The vulnerability of the libIEC61850 library, related to pointer assignment errors, allows a perpetrator to cause a service failure.

The vulnerability of the libIEC61850 library is related to errors in pointer assignment. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...

The vulnerability in the web interface of the Cisco Webex App, a software platform for collaborative work, allows a perpetrator to compromise data integrity.

The vulnerability of the Cisco Webex App’s web interface is related to errors in processing images of various symbols. Exploiting this vulnerability allows a malicious actor to compromise data integrity remotely...

Amazon Linux 2022 : libblkid, libblkid-devel, libfdisk (ALAS2022-2022-086)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2022-2022-086 advisory. A logic error was found in the libmount library of util-linux in the function that allows an unprivileged user to unmount a FUSE filesystem. This flaw allows an unprivileged local attacker to...

The vulnerability of SAP Enterprise Extension Defense Forces & Public Security software, related to authentication errors, allows a perpetrator to increase their privileges.

The vulnerability of SAP Enterprise Extension Defense Forces & Public Security software is related to authentication errors. Exploiting this vulnerability can allow a malicious actor to increase their privileges remotely...

The vulnerability of Eclipse Jetty servlet containers, related to errors in information processing, allows attackers to gain unauthorized access to protected information.

The vulnerability of Eclipse Jetty servlet containers is related to errors in information processing. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information...

The vulnerability of the Rsync file transfer and synchronization utility, related to authentication errors, allows a perpetrator to write arbitrary files.

The vulnerability of the Rsync file transfer and synchronization utility is related to authentication errors. Exploiting this vulnerability allows a remote attacker to write arbitrary files...

The vulnerability of the Wi-Fi router software WS7200-10, related to ICMP packet processing errors, allows a intruder to gain unauthorized access to protected information or cause service failures.

The vulnerability of the Wi-Fi router software WS7200-10 is related to ICMP packet processing errors. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information or cause service failures...

The vulnerability in the implementation of the Matrix protocol for Thunderbird email clients allows a perpetrator to carry out a DoS attack.

The vulnerability of the Thunderbird email client’s Matrix protocol is related to errors in processing input data. Exploiting this vulnerability allows a remote attacker to execute a DoS attack...

The vulnerability of the Thunderbird email client, related to errors in processing input data, allows a hacker to execute arbitrary JavaScript code.

The vulnerability of the Thunderbird email client is related to errors in processing input data. Exploiting this vulnerability allows a malicious actor to execute arbitrary JavaScript code by sending a specially crafted HTML email with a meta tag set to “refresh”...

The vulnerability of Microsoft Windows Defender operating systems, which allows a hacker to bypass security restrictions

The vulnerability of Microsoft Windows Defender operating systems is related to security configuration errors. Exploiting this vulnerability can allow attackers to circumvent security restrictions...

PT-2022-4606 · Ws7200-10 · Ws7200-10

Name of the Vulnerable Software and Affected Versions: WS7200-10 version 11.0.2.13 Description: The issue is related to errors in processing ICMP packets, which can allow a remote attacker to gain unauthorized access to protected information or cause a denial of service. Additionally, there is a...

Upgraded Q -> M from 61 [1661963759888]

Judge has assessed an item in Issue 61 as Medium risk. The relevant finding follows: --- The text was updated successfully, but these errors were encountered: All reactions...

UBUNTU-CVE-2022-35252

When curl is used to retrieve and parse cookies from a HTTPS server, itaccepts cookies using control codes that when later are sent back to a HTTPserver might make the server return 400 responses. Effectively allowing a"sister site" to deny service to all siblings...

The vulnerability of the blkfront driver in the PV command of the Xen hypervisor allows a hacker to cause a service failure.

The vulnerability of the blkfront driver in the PV command of the Xen hypervisor is caused by synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to cause service failures...

Upgraded Q -> M from 37 [1661964537299]

Judge has assessed an item in Issue 37 as Medium risk. The relevant finding follows: --- The text was updated successfully, but these errors were encountered: All reactions...

The vulnerability of the eBPF subsystem in the Linux operating system allows a hacker to disclose protected information.

The vulnerability of the eBPF subsystem in the Linux operating system is related to errors in the code. Exploiting this vulnerability can allow an attacker to disclose protected information...

WordPress Core Cross Site Scripting / SQL Injection

Description: SQL Injection via Links LIMIT clause Affected Versions: WordPress Core 6.0.2 Researcher: FVD CVE ID: Pending CVSS Score: 8.0 High CVSS Vector:CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H Fully Patched Version: 6.0.2 The WordPress Link functionality, previously known as “Bookmarks”, i...

Upgraded Q -> M from 249 [1661962692824]

Judge has assessed an item in Issue 249 as Medium risk. The relevant finding follows: --- The text was updated successfully, but these errors were encountered: All reactions...

Cyber Signals: 3 strategies for protection against ransomware

The “as a service” business model has gained widespread popularity as growing cloud adoption has made it possible for people to access important services through third-party providers. Given the convenience and agility of service offerings, perhaps it shouldn’t be surprising that the “as a servic...

The vulnerability of the blkfront component in the Xen hypervisor allows a attacker to trigger a service failure.

The vulnerability of the blkfront component in the Xen hypervisor is related to resource release errors. Exploiting this vulnerability can allow a malicious actor to cause service failures remotely...