Security
Headlines
HeadlinesLatestCVEs

Tag

#zero_day

HID Mercury access control vulnerabilities leave door open to lock manipulation

Manufacturer addresses threat to integrity and availability of physical access systems sold by LenelS2

PortSwigger
Open in Source
#vulnerability#web#linux#dos#git#rce#pdf#buffer_overflow#auth#zero_day
New Zimbra Email Vulnerability Could Let Attackers Steal Your Login Credentials

A new high-severity vulnerability has been disclosed in the Zimbra email suite that, if successfully exploited, enables an unauthenticated attacker to steal cleartext passwords of users sans any user interaction. "With the consequent access to the victims' mailboxes, attackers can potentially escalate their access to targeted organizations and gain access to various internal services and steal

Vulnerabilities in Industrial Control Systems Lets Attackers Remotely Unlock Doors

By Deeba Ahmed In total, eight zero-day vulnerabilities have been detected in Carrier’s industrial control systems (ICS) which, if exploited, allow… This is a post from HackRead.com Read the original post: Vulnerabilities in Industrial Control Systems Lets Attackers Remotely Unlock Doors

Researchers Disclose Critical Flaws in Industrial Access Control System from Carrier

As many as eight zero-day vulnerabilities have been disclosed in Carrier's LenelS2 HID Mercury access control system that's used widely in healthcare, education, transportation, and government facilities. "The vulnerabilities uncovered allowed us to demonstrate the ability to remotely unlock and lock doors, subvert alarms and undermine logging and notification systems," Trellix security

CVE-2022-30702: Security Bulletin: Trend Micro Security Out-Of-Bounds Read Information Disclosure Vulnerability

Trend Micro Security 2022 and 2021 (Consumer) is vulnerable to an Out-Of-Bounds Read Information Disclosure vulnerability that could allow an attacker to disclose sensitive information on an affected machine.

CVE-2022-30703: Security Bulletin: Trend Micro Security Exposed Dangerous Method Information Disclosure Vulnerability

Trend Micro Security 2021 and 2022 (Consumer) is vulnerable to an exposed dangerous method vulnerability that could allow an attacker to obtain access to leaked kernel addresses and disclose sensitive information. This vulnerability could also potentially be chained for privilege escalation.

New MSDT 0-day Flaw ‘DogWalk’ Receives Free Unofficial Patches

By Deeba Ahmed DogWalk comes soon after another MSDT zero-day vulnerability dubbed Follina was discovered, and Microsoft claimed it was a… This is a post from HackRead.com Read the original post: New MSDT 0-day Flaw ‘DogWalk’ Receives Free Unofficial Patches

Threat Source newsletter (June 9, 2022) — Get ready for Cisco Live

By Jon Munshaw.  Welcome to this week’s edition of the Threat Source newsletter.  Another week, another conference. We’re heading a few miles southeast from San Francisco to Las Vegas for Cisco Live. I hope everyone had a safe, healthy and enjoyable RSA, but the fun isn’t over just... [[ This is only the beginning! Please visit the blog for the complete entry ]]