Advisories Archives - Page 1186 of 1631

[CVE-2022-3747] BeCustom <= 1.0.5.2 Generic Cross-Site Request Forgery

Posted by Julien Ahrens (RCE Security) on Nov 15 RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: BeCustom Wordpress Plugin Vendor URL: https://muffingroup.com/betheme/features/be-custom/ Type:...

November 15, 2022

Advisories

Cisco Secure Email Gateways can easily be circumvented

Posted by FD on Nov 15 This report is being published within a coordinated disclosure procedure. The researcher has been in contact with the vendor...

November 15, 2022

Advisories

USN-5725-1: Go vulnerability

Diederik Loerakker, Jonny Rhea, Raúl Kripalani, and Preston Van Loon discovered that Go incorrectly handled certain inputs. An attacker could possibly use this issue to...

November 15, 2022

Advisories

python3.7-3.7.15-2.fc36

FEDORA-2022-385d2ea041 Packages in this update: python3.7-3.7.15-2.fc36 Update description: Security fix for CVE-2022-37454 Read More

November 15, 2022

Advisories

python3.8-3.8.15-2.fc36

FEDORA-2022-5fd3e7f635 Packages in this update: python3.8-3.8.15-2.fc36 Update description: Security fix for CVE-2022-37454 Read More

November 15, 2022

Advisories

freerdp-2.8.1-1.fc35

FEDORA-2022-e733724edb Packages in this update: freerdp-2.8.1-1.fc35 Update description: Update to 2.8.1 (CVE-2022-39282, CVE-2022-39283). Read More

November 15, 2022

Advisories

freerdp-2.8.1-1.fc36

FEDORA-2022-45b9fbfcbe Packages in this update: freerdp-2.8.1-1.fc36 Update description: Update to 2.8.1 (CVE-2022-39282, CVE-2022-39283). Read More

November 15, 2022

Advisories

freerdp-2.8.1-1.fc37

FEDORA-2022-d6310a1308 Packages in this update: freerdp-2.8.1-1.fc37 Update description: Update to 2.8.1 (CVE-2022-39282, CVE-2022-39283). Read More

November 15, 2022

Advisories

ZDI-22-1592: Parse Server _expandResultOnKeyPath Prototype Pollution Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Parse Server. Authentication is required to exploit this vulnerability. Read More

November 15, 2022

Advisories

ZDI-22-1591: Parse Server buildUpdatedObject Prototype Pollution Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Parse Server. Authentication is required to exploit this vulnerability. Read More

November 15, 2022

North Korean IT Worker Network Tied to BeaverTail Phishing Campaign

FTC Records 50% Drop in Nuisance Calls Since 2021

NCSC Warns UK Shoppers Lost £11.5m Last Christmas

Friday Squid Blogging: Female Gonatus Onyx Squid Carrying Her Eggs

Palo Alto Networks Confirms New Zero-Day Being Exploited by Threat Actors

Bitfinex Hacker Jailed for Five Years Over Billion Dollar Crypto Heist

watchTowr Finds New Zero-Day Vulnerability in Fortinet Products

Good Essay on the History of Bad Password Policies

Ransomware Groups Use Cloud Services For Data Exfiltration

Category: Advisories

[CVE-2022-3747] BeCustom <= 1.0.5.2 Generic Cross-Site Request Forgery

Cisco Secure Email Gateways can easily be circumvented

USN-5725-1: Go vulnerability

python3.7-3.7.15-2.fc36

python3.8-3.8.15-2.fc36

freerdp-2.8.1-1.fc35

freerdp-2.8.1-1.fc36

freerdp-2.8.1-1.fc37

ZDI-22-1592: Parse Server _expandResultOnKeyPath Prototype Pollution Remote Code Execution Vulnerability

ZDI-22-1591: Parse Server buildUpdatedObject Prototype Pollution Remote Code Execution Vulnerability