Security
Headlines
HeadlinesLatestCVEs

Tag

#firefox

Chinese Hackers Begin Exploiting Latest Microsoft Office Zero-Day Vulnerability

An advanced persistent threat (APT) actor aligned with Chinese state interests has been observed weaponizing the new zero-day flaw in Microsoft Office to achieve code execution on affected systems. "TA413 CN APT spotted [in-the-wild] exploiting the Follina zero-day using URLs to deliver ZIP archives which contain Word Documents that use the technique," enterprise security firm Proofpoint said in

The Hacker News
Open in Source
#vulnerability#web#mac#windows#microsoft#rce#zero_day#firefox#The Hacker News
You Need to Update iOS, Chrome, Windows, and Zoom ASAP

Plus: Google patches 36 Android vulnerabilities, Cisco fixes three high-severity issues, and VMWare closes two “serious” flaws.

You Need to Update iOS, Chrome, Windows, and Zoom ASAP

Plus: Google patches 36 Android vulnerabilities, Cisco fixes three high-severity issues, and VMWare closes two “serious” flaws.

Red Hat Security Advisory 2022-4765-01

Red Hat Security Advisory 2022-4765-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.9.1 ESR.

Red Hat Security Advisory 2022-4768-01

Red Hat Security Advisory 2022-4768-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.9.1 ESR.

Ingredient Stock Management System 1.0 Account Takeover

Ingredient Stock Management System version 1.0 suffers from an account takeover vulnerability.

Red Hat Security Advisory 2022-4766-01

Red Hat Security Advisory 2022-4766-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.9.1 ESR.

Red Hat Security Advisory 2022-4776-01

Red Hat Security Advisory 2022-4776-01 - Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades Firefox to version 91.9.1 ESR.

CVE-2022-1556: WordPress Stafflist 3.1.2 SQL Injection ≈ Packet Storm

The StaffList WordPress plugin before 3.1.5 does not properly sanitise and escape a parameter before using it in a SQL statement when searching for Staff in the admin dashboard, leading to an SQL Injection

RHSA-2022:4776: Red Hat Security Advisory: firefox security update

An update for firefox is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Critical. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1529: Mozilla: Untrusted input used in JavaScript object indexing, leading to prototype pollution * CVE-2022-1802: Mozilla: Prototype pollution in Top-Level Await implementation