Skip to content
GeekWire
  • HOME
  • NEWS
    • CERT
    • EXPLOITS
    • NCSC
    • NVD
    • SECURELIST
    • US-CERT
  • BLOG
    • Books
    • OSINT
    • Pentest
    • Privacy
  • GHDB
  • CHDB
  • OSINT
  • LABS
  • ARCHIVE
  • ABOUT
    • Privacy Policy
    • Terms of Use
    • External Links
    • Sitemap
GeekWire
GeekWire
  • HOME
  • NEWS
    • CERT
    • EXPLOITS
    • NCSC
    • NVD
    • SECURELIST
    • US-CERT
  • BLOG
    • Books
    • OSINT
    • Pentest
    • Privacy
  • GHDB
  • CHDB
  • OSINT
  • LABS
  • ARCHIVE
  • ABOUT
    • Privacy Policy
    • Terms of Use
    • External Links
    • Sitemap

CERT

A Computer Emergency Response Team (CERT) is a group of information security experts responsible for the protection against, detection of and response to an organization’s cybersecurity incidents.

VU#495801: muhttpd versions 1.1.5 and earlier are vulnerable to path traversal

4 August 2022

Overview

Versions 1.1.5 and earlier of the mu HTTP deamon (muhttpd) are vulnerable to path traversal via crafted …

Tags CERT

VU#142546: SMA Technologies OpCon UNIX agent adds the same SSH key to all installations

21 June 2022

Overview

SMA Technologies OpCon UNIX agent adds the same SSH key on every installation and subsequent updates. An …

Tags CERT

VU#473698: uClibc, uClibc-ng libraries have monotonically increasing DNS transaction ID

9 May 2022

Overview

The uClibc and uClibc-ng libraries are vulnerable to DNS cache poisoning due to the use of predicatble …

Tags CERT

VU#473698: CVE-2022-30295 – uClibc, uClibc-ng Libraries Have Monotonically Increasing DNS Transaction ID

9 May 2022

Overview

The uClibc and uClibc-ng libraries are vulnerable to DNS cache poisoning due to the use of predicatble …

Tags CERT

VU#730007: Tychon is vulnerable to privilege escalation due to OPENSSLDIR location

28 April 2022

Overview

Tychon contains a privilege escalation vulnerability due to the use of an OPENSSLDIR …

Tags CERT

VU#411271: Qt allows for privilege escalation due to hard-coding of qt_prfxpath value

28 April 2022

Overview

Prior to version 5.14, Qt hard-codes the qt_prfxpath value to a fixed value, which may lead …

Tags CERT

VU#970766: Spring Framework insecurely handles PropertyDescriptor objects with data binding

31 March 2022

Overview

The Spring Framework insecurely handles PropertyDescriptor objects, which may allow a remote, …

Tags CERT

VU#383864: Visual Voice Mail (VVM) services transmit unencrypted credentials via SMS

24 February 2022

Overview

Visual Voice Mail (VVM) services transmit unencrypted credentials via SMS. An attacker with the ability …

Tags CERT

VU#229438: Mobile device monitoring services do not authenticate API requests

22 February 2022

Overview

The backend infrastructure shared by multiple mobile device monitoring services does not adequately …

Tags CERT

VU#796611: InsydeH2O UEFI software impacted by multiple vulnerabilities in SMM

1 February 2022

Overview

The InsydeH2O Hardware-2-Operating System (H2O) UEFI firmware contains multiple vulnerabilities related …

Tags CERT

VU#119678: Samba vfs_fruit module insecurely handles extended file attributes

31 January 2022

Overview

The Samba vfs_fruit …

Tags CERT

VU#287178: McAfee Agent for Windows is vulnerable to privilege escalation due to OPENSSLDIR location

20 January 2022

Overview

McAfee Agent contains a privilege escalation vulnerability due to the use of an OPENSSLDIR …

Tags CERT

VU#142629: Silicon Labs Z-Wave chipsets contain multiple vulnerabilities

7 January 2022

Overview

Various Silicon Labs Z-Wave chipsets do not support encryption, can be downgraded to not use weaker …

Tags CERT

VU#692873: Saviynt Enterprise Identity Cloud vulnerable to local user enumeration and authentication bypass

22 December 2021

Overview

Saviynt Enterprise Identity Cloud contains user enumeration and authentication bypass vulnerabilities in …

Tags CERT
Post navigation
Older posts
Page1 Page2 … Page16 Next →
Cookie-Free

NVD

  • CVE-2022-2748 – A vulnerability was found in SourceCodester Simple Online Book Store System. It has been c …11 August 2022
  • CVE-2021-0734 – In Settings, there is a possible way to determine whether an app is installed without quer …11 August 2022
  • CVE-2022-20250 – In Messaging, there is a possible way to attach files to a message without proper access c …11 August 2022
  • CVE-2022-20378 – Product: AndroidVersions: Android kernelAndroid ID: A-234657153References: N/A …11 August 2022
  • CVE-2022-28750 – Zoom On-Premise Meeting Connector Zone Controller (ZC) before version 4.8.20220419.112 fai …11 August 2022
  • CVE-2022-35673 – Adobe FrameMaker versions 2019 Update 8 (and earlier) and 2020 Update 4 (and earlier) are …11 August 2022

EXPLOITS

  • PAN-OS 10.0 – Remote Code Execution (RCE) (Authenticated)9 August 2022
  • ThingsBoard 3.3.1 ‘description’ – Stored Cross-Site Scripting (XSS)9 August 2022
  • ThingsBoard 3.3.1 ‘name’ – Stored Cross-Site Scripting (XSS)9 August 2022
  • Feehi CMS 2.1.1 – Stored Cross-Site Scripting (XSS)9 August 2022
  • Prestashop blockwishlist module 2.1.0 – SQLi9 August 2022
  • uftpd 2.10 – Directory Traversal (Authenticated)3 August 2022

SECURELIST

  • OpenTIP, command line edition11 August 2022
  • VileRAT: DeathStalker’s continuous strike at foreign and cryptocurrency exchanges10 August 2022
  • Andariel deploys DTrack and Maui ransomware9 August 2022
  • Targeted attack on industrial enterprises and public institutions8 August 2022
  • DDoS attacks in Q2 20223 August 2022
  • LofyLife: malicious npm packages steal Discord tokens and bank card data28 July 2022
Copyright © 2022 GeekWire | Cookie-Free | Privacy Policy | We are not responsible for the content of external sites.
Next Page »