Security
Headlines
HeadlinesLatestCVEs

Tag

#asus

‘How Are They Weapons? That’s Only a Flashlight!’

During the protests in Hong Kong, young people carried laser pointers, umbrellas, and plastic ties—objects that sometimes led to their arrest, and years of legal limbo.

Wired
Open in Source
#web#windows#apple#perl#asus#auth
‘How Are They Weapons? That’s Only a Flashlight!’

During the protests in Hong Kong, young people carried laser pointers, umbrellas, and plastic ties—objects that sometimes led to their arrest, and years of legal limbo.

CVE-2022-26082: TALOS-2022-1493 || Cisco Talos Intelligence Group

A file write vulnerability exists in the OAS Engine SecureTransferFiles functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted series of network requests can lead to remote code execution. An attacker can send a sequence of requests to trigger this vulnerability.

CVE-2022-27169: TALOS-2022-1494 || Cisco Talos Intelligence Group

An information disclosure vulnerability exists in the OAS Engine SecureBrowseFile functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted network request can lead to a disclosure of sensitive information. An attacker can send a network request to trigger this vulnerability.

CVE-2022-26026: TALOS-2022-1491 || Cisco Talos Intelligence Group

A denial of service vulnerability exists in the OAS Engine SecureConfigValues functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted network request can lead to loss of communications. An attacker can send a network request to trigger this vulnerability.

CVE-2022-26303: TALOS-2022-1488 || Cisco Talos Intelligence Group

An external config control vulnerability exists in the OAS Engine SecureAddUser functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted series of network requests can lead to the creation of an OAS user account. An attacker can send a sequence of requests to trigger this vulnerability.

CVE-2022-26043: TALOS-2022-1489 || Cisco Talos Intelligence Group

An external config control vulnerability exists in the OAS Engine SecureAddSecurity functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted series of network requests can lead to the creation of a custom Security Group. An attacker can send a sequence of requests to trigger this vulnerability.

CVE-2022-26067: TALOS-2022-1492 || Cisco Talos Intelligence Group

An information disclosure vulnerability exists in the OAS Engine SecureTransferFiles functionality of Open Automation Software OAS Platform V16.00.0112. A specially-crafted series of network requests can lead to arbitrary file read. An attacker can send a sequence of requests to trigger this vulnerability.

Zero-day vulnerabilities in Chrome and Android exploited by commercial spyware

A spyware vendor called Cytrox was found to be using several zero-day vulnerabilities in Google's Chrome browser and the Android kernel component. The post Zero-day vulnerabilities in Chrome and Android exploited by commercial spyware appeared first on Malwarebytes Labs.

Predator Spyware Using Zero-day to Target Android Devices

By Deeba Ahmed Spyware developer firm Cytrox is under Google’s radar for developing exploits against five 0-day flaws in Android and… This is a post from HackRead.com Read the original post: Predator Spyware Using Zero-day to Target Android Devices