend Micro Apex Central and Trend Micro Apex Central as a Service vulnerable to improper check for file contents
Overview Trend Micro Apex Central and Trend Micro Apex Central as a Service provided by Trend Micro Incorporated are vulnerable to improper check for file contents CWE-345, CVE-2022-26871. Trend Micro Incorporated states that attacks has been observed. Trend Micro Incorporated reported this...
CVE-2022-24790
creationtimestamp| type| source ---|---|--- 2022-03-31 02:17:52+00:00| seen| https://t.me/cibsecurity/39880...
jobassistnow.com Cross Site Scripting vulnerability OBB-2455610
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
chinafoodmachinery.com Cross Site Scripting vulnerability OBB-2455427
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
zoodubassindarcachon.com Improper Access Control vulnerability OBB-2455304
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
phdnet.mpg.de Cross Site Scripting vulnerability OBB-2454085
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
provincieantwerpen.be Cross Site Scripting vulnerability OBB-2454017
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
valor.srv.br Cross Site Scripting vulnerability OBB-2451867
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...
maua.sp.gov.br Cross Site Scripting vulnerability OBB-2449668
Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Affected Website:| maua.sp.gov.br ---|--- Open Bug Bounty...