Security
Headlines
HeadlinesLatestCVEs

Tag

#apple

CVE-2020-36521: About the security content of iCloud for Windows 7.21

An out-of-bounds read was addressed with improved input validation. This issue is fixed in iCloud for Windows 11.4, iOS 14.0 and iPadOS 14.0, watchOS 7.0, tvOS 14.0, iCloud for Windows 7.21, iTunes for Windows 12.10.9. Processing a maliciously crafted tiff file may lead to a denial-of-service or potentially disclose memory contents.

CVE
#sql#xss#vulnerability#web#ios#windows#apple#dos#webkit
CVE-2022-36944: Install

Scala 2.13.x before 2.13.9 has a Java deserialization chain in its JAR file. On its own, it cannot be exploited. There is only a risk in conjunction with LazyList object deserialization within an application. In such situations, it allows attackers to erase contents of arbitrary files, make network connections, or possibly run arbitrary code (specifically, Function0 functions) via a gadget chain.

Slack’s and Teams’ Lax App Security Raises Alarms

New research shows how third-party apps could be exploited to infiltrate these sensitive workplace tools.

Feehi CMS 2.1.1 Remote Code Execution

Feehi CMS version 2.1.1 suffers from an authenticated remote code execution vulnerability.

The Ungodly Surveillance of Anti-Porn ‘Shameware’ Apps

Churches are using invasive phone-monitoring tech to discourage “sinful” behavior. Some software is seeing more than congregants realize.

A New Linux Tool Aims to Guard Against Supply Chain Attacks

Security firm Chainguard has created a simple, open source way for organizations to defend the cloud against some of the most insidious attacks.

Update Firefox and Thunderbird now! Mozilla patches several high risk vulnerabilities

Categories: Exploits and vulnerabilities Categories: News Tags: CVE-2022-40959 Tags: CVE-2022-40960 Tags: CVE-2022-40962 Tags: CVE-2022-3033 Tags: Mozilla Tags: Firefox Tags: Thunderbird Mozilla has released security updates to address vulnerabilities in Firefox, Firefox ESR, and Thunderbird which could be exploited to take control of a system. (Read more...) The post Update Firefox and Thunderbird now! Mozilla patches several high risk vulnerabilities appeared first on Malwarebytes Labs.

CVE-2022-40026: CVE_HUNTER/2022-09-01-SQL1.md at main · xidaner/CVE_HUNTER

SourceCodester Simple Task Managing System v1.0 was discovered to contain a SQL injection vulnerability via the bookId parameter at board.php.