Security
Headlines
HeadlinesLatestCVEs

Tag

#apple

CVE-2023-1163: Vuln/3.md at main · xxy1126/Vuln

A vulnerability has been found in DrayTek Vigor 2960 1.5.1.4 and classified as problematic. Affected by this vulnerability is the function sub_1DA58 of the file mainfunction.cgi. The manipulation leads to path traversal. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-222259.

CVE
Open in Source
#vulnerability#web#windows#apple#chrome#webkit
CVE-2021-4328: 狮子鱼CMS ApiController.class.php SQL注入漏洞复现 - n00bk1ng的小窝

A vulnerability has been found in ???CMS and classified as critical. Affected by this vulnerability is the function goods_detail of the file ApiController.class.php. The manipulation of the argument goods_id leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. This product does not use versioning. This is why information about affected and unaffected releases are unavailable. The associated identifier of this vulnerability is VDB-222223.

Crushing the two biggest threats to mobile endpoint security in 2023

Categories: Business Protect your organization from mobile phishing and malware attacks. (Read more...) The post Crushing the two biggest threats to mobile endpoint security in 2023 appeared first on Malwarebytes Labs.

5 Best Video Editing SDKs for iOS

By Owais Sultan Video editing SDKs are great tools for creating and launching your products much more quickly. However, picking the… This is a post from HackRead.com Read the original post: 5 Best Video Editing SDKs for iOS

CVE-2023-1100: bug_report/SQLi-1.md at main · jackswordsz/bug_report

A vulnerability classified as critical has been found in SourceCodester Online Catering Reservation System 1.0. This affects an unknown part of the file /reservation/add_message.php of the component POST Parameter Handler. The manipulation of the argument fullname leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-222003.

CVE-2023-25431: bug_report/XSS-1.md at main · hundanchen69/bug_report

An issue was discovered in Online Reviewer Management System v1.0. There is a XSS vulnerability via reviewer_0/admins/assessments/course/course-update.php.

Apple Users Need to Update iOS Now to Patch Serious Flaws

Plus: Microsoft fixes several zero-day bugs, Google patches Chrome and Android, Mozilla rids Firefox of a full-screen vulnerability, and more.

iPhone users targeted in phone AND data theft campaign

Categories: News Tags: iPhone theft Tags: passcode theft Tags: iPhone and passcode theft Tags: Apple Tags: shoulder surfing Tags: social engineering When is an iPhone theft not just an iPhone theft? When the user's Apple ID and more, goes with it. (Read more...) The post iPhone users targeted in phone AND data theft campaign appeared first on Malwarebytes Labs.