VMware fixes critical SSRF flaw in Workspace ONE UEM Console
VMware released security patches for a critical server-side request forgery (SSRF) vulnerability in Workspace ONE UEM console. VMware has addressed...
VMware released security patches for a critical server-side request forgery (SSRF) vulnerability in Workspace ONE UEM console. VMware has addressed...
Summary: In alac decoder, there is a possible out of bounds write due to an incorrect bounds check. This could...
Summary: In onCreate of AllowBindAppWidgetActivity.java, there is a possible bypass of user interaction requirements due to unclear UI. This could...
Summary: In ActivityThread.java, there is a possible way to collide the content provider's authorities. This could lead to local escalation...
Summary: In gatt_process_notification of gatt_cl.cc, there is a possible out of bounds write due to a missing bounds check. This...
Summary: In gatt_process_notification of gatt_cl.cc, there is a possible out of bounds write due to a missing bounds check. This...
Summary: CPAN 2.28 allows Signature Verification Bypass. Reference Links(if available): https://metacpan.org/pod/distribution/CPAN/scripts/cpan https://blog.hackeriet.no/cpan-signature-verification-vulnerabilities/ http://blogs.perl.org/users/neilb/2021/11/addressing-cpan-vulnerabilities-related-to-checksums.html CVSS Score (if available) v2: / MEDIUM...
Experts reported the resurgence of the Phorpiex botnet, in one year it allowed to steal crypto assets worth of half...
Tens of thousands of devices worldwide, including many industrial control systems (ICS), have been hit by the PseudoManuscrypt spyware. Kaspersky...
In June 2021, Kaspersky ICS CERT experts identified malware whose loader has some similarities to the Manuscrypt malware, which is...
The ImControllerService service of Lenovo laptops is affected by a privilege elevation bug that can allow to execute commands with admin...
Summary: In version 6.5 of our MiWi software and all previous versions including legacy products, there is a possibility of...
Summary: In version 6.5 of MiWi software and all previous versions including legacy products, the stack is validating only two...
Summary: The Like Button Rating ♥ LikeBtn WordPress plugin before 2.6.38 does not have any authorisation and CSRF checks in...
Summary: A vulnerability has been identified in Teamcenter Active Workspace V4.3 (All versions < V4.3.11), Teamcenter Active Workspace V5.0 (All...
Summary: The TCP Server module in toxcore before 0.2.8 doesn't free the TCP priority queue under certain conditions, which allows...
Experts warn that threat actors are actively attempting to exploit a second bug disclosed in the popular Log4j logging library. American web...
Nation-state actors from China, Iran, North Korea, and Turkey are attempting to exploit the Log4Shell vulnerability to in attacks in the wild....
Dating network Grindr has been slapped with a US$7.7 million fine by Norwegian regulator Datatilsynet for sharing data with advertisers....
For anyone about to sit back after checking their environment for the Log4j vulnerabilities and applying patches where needed, here...
NOTE: The information on this page is fully automated and scraped directly from the cl0p .onion Dark Web Tor Blog...
Threat actors are using a malicious Internet Information Services (IIS) Server module, dubbed Owowa, to steal Microsoft Exchange credentials. Kaspersky...
Kaspersky Managed Detection and Response (MDR) provides advanced protection against the growing number of threats that bypass automatic security barriers....
All statistics in this report are from the global cloud service Kaspersky Security Network (KSN), which receives information from components...