Serious vulnerabilities found in ITarian software, patches available for SaaS products
Dutch research group DIVD has identified multiple vulnerabilities in ITarian products. In cooperation with DIVD, ITarian has made patches available...
CVE
Update Chrome now: Four high risk vulnerabilities found
Users of Chrome have been advised to apply updates as soon as possible related to seven security vulnerabilities. CISA has...
Don’t panic! “Unpatchable” Mac vulnerability discovered
Researchers at MIT’s Computer Science & Artificial Intelligence Lab (CSAIL) found an attack surface in a hardware-level security mechanism utilized...
Update now! Microsoft patches Follina, and many other security updates
The June 2022 Patch Tuesday may go down in history as the day that Follina got patched, but there was...
“Multiple adversaries” exploiting Confluence vulnerability, warns Microsoft
Microsoft has warned that “multiple adversaries and nation-state actors” are making use of the recent Atlassian Confluence RCE vulnerability. A...
Daily Vulnerability Trends: Thu Jun 16 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-29855Mitel 6800 and 6900 Series SIP phone devices through 2022-04-27 have "undocumented...
HUAWEI EMUI/Magic UI privilege escalation | CVE-2022-31762
NAME HUAWEI EMUI/Magic UI privilege escalation Platforms Affected:Huawei EMUI 10.1.1 Huawei EMUI 10.1.0 Huawei Magic UI 3.1.1 Huawei Magic UI...
Microsoft Windows Hyper-V code execution | CVE-2022-30163
NAME Microsoft Windows Hyper-V code execution Platforms Affected:Microsoft Windows 7 SP1 x64 Microsoft Windows Server 2012 Microsoft Windows 8.1 x64...
Microsoft Windows LDAP code execution | CVE-2022-30141
NAME Microsoft Windows LDAP code execution Platforms Affected:Microsoft Windows 7 SP1 x32 Microsoft Windows 7 SP1 x64 Microsoft Windows Server...
Citrix Application Delivery Management security bypass | CVE-2022-27511
NAME Citrix Application Delivery Management security bypass Platforms Affected:Citrix Application Delivery Management 13.0 Citrix Application Delivery Management 13.1Risk Level:9.1Exploitability:UnprovenConsequences:Bypass Security...
Siemens Teamcenter privilege escalation | CVE-2022-31619
NAME Siemens Teamcenter privilege escalation Platforms Affected:Siemens Teamcenter 12.4 Siemens Teamcenter 13.0 Siemens Teamcenter 13.1 Siemens Teamcenter 13.2 Siemens Teamcenter...
ToolBar to Share plugin for WordPress | CVE-2022-1918
NAME ToolBar to Share plugin for WordPress Platforms Affected:WordPress ToolBar to Share plugin for WordPress 2.0 WordPress ToolBar to Share...
Microsoft Edge (Chromium-based) code execution | CVE-2022-22021
NAME Microsoft Edge (Chromium-based) code execution Platforms Affected:Microsoft Edge (Chromium-based)Risk Level:8.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Microsoft Edge (Chromium-based) could allow a remote...
Kik Messenger for Android spoofing |
NAME Kik Messenger for Android spoofing Platforms Affected:Kik Messenger for AndroidRisk Level:8.8Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION Kik Messenger for Android...
SAP NetWeaver and ABAP Platform command execution | CVE-2022-27668
NAME SAP NetWeaver and ABAP Platform command execution Platforms Affected:SAP NetWeaver ABAP Platform KRNL64NUC 7.49 SAP NetWeaver ABAP Platform KRNL64UC...
Microsoft Windows LDAP code execution | CVE-2022-30161
NAME Microsoft Windows LDAP code execution Platforms Affected:Microsoft Windows 7 SP1 x32 Microsoft Windows 7 SP1 x64 Microsoft Windows Server...
Microsoft SharePoint Server code execution | CVE-2022-30157
NAME Microsoft SharePoint Server code execution Platforms Affected:Microsoft SharePoint Enterprise Server 2016 Microsoft SharePoint Enterprise Server 2013 SP1 Microsoft SharePoint...
Microsoft Windows Kerberos privilege escalation | CVE-2022-30165
NAME Microsoft Windows Kerberos privilege escalation Platforms Affected:Microsoft Windows Server 2008 SP2 x32 Microsoft Windows 7 SP1 x32 Microsoft Windows...
Johnson Controls Metasys ADS ADX OAS Servers information disclosure | CVE-2022-21935
NAME Johnson Controls Metasys ADS ADX OAS Servers information disclosure Platforms Affected:Johnson Controls Metasys ADS/ADX/OAS 10 Johnson Controls Metasys ADS/ADX/OAS...
Johnson Controls Metasys ADS ADX OAS Servers cross-site scripting | CVE-2022-21938
NAME Johnson Controls Metasys ADS ADX OAS Servers cross-site scripting Platforms Affected:Johnson Controls Metasys ADS/ADX/OAS 10 Johnson Controls Metasys ADS/ADX/OAS...
Microsoft SharePoint Server code execution | CVE-2022-30158
NAME Microsoft SharePoint Server code execution Platforms Affected:Microsoft SharePoint Server 2013 SP1 Microsoft SharePoint Foundation 2013 SP1 Microsoft SharePoint Enterprise...
Microsoft Windows Lightweight Directory Access Protocol (LDAP) code execution | CVE-2022-30153
NAME Microsoft Windows Lightweight Directory Access Protocol (LDAP) code execution Platforms Affected:Microsoft Windows 7 SP1 x32 Microsoft Windows 7 SP1...
Microsoft Windows Network File System code execution | CVE-2022-30136
NAME Microsoft Windows Network File System code execution Platforms Affected:Microsoft Windows Server 2012 Microsoft Windows 8.1 x32 Microsoft Windows 8.1...
Apache Flume code execution | CVE-2022-25167
NAME Apache Flume code execution Platforms Affected:Apache Flume 1.4.0 Apache Flume 1.5.0 Apache Flume 1.6.0 Apache Flume 1.7.0 Apache Flume...
