Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

CVE-2022-31658: VMSA-2022-0021

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a remote code execution vulnerability. A malicious actor with administrator and network access can trigger a remote code execution.

CVE
Open in Source
#sql#xss#vulnerability#windows#linux#java#rce#vmware#auth
Online Admission System 1.0 SQL Injection

Online Admission System version 1.0 suffers from a remote SQL injection vulnerability.

Iranian Hackers likely Behind Disruptive Cyberattacks Against Albanian Government

A threat actor working to further Iranian goals is said to have been behind a set of disruptive cyberattacks against Albanian government services in mid-July 2022. Cybersecurity firm Mandiant said the malicious activity against a NATO state represented a "geographic expansion of Iranian disruptive cyber operations." The July 17 attacks, according to Albania's National Agency of Information

A Digital Home Has Many Open Doors

Development of digital gateways to protect the places where we live, work, and converse need to be secure and many doors need to offer restricted access.

Resolving Availability vs. Security, a Constant Conflict in IT

Conflicting business requirements is a common problem – and you find it in every corner of an organization, including in information technology. Resolving these conflicts is a must, but it isn’t always easy – though sometimes there is a novel solution that helps. In IT management there is a constant struggle between security and operations teams. Yes, both teams ultimately want to have secure

A Growing Number of Malware Attacks Leveraging Dark Utilities 'C2-as-a-Service'

A nascent service called Dark Utilities has already attracted 3,000 users for its ability to provide command-and-control (C2) services with the goal of commandeering compromised systems. "It is marketed as a means to enable remote access, command execution, distributed denial-of-service (DDoS) attacks and cryptocurrency mining operations on infected systems," Cisco Talos said in a report shared

CVE-2022-37415: Uniwill SparkIO.sys PoC

The Uniwill SparkIO.sys driver 1.0 is vulnerable to a stack-based buffer overflow via IOCTL 0x40002008.

CVE-2022-37030: security - gromox: potential local privilege escalation (CVE-2022-37030)

Weak permissions on the configuration file in the PAM module in Grommunio Gromox 0.5 through 1.x before 1.28 allow a local unprivileged user in the gromox group to have the PAM stack execute arbitrary code upon loading the Gromox PAM module.

High-Severity Bug in Kaspersky VPN Client Opens Door to PC Takeover

The CVE-2022-27535 local privilege-escalation security vulnerability in the security software threatens remote and work-from-home users.

Red Hat Security Advisory 2022-5756-01

Red Hat Security Advisory 2022-5756-01 - The OpenJDK 11 packages provide the OpenJDK 11 Java Runtime Environment and the OpenJDK 11 Java Software Development Kit. This release of the Red Hat build of OpenJDK 11 for Windows serves as a replacement for the Red Hat build of OpenJDK 11 and includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.