Aggregator

A vulnerability has been found in EasyVista 2020.2.125.3/2022.1.109.0.03 and classified as critical. Affected by this vulnerability is an unknown functionality. The manipulation leads to sql injection. This vulnerability is known as CVE-2022-38490. The attack can be launched remotely. There is no exploit available.

A vulnerability was found in EasyVista 2020.2.125.3/2022.1.109.0.03 and classified as critical. Affected by this issue is some unknown functionality. The manipulation leads to sql injection. This vulnerability is handled as CVE-2022-38492. The attack may be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability, which was classified as problematic, has been found in Mega HOPEX. Affected by this issue is some unknown functionality. The manipulation leads to cross site scripting. This vulnerability is handled as CVE-2022-38481. The attack may be launched remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

A vulnerability, which was classified as problematic, was found in EasyVista 2020.2.125.3. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is uniquely identified as CVE-2022-38489. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

A vulnerability has been found in Zebra Enterprise Home Screen 4.1.19 and classified as critical. This vulnerability affects unknown code of the component Embedded Google Chrome Application. The manipulation leads to privilege escalation. This vulnerability was named CVE-2022-36442. The attack needs to be done within the local network. There is no exploit available.

AttackIQ has released a new attack graph designed to emulate the Tactics, Techniques, and Procedures (TTPs) associated with CatB ransomware observed in its most recent activities, enabling defenders to test and validate their detection and response capabilities.

The post Emulating the Misleading CatB Ransomware appeared first on AttackIQ.

The post Emulating the Misleading CatB Ransomware appeared first on Security Boulevard.

泛微云桥20240725存在未授权文件上传fileUploadForCowork_fileUpload

JdkDynamicAopProxy动态代理invoke经过拦截器，反射调用切面方法

A vulnerability has been found in SimplyRETS Real Estate IDX Plugin up to 3.0.3 on WordPress and classified as problematic. This vulnerability affects unknown code. The manipulation leads to cross site scripting. This vulnerability was named CVE-2025-31011. The attack can be initiated remotely. There is no exploit available.

Microsoft Reportedly Alerted Office of the Comptroller of the Currency to Breach
For nearly two years, hackers reportedly spied on 150,000 "highly sensitive" emails sent and received by America's banking regulator, the Office of the Comptroller of the Currency. The OCC said it's continuing to probe the "major information security incident."