Security
Headlines
HeadlinesLatestCVEs

Tag

#apple

Senayan Library Management System 9.2.0 Cross Site Scripting

Senayan Library Management System version 9.2.0 suffers from a cross site scripting vulnerability.

Packet Storm
Open in Source
#xss#vulnerability#web#windows#apple#git#java#php#auth#chrome#webkit
Senayan Library Management System 9.1.1 Cross Site Scripting

Senayan Library Management System version 9.1.1 suffers from a cross site scripting vulnerability.

Chasing cryptocurrency through cyberspace, with Brian Carter: Lock and Code S03E26

Categories: Podcast This week on Lock and Code, we learn about how investigators actually track illicit cryptocurrency payments through cyberspace after they've already been exchanged as part of a crime. (Read more...) The post Chasing cryptocurrency through cyberspace, with Brian Carter: Lock and Code S03E26 appeared first on Malwarebytes Labs.

A week in security (December 12 - 18)

Categories: News Tags: week in security Tags: AWIS Tags: weekly blog recap Tags: Indiana Tags: TikTok Tags: MSP Tags: electronic sales suppression tools Tags: iPhone Tags: Play ransomware Tags: ransomware Tags: Nebula Tags: Quarantine for Cloud Storage Scanning Tags: SOC Tags: ROI Tags: Uber Tags: Apple Tags: virtual kidnapping Tags: DDoS booter service Tags: law enforcement takedown Tags: InfraGuard Tags: InfraGuard breach The most interesting security related news from the week of December 12 to 18. (Read more...) The post A week in security (December 12 - 18) appeared first on Malwarebytes Labs.

CVE-2022-46135: AeroCMS v0.0.1 Arbitrary File upload vulnerability · Issue #5 · MegaTKC/AeroCMS

In AeroCms v0.0.1, there is an arbitrary file upload vulnerability at /admin/posts.php?source=edit_post , through which we can upload webshell and control the web server.

Update now! Apple patches active exploit vulnerability for iPhones

Categories: Exploits and vulnerabilities Categories: News Tags: Apple Tags: iOS 16.1.2 Tags: Safari 16.2 Tags: CVE-2022-42856 Tags: type confusion Apple has released new security content for iOS 16.1.2 and Safari 16.2. to fix a zero-day security vulnerability that was actively exploited (Read more...) The post Update now! Apple patches active exploit vulnerability for iPhones appeared first on Malwarebytes Labs.

CVE-2022-46631: IOT_vuln/TOTOLink/A7100RU/6 at main · EPhaha/IOT_vuln

TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the wscDisabled parameter in the setting/setWiFiSignalCfg function.

CVE-2022-46634: IOT_vuln/TOTOLink/A7100RU/7 at main · EPhaha/IOT_vuln

TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the wscDisabled parameter in the setting/setWiFiWpsCfg function.

CVE-2022-46700: About the security content of iOS 15.7.2 and iPadOS 15.7.2

A memory corruption issue was addressed with improved input validation. This issue is fixed in Safari 16.2, tvOS 16.2, macOS Ventura 13.1, iOS 15.7.2 and iPadOS 15.7.2, iOS 16.2 and iPadOS 16.2, watchOS 9.2. Processing maliciously crafted web content may lead to arbitrary code execution.