Apple iOS, iPadOS, and tvOS buffer overflow | CVE-2022-32788
NAME Apple iOS, iPadOS, and tvOS buffer overflow Platforms Affected:Apple iOS 15.5 Apple iPadOS 15.5 Apple tvOS 15.5Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access...
Month: July 2022
ICONICS MobileHMI and IoTWorX IoT Visualizer products denial of service | CVE-2022-33319
NAME ICONICS MobileHMI and IoTWorX IoT Visualizer products denial of service Platforms Affected:ICONICS MobileHMI 10.97.1 Mitsubishi Electric MC Works64 4.04E...
AutomationDirect Stride Field I/O products information disclosure | CVE-2022-2485
NAME AutomationDirect Stride Field I/O products information disclosure Platforms Affected:AutomationDirect SIO-MB04RTDS 8.3.3.9 AutomationDirect SIO-MB04ADS 8.3.3.9 AutomationDirect SIO-MB04THMS 8.5.3.9 AutomationDirect SIO-MB08ADS-1...
Node.js convert-svg-core module code execution | CVE-2022-25759
NAME Node.js convert-svg-core module code execution Platforms Affected:Node.js convert-svg-core 0.6.1Risk Level:9.9Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION Node.js convert-svg-core module could allow...
MiCODUS MV720 GPS tracker command execution | CVE-2022-2141
NAME MiCODUS MV720 GPS tracker command execution Platforms Affected:MiCODUS MV720 GPS trackerRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION MiCODUS MV720 GPS tracker could...
Daily Vulnerability Trends: Sat Jul 23 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-42069 No description provided CVE-2022-32832 No description provided CVE-2022-23088 No description provided...
SonicWall fixed critical SQLi in Analytics and GMS products
Security company SonicWall released updates to address a critical SQL injection (SQLi) flaw in Analytics On-Prem and Global Management System...
Brute Ratel C4 Detected – 18[.]198[.]216[.]248:80
The Information provided at the time of posting was detected as "Brute Ratel C4". Depending on when you are viewing...
Account lockout policy in Windows 11 is enabled by default to block block brute force attacks
Starting with Windows 11 Microsoft introduce by default an account lockout policy that can block brute force attacks. Starting with...
HackerOne Bug Bounty Disclosure: cve-2022-32214—http-request-smuggling-due-to-improper-delimiting-of-header-fieldsbyzeyu2001
Programme HackerOne Internet Bug Bounty Internet Bug Bounty Submitted by zeyu2001 zeyu2001 Report CVE-2022-32214 - HTTP Request Smuggling Due To...
HackerOne Bug Bounty Disclosure: cve-2022-32213—http-request-smuggling-due-to-flawed-parsing-of-transfer-encodingbyzeyu2001
Programme HackerOne Internet Bug Bounty Internet Bug Bounty Submitted by zeyu2001 zeyu2001 Report CVE-2022-32213 - HTTP Request Smuggling Due to...
HackerOne Bug Bounty Disclosure: cve-2022-32215—http-request-smuggling-due-to-incorrect-parsing-of-multi-line-transfer-encodingbyzeyu2001
Programme HackerOne Internet Bug Bounty Internet Bug Bounty Submitted by zeyu2001 zeyu2001 Report CVE-2022-32215 - HTTP Request Smuggling Due to...
CISA: Atlassian Releases Security Advisory for Questions for Confluence App, CVE-2022-26138
Atlassian Releases Security Advisory for Questions for Confluence App, CVE-2022-26138 Atlassian has released a security advisory to address a vulnerability...
LiveTargetsFinder – Generates Lists Of Live Hosts And URLs For Targeting, Automating The Usage Of MassDNS, Masscan And Nmap To Filter Out Unreachable Hosts And Gather Service Information
Generates lists of live hosts and URLs for targeting, automating the usage of Massdns, Masscan and nmap to filter out...
Hackers breached Ukrainian radio station to spread fake news about Zelensky ‘s health
Threat actors hacked the Ukrainian radio station TAVR Media and broadcasted fake news on the critical health condition of President...
Cobalt Stike Beacon Detected – 104[.]171[.]114[.]156:8080
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 124[.]222[.]30[.]145:8888
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 192[.]144[.]215[.]54:80
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Candiru surveillance spyware DevilsTongue exploited Chrome Zero-Day to target journalists
The spyware developed by Israeli surveillance firm Candiru exploited recently fixed CVE-2022-2294 Chrome zero-day in attacks on journalists. Researchers from...
Apple macOS Catalina and Monterey privilege escalation | CVE-2022-32826
NAME Apple macOS Catalina and Monterey privilege escalation Platforms Affected:Apple macOS Catalina Apple macOS Monterey 12.4Risk Level:8.4Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION Apple...
Apple macOS Monterey code execution | CVE-2022-32814
NAME Apple macOS Monterey code execution Platforms Affected:Apple macOS Monterey 12.4Risk Level:8.4Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Apple macOS Monterey could allow a...
Apple macOS Catalina and Monterey denial of service | CVE-2022-32847
NAME Apple macOS Catalina and Monterey denial of service Platforms Affected:Apple macOS Catalina Apple macOS Monterey 12.4Risk Level:9.1Exploitability:UnprovenConsequences:Denial of Service...
Apple macOS Catalina and Monterey privilege escalation | CVE-2022-32819
NAME Apple macOS Catalina and Monterey privilege escalation Platforms Affected:Apple macOS Catalina Apple macOS Monterey 12.4Risk Level:8.4Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION Apple...
Apple macOS Catalina and Monterey code execution | CVE-2022-32820
NAME Apple macOS Catalina and Monterey code execution Platforms Affected:Apple macOS Catalina Apple macOS Monterey 12.4Risk Level:8.4Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Apple...
