Read Time:3 Second
Second-largest US school district compromised over the weekend
Monthly Archives: September 2022
Multiple Vulnerabilities in Google Android OS Could Allow for Remote Code Execution
Read Time:25 Second
Multiple vulnerabilities have been discovered in Google Android OS, the most severe of which could allow for remote code execution. Android is an operating system developed by Google for mobile devices, including, but not limited to, smartphones, tablets, and watches. Successful exploitation of the most severe of these vulnerabilities could allow for remote code execution. Depending on the privileges associated with the exploited component, an attacker could then install programs; view, change, or delete data; or create new accounts with full rights.
A Vulnerability in Google Chrome Could Allow for Arbitrary Code Execution
Read Time:30 Second
A vulnerability has been discovered in Google Chrome, the most severe of which could allow for arbitrary code execution. Google Chrome is a web browser used to access the internet. Successful exploitation of the vulnerability could allow for arbitrary code execution in the context of the logged on user. Depending on the privileges associated with the user an attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than those who operate with administrative user rights
A Vulnerability in iOS Could Allow For Arbitrary Code Execution (CVE-2022-32893)
Read Time:21 Second
A vulnerability has been discovered in Apple Products which could allow for arbitrary code execution. iOS is a mobile operating system created and developed by Apple Inc. exclusively for its hardware. Successful exploitation could allow the attacker to execute arbitrary code in context of the application. Depending on the permission associated with the application running the exploit, an attacker could then install programs; view, change, or delete data.
DSA-5227 libgoogle-gson-java – security update
Read Time:22 Second
It was discovered that Gson, a Java library that can be used to convert Java
Objects into their JSON representations and vice versa, was vulnerable to a deserialization flaw. An application would de-serialize untrusted data without
sufficiently verifying that the resulting data will be valid, letting the
attacker to control the state or the flow of the execution. This can lead to a
denial of service or even the execution of arbitrary code.