#apache

Researchers Link Cheerscrypt Linux-Based Ransomware to Chinese Hackers

The recently discovered Linux-Based ransomware strain known as Cheerscrypt has been attributed to a Chinese cyber espionage group known for operating short-lived ransomware schemes. Cybersecurity firm Sygnia attributed the attacks to a threat actor it tracks under the name Emperor Dragonfly, which is also known as Bronze Starlight (Secureworks) and DEV-0401 (Microsoft). "Emperor Dragonfly

3 years ago

The Hacker News

Open in Source

#vulnerability #web #microsoft #linux #apache #intel #vmware #log4j #alibaba #The Hacker News

Magento 1 vs Magento 2

By Owais Sultan Over the last decade, a couple of aspects have changed within the tech world and Magento is no… This is a post from HackRead.com Read the original post: Magento 1 vs Magento 2

3 years ago

HackRead

Open in Source

#sql #web #google #apache #redis #memcached #js #java #php #nginx #auth

Joomla MyMuse 4.3.0 SQL Injection

Joomla MyMuse extension version 4.3.0 suffers from a remote SQL injection vulnerability.

3 years ago

Packet Storm

Open in Source

#sql #vulnerability #web #apache #php #auth

CVE-2022-36965: SolarWinds Platform 2022.3 Release Notes

Insufficient sanitization of inputs in QoE application input field could lead to stored and Dom based XSS attack. This issue is fixed and released in SolarWinds Platform (2022.3.0).

3 years ago

CVE

Open in Source

#sql #xss #vulnerability #web #mac #windows #microsoft #apache #rce #auth #ssl

CVE-2022-40277: GitHub - laurent22/joplin: Joplin - an open source note taking and to-do application with synchronisation capabilities for Windows, macOS, Linux, Android and iOS.

Joplin version 2.8.8 allows an external attacker to execute arbitrary commands remotely on any client that opens a link in a malicious markdown file, via Joplin. This is possible because the application does not properly validate the schema/protocol of existing links in the markdown file before passing them to the 'shell.openExternal' function.

3 years ago

CVE

Open in Source

#sql #web #ios #android #mac #windows #google #microsoft #amazon #linux #cisco #apache #nodejs #js #git #php #perl #nginx #pdf #aws #auth #chrome #firefox #ssl

Red Hat Security Advisory 2022-6753-01

Red Hat Security Advisory 2022-6753-01 - The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Issues addressed include buffer overflow, denial of service, information leakage, null pointer, out of bounds read, out of bounds write, and server-side request forgery vulnerabilities.

3 years ago

Packet Storm

Open in Source

#vulnerability #web #linux #red_hat #dos #apache #nodejs #js #ldap #ssrf #buffer_overflow #ssl

CVE-2022-37461: Trustwave Security Advisories

Multiple cross-site scripting (XSS) vulnerabilities in Canon Medical Vitrea View 7.x before 7.7.6 allow remote attackers to inject arbitrary web script or HTML via (1) the input after the error subdirectory to the /vitrea-view/error/ subdirectory, or the (2) groupID, (3) offset, or (4) limit parameter to an Administrative Panel (Group and Users) page. There is a risk of an attacker retrieving patient information.