Security
Headlines
HeadlinesLatestCVEs

Tag

#mac

CVE-2022-40875: Tenda ax1803 is vulnerable to a buffer overflow - Riv4ille

Tenda AX1803 v1.0.0.1 was discovered to contain a heap overflow in the function GetParentControlInfo.

CVE
Open in Source
#vulnerability#web#mac#windows#apple#dos#rce#buffer_overflow#chrome#webkit#wifi
CVE-2022-3725: Stack Overflow Write - OPUS dissector - dissect_opus() frames (#18378) · Issues · Wireshark Foundation / wireshark · GitLab

Crash in the OPUS protocol dissector in Wireshark 3.6.0 to 3.6.8 allows denial of service via packet injection or crafted capture file

Prepare Now for Critical Flaw in OpenSSL, Security Experts Warn

Even if the security bug is not another Heartbleed, prepare like it might be, they note — it has potentially sprawling ramifications.

Fake Proof-of-Concepts used to lure security professionals

Categories: Exploits and vulnerabilities Categories: News Tags: PoC Tags: PoCs Tags: Leiden Tags: GitHub Tags: VirusTotal Tags: AbuseIPDB Researchers from Leiden University analyzed many thousands of Proof-of-Concepts and found that 10 percent of those they found on GitHub are malicious (Read more...) The post Fake Proof-of-Concepts used to lure security professionals appeared first on Malwarebytes Labs.

CVE-2022-3095: sdk/CHANGELOG.md at master · dart-lang/sdk

The implementation of backslash parsing in the Dart URI class for versions prior to 2.18 and Flutter versions prior to 3.30 differs from the WhatWG URL standards. Dart uses the RFC 3986 syntax, which creates incompatibilities with the '\' characters in URIs, which can lead to auth bypass in webapps interpreting URIs. We recommend updating Dart or Flutter to mitigate the issue.

Critical OpenSSL fix due Nov 1—what you need to know

Categories: News Tags: fix Tags: bug Tags: vulnerability Tags: exploit Tags: attack Tags: patch Tags: update Tags: OpenSSL Tags: v3 Tags: v1 Tags: 3.0.5. Version 3.0.7 of OpenSSL will fix the software's first critical issue for six years. (Read more...) The post Critical OpenSSL fix due Nov 1—what you need to know appeared first on Malwarebytes Labs.

3 Steps Small Businesses Can Take to Prevent Cyberattacks

Setting priorities for internal security measures and outsourcing complex practices help protect small and midsize businesses.

Netwrix Study: 86% of Cloud Attacks in the Healthcare Sector Result in Financial Losses or Other Damage

The healthcare sector is twice as likely to face data breach consequences as any other industry surveyed.

Chrome users, you have 3 months to say goodbye to Windows 7 and 8.1

Categories: News Tags: Google Chrome Tags: Chrome 110 Tags: Windows 7 Tags: Windows 10 Tags: Windows 11 Tags: Windows 8.1 Tags: Windows Subsystem for Android Tags: WSA Chrome will not be there for you when Microsoft ends its Extended Security Updates program for legacy Windows versions early next year. (Read more...) The post Chrome users, you have 3 months to say goodbye to Windows 7 and 8.1 appeared first on Malwarebytes Labs.