Aggregator

CVE-2022-35766 | Microsoft Windows up to Server 2022 Secure Socket Tunneling Protocol Remote Code Execution

6 months 3 weeks ago

A vulnerability classified as critical has been found in Microsoft Windows up to Server 2022. Affected is an unknown function of the component Secure Socket Tunneling Protocol. The manipulation leads to Remote Code Execution. This vulnerability is traded as CVE-2022-35766. It is possible to launch the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

vuldb.com

CVE-2022-35767 | Microsoft Windows up to Server 2022 Secure Socket Tunneling Protocol Remote Code Execution

Vuldb Updates

6 months 3 weeks ago

A vulnerability classified as critical was found in Microsoft Windows. Affected by this vulnerability is an unknown functionality of the component Secure Socket Tunneling Protocol. The manipulation leads to Remote Code Execution. This vulnerability is known as CVE-2022-35767. The attack can be launched remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

vuldb.com

CVE-2022-35769 | Microsoft Windows up to Server 2022 Point-to-Point Protocol denial of service

Vuldb Updates

6 months 3 weeks ago

A vulnerability, which was classified as critical, was found in Microsoft Windows. This affects an unknown part of the component Point-to-Point Protocol. The manipulation leads to denial of service. This vulnerability is uniquely identified as CVE-2022-35769. It is possible to initiate the attack remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

vuldb.com

CVE-2022-35771 | Microsoft Windows up to Server 2022 Defender Credential Guard privilege escalation

Vuldb Updates

6 months 3 weeks ago

A vulnerability has been found in Microsoft Windows up to Server 2022 and classified as critical. This vulnerability affects unknown code of the component Defender Credential Guard. The manipulation leads to privilege escalation. This vulnerability was named CVE-2022-35771. The attack can be initiated remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

vuldb.com

CVE-2022-35772 | Microsoft Azure Site Recovery VMWare to Azure code injection

Vuldb Updates

6 months 3 weeks ago

A vulnerability was found in Microsoft Azure Site Recovery VMWare to Azure and classified as critical. This issue affects some unknown processing. The manipulation leads to code injection. The identification of this vulnerability is CVE-2022-35772. The attack may be initiated remotely. There is no exploit available. It is recommended to apply a patch to fix this issue.

vuldb.com

Zscaler's Buyout of Red Canary Shows Telemetry's Value

darkreading

6 months 3 weeks ago

Red Canary's MDR portfolio complements Zscaler's purchase last year of Israeli startup Avalor, which automates collection, curation, and enrichment of security data.

Rob Wright

The OWASP Top 10 Vulnerabilities

Security Boulevard

6 months 3 weeks ago

Stay updated on the latest in application security with the OWASP Top 10 vulnerabilities.

The post The OWASP Top 10 Vulnerabilities appeared first on Security Boulevard.

Mend.io Communications

APT41 Uses Google Calendar Events for C2

darkreading

6 months 3 weeks ago

APT41, a Chinese state-sponsored threat actor also known as "Double Dragon," used Google Calendar as command-and-control infrastructure during a campaign last fall.

Alexander Culafi, Senior News Writer, Dark Reading

Safepay

Dark Feed IO

6 months 3 weeks ago

You must login to view this content

cohenido

What Is MCP? The New Protocol Reshaping AI Agent Security

Security Boulevard

6 months 3 weeks ago

As AI agents take on more autonomous roles across the web, the Model Context Protocol (MCP) emerges as a promising, but risky, foundation for enabling secure, structured, and intent-aware interactions at scale.

The post What Is MCP? The New Protocol Reshaping AI Agent Security appeared first on Security Boulevard.

Florent Pajot

DorkEye: A Python Script for Ethical Dorking

Dark Web Informer - Cyber Threat Intelligence

6 months 3 weeks ago

DorkEye: A Python Script for Ethical Dorking

Dark Web Informer - Cyber Threat Intelligence

CVE-2022-32840 | Apple iOS/iPadOS up to 15.5 Apple Neural Engine Local Privilege Escalation (HT213346)

Vuldb Updates

6 months 3 weeks ago

A vulnerability, which was classified as critical, was found in Apple iOS and iPadOS up to 15.5. Affected is an unknown function of the component Apple Neural Engine. The manipulation leads to Local Privilege Escalation. This vulnerability is traded as CVE-2022-32840. Attacking locally is a requirement. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2022-32839 | Apple iOS/iPadOS up to 15.5 CoreText Remote Code Execution (HT213346)

Vuldb Updates

6 months 3 weeks ago

A vulnerability classified as critical has been found in Apple iOS and iPadOS up to 15.5. Affected is an unknown function of the component CoreText. The manipulation leads to Remote Code Execution. This vulnerability is traded as CVE-2022-32839. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2022-32838 | Apple iOS/iPadOS up to 15.5 PluginKit state issue (HT213346)

Vuldb Updates

6 months 3 weeks ago

A vulnerability, which was classified as problematic, has been found in Apple iOS and iPadOS up to 15.5. Affected by this issue is some unknown functionality of the component PluginKit. The manipulation leads to state issue. This vulnerability is handled as CVE-2022-32838. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2022-32837 | Apple iOS/iPadOS up to 15.5 Wi-Fi memory corruption (HT213346)

Vuldb Updates

6 months 3 weeks ago

A vulnerability was found in Apple iOS and iPadOS up to 15.5. It has been rated as critical. Affected by this issue is some unknown functionality of the component Wi-Fi. The manipulation leads to memory corruption. This vulnerability is handled as CVE-2022-32837. The attack needs to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2022-32839 | Apple tvOS up to 15.5.1 CoreText Remote Code Execution (HT213342)

Vuldb Updates

6 months 3 weeks ago

A vulnerability classified as critical was found in Apple tvOS up to 15.5.1. Affected by this vulnerability is an unknown functionality of the component CoreText. The manipulation leads to Remote Code Execution. This vulnerability is known as CVE-2022-32839. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2022-32837 | Apple tvOS up to 15.5.1 Wi-Fi Local Privilege Escalation (HT213342)

Vuldb Updates

6 months 3 weeks ago

A vulnerability, which was classified as critical, has been found in Apple tvOS up to 15.5.1. Affected by this issue is some unknown functionality of the component Wi-Fi. The manipulation leads to Local Privilege Escalation. This vulnerability is handled as CVE-2022-32837. The attack needs to be approached locally. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2022-32839 | Apple watchOS up to 8.6 CoreText Remote Code Execution (HT213340)

Vuldb Updates

6 months 3 weeks ago

A vulnerability classified as critical was found in Apple watchOS up to 8.6. Affected by this vulnerability is an unknown functionality of the component CoreText. The manipulation leads to Remote Code Execution. This vulnerability is known as CVE-2022-32839. The attack can be launched remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2022-32839 | Apple macOS CoreText Remote Code Execution (HT213345)

Vuldb Updates

6 months 3 weeks ago

A vulnerability was found in Apple macOS. It has been declared as critical. This vulnerability affects unknown code of the component CoreText. The manipulation leads to Remote Code Execution. This vulnerability was named CVE-2022-32839. The attack can be initiated remotely. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

CVE-2022-32813 | Apple macOS Kernel Local Privilege Escalation (HT213345)

Vuldb Updates

6 months 3 weeks ago

A vulnerability was found in Apple macOS. It has been rated as critical. Affected by this issue is some unknown functionality of the component Kernel. The manipulation leads to Local Privilege Escalation. This vulnerability is handled as CVE-2022-32813. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to upgrade the affected component.

vuldb.com

Aggregator

Managed ad