Aggregator
CVE-2023-43862 | D-Link DIR-619L B1 2.02 formLanguageChange buffer overflow
1 year 9 months ago
A vulnerability was found in D-Link DIR-619L B1 2.02 and classified as critical. This issue affects the function formLanguageChange. The manipulation leads to buffer overflow.
The identification of this vulnerability is CVE-2023-43862. The attack can only be initiated within the local network. There is no exploit available.
vuldb.com
CVE-2024-37139 | Dell PowerProtect DD prior 2.7.7/5.16.0.0/7.7.5.40/7.10.1.30/7.13.1.0 resource control (dsa-2024-219)
1 year 9 months ago
A vulnerability was found in Dell PowerProtect DD and classified as critical. Affected by this issue is some unknown functionality. The manipulation leads to improper control of resource through lifetime.
This vulnerability is handled as CVE-2024-37139. The attack may be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-29177 | Dell PowerProtect DD prior 8.0 log file (dsa-2024-219)
1 year 9 months ago
A vulnerability was found in Dell PowerProtect DD. It has been classified as problematic. This affects an unknown part. The manipulation leads to sensitive information in log files.
This vulnerability is uniquely identified as CVE-2024-29177. It is possible to initiate the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-29176 | Dell PowerProtect DD prior 8.0 buffer overflow (dsa-2024-219)
1 year 9 months ago
A vulnerability was found in Dell PowerProtect DD. It has been declared as critical. This vulnerability affects unknown code. The manipulation leads to buffer overflow.
This vulnerability was named CVE-2024-29176. The attack can be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-37140 | Dell PowerProtect DD prior 8.0 os command injection (dsa-2024-219)
1 year 9 months ago
A vulnerability was found in Dell PowerProtect DD. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to os command injection.
The identification of this vulnerability is CVE-2024-37140. The attack may be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-37138 | Dell PowerProtect DD prior 7.7.5.40/7.10.1.30/7.13.1.0/8.0 on DDMC path traversal (dsa-2024-219)
1 year 9 months ago
A vulnerability was found in Dell PowerProtect DD on DDMC and classified as problematic. This issue affects some unknown processing. The manipulation leads to relative path traversal.
The identification of this vulnerability is CVE-2024-37138. The attack may be initiated remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-29175 | Dell PowerProtect DD prior 2.7.7/5.16.0.0/7.7.5.40/7.10.1.30/7.13.1.0 risky encryption (dsa-2024-219)
1 year 9 months ago
A vulnerability was found in Dell PowerProtect DD. It has been declared as problematic. Affected by this vulnerability is an unknown functionality. The manipulation leads to risky cryptographic algorithm.
This vulnerability is known as CVE-2024-29175. The attack can be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2024-29174 | Dell PowerProtect DD prior 7.7.5.30/7.10.1.20/7.13.0.0 sql injection (dsa-2024-219)
1 year 9 months ago
A vulnerability was found in Dell PowerProtect DD. It has been classified as critical. This affects an unknown part. The manipulation leads to sql injection.
This vulnerability is uniquely identified as CVE-2024-29174. Local access is required to approach this attack. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2022-32893 | Apple macOS up to 12.5.0 WebKit out-of-bounds write (DLA 3087-1)
1 year 9 months ago
A vulnerability, which was classified as critical, has been found in Apple macOS up to 12.5.0. This issue affects some unknown processing of the component WebKit. The manipulation leads to out-of-bounds write.
The identification of this vulnerability is CVE-2022-32893. The attack may be initiated remotely. Furthermore, there is an exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2022-32893 | Apple iOS up to 12.5.5 WebKit out-of-bounds write (HT213428)
1 year 9 months ago
A vulnerability was found in Apple iOS up to 12.5.5 and classified as critical. This issue affects some unknown processing of the component WebKit. The manipulation leads to out-of-bounds write.
The identification of this vulnerability is CVE-2022-32893. The attack may be initiated remotely. Furthermore, there is an exploit available.
It is recommended to upgrade the affected component.
vuldb.com
CVE-2016-7050 | Red Hat Enterprise Linux Desktop 7 RESTEasy SerializableProvider deserialization (RHSA-2016:2604 / Nessus ID 95350)
1 year 9 months ago
A vulnerability has been found in Red Hat Enterprise Linux Desktop, Enterprise Linux HPC Node, Enterprise Linux Server and Enterprise Linux Workstation 7 and classified as very critical. Affected by this vulnerability is the function SerializableProvider of the component RESTEasy. The manipulation leads to deserialization.
This vulnerability is known as CVE-2016-7050. The attack can be launched remotely. There is no exploit available.
It is recommended to upgrade the affected component.
vuldb.com
Ransomware Data Leak Sites: The Uncomfortable Truths
1 year 9 months ago
SANS Digital Forensics and Incident Response
CVE-2016-7091 | Todd Miller sudo on Red Hat Linux readline information disclosure (RHSA-2016:2593 / Nessus ID 94556)
1 year 9 months ago
A vulnerability was found in Todd Miller sudo on Red Hat Linux and classified as problematic. Affected by this issue is some unknown functionality of the component readline Handler. The manipulation leads to information disclosure.
This vulnerability is handled as CVE-2016-7091. The attack may be launched remotely. There is no exploit available.
vuldb.com
Microsoft Trims Cloud Cyberattack Surface in Security Push
1 year 9 months ago
The company has jettisoned hundreds of thousands of unused apps and millions of unused tenants as part of its Secure Future Initiative.
Jai Vijayan, Contributing Writer
CVE-2015-6973 | Ignite Realtime Openfire 3.10.2 user-password.jsp cross-site request forgery (Exploit 133554 / EDB-38192)
1 year 9 months ago
A vulnerability classified as critical was found in Ignite Realtime Openfire 3.10.2. This vulnerability affects unknown code of the file user-password.jsp. The manipulation leads to cross-site request forgery.
This vulnerability was named CVE-2015-6973. The attack can be initiated remotely. Furthermore, there is an exploit available.
vuldb.com
Why Compliance Matters for Healthcare Industries
1 year 9 months ago
Ransomware Intelligence Briefing: Key Insights for the C-Level
1 year 9 months ago
How Microsoft Is Beefing Up Security With 34,000 Engineers
1 year 9 months ago
After Review Board Criticism, Microsoft Targets Culture, Governance, Engineering
After high-profile security incidents, Microsoft has dedicated 34,000 engineers to advancing security across all platforms, focusing on identity protection and rapid response. The company is embedding security into product development and governance frameworks to mitigate growing cyberthreats.
After high-profile security incidents, Microsoft has dedicated 34,000 engineers to advancing security across all platforms, focusing on identity protection and rapid response. The company is embedding security into product development and governance frameworks to mitigate growing cyberthreats.
Fake Paystubs Are Draining Billions From Lenders
1 year 9 months ago
How AI Could Solve Failings of Traditional Employment and Income Verification
Fake paystub generators and unscrupulous businesses have made it easy for fraudsters to exploit outdated employment and income verification systems that account for $3.6 billion in losses for auto lenders alone, but AI-driven solutions are emerging as a game-changing defense.
Fake paystub generators and unscrupulous businesses have made it easy for fraudsters to exploit outdated employment and income verification systems that account for $3.6 billion in losses for auto lenders alone, but AI-driven solutions are emerging as a game-changing defense.