News Archives • Page 551 of 631 • Daily CyberSecurity

CVE-2022-35924: Nextauth.js Authentication Bypass Vulnerability

Ddos August 5, 2022

On July 26, 2022, a known security vulnerability affecting an NPM package, Nextauth.js was made public. These...

CVE-2022-25168: Apache Hadoop Command Injection Vulnerability

Ddos August 5, 2022

Recently, Apache Hadoop fixed a command injection vulnerability. Since Apache Hadoop’s FileUtil.unTar API does not escape the...

CVE-2022-29154: Rsync client-side arbitrary file write vulnerability Rsync Vulnerability Use-After-Free CVE-2022-29154 & CVE-2024-12084 CVE-2024-120845 PoC

Rsync Vulnerability Use-After-Free CVE-2022-29154 & CVE-2024-12084 CVE-2024-120845 PoC

CVE-2022-29154: Rsync client-side arbitrary file write vulnerability

Ddos August 2, 2022

The developer of the rsync project has just released new versions of their software to patch a...

CVE-2022-31656: critical auth bypass flaw in multiple VMware products

Ddos August 2, 2022

VMware on Tuesday announced patches for several critical and high-severity vulnerabilities affecting VMware Workspace ONE Access, Identity...

CVE-2022-35918: Streamlit directory traversal vulnerability

Ddos August 2, 2022

Recently, a vulnerability that allows attackers to read the web server file system has been patched in...

CVE-2022-2560: CompleteFTP Directory Traversal Arbitrary File Deletion Flaw

Ddos August 1, 2022

A high EnterpriseDT CompleteFTP vulnerability (CVE-2022-2560), which was discovered by rgod on Jun 7, 2022, just goes...

CVE-2022-36946: Linux Kernel Remote DoS Vulnerability French Digital Sovereignty Greg Kroah-Hartman AI code review CVE-2025-38352 Linux kernel exploit, Android 32-bit UAF vulnerability CVE-2022-36946 Linux Kernel 6.16, Hardware Support

French Digital Sovereignty Greg Kroah-Hartman AI code review CVE-2025-38352 Linux kernel exploit, Android 32-bit UAF vulnerability CVE-2022-36946 Linux Kernel 6.16, Hardware Support

CVE-2022-36946: Linux Kernel Remote DoS Vulnerability

Ddos July 29, 2022

Two security researchers, Domingo Dirutigliano and Nicola Guerrera have discovered that the Linux kernel is affected by...

CVE-2022-32744: Critical Samba admin password reset flaw

Ddos July 29, 2022

Samba maintainers have just released new versions of their networking software to patch 5 vulnerabilities that could...

CVE-2022-36123: Linux kernel arbitrary code execution flaw

Ddos July 29, 2022

A security researcher has discovered that the Linux kernel is affected by a potentially serious vulnerability (CVE-2022-36123)...

CVE-2022-36364: Apache Calcite Avatica Remote Code Execution

Ddos July 28, 2022

Apache Calcite Avatica released the latest security bulletin on July 28, which contains a remote code execution...

Researcher details CVE-2022-0342 Zyxel authentication bypass vulnerability CVE-2022-0342 PoC

Researcher details CVE-2022-0342 Zyxel authentication bypass vulnerability

Ddos July 26, 2022

CVE-2022-0342 PoC with the detailed technique is published for a vulnerability that allows an attacker to bypass...

CVE-2022-36408: zero-day PrestaShop SQL injection vulnerability

Ddos July 25, 2022

On July 22, the open-source e-commerce solution PrestaShop released urgent patches for a critical flaw in its...

T-Mobile pays a $500 million settlement after leaking data on about 50 million users T-Mobile data breaches

T-Mobile pays a $500 million settlement after leaking data on about 50 million users

Ddos July 25, 2022

In August 2021, the US network operator T-Mobile suffered a huge data breach, and American hackers living...

Uber Pays Hackers $100,000 in Bitcoin in 2016 Hacking 2016 data leak

Uber Pays Hackers $100,000 in Bitcoin in 2016 Hacking

Ddos July 25, 2022

Ride-hailing startup Uber has reached a settlement with U.S. prosecutors and is willing to take responsibility for...

Candiru spyware exploited Chrome 0-day flaw to attack journalists Android CVE-2024-23700 Zero-Interaction Exploit Candiru spyware Android vulnerability, security update

Android CVE-2024-23700 Zero-Interaction Exploit Candiru spyware Android vulnerability, security update

Candiru spyware exploited Chrome 0-day flaw to attack journalists

Ddos July 22, 2022

On July 4, 2022, the Google Chrome stable channel was updated to version 103.0.5060.114. The vulnerabilities fixed...

CVE-2022-26138: Hard-Coded Password Confluence Server and Data Center

Ddos July 20, 2022

Atlassian has released security updates to address three critical-severity vulnerabilities in its products that could be exploited...

CVE-2022-35741: Apache CloudStack SAML Single Sign-On XXE Vulnerability

Ddos July 18, 2022

Recently, A vulnerability that allows attackers to execute XML external entity (XXE) injection has been patched in...

CVE-2022-33891: Apache Spark Shell Command Injection Vulnerability

Ddos July 17, 2022

Apache Spark released the latest security bulletin on July 18, which contains a shell command injection vulnerability...

CVE-2022-31107: Grafana OAuth Account Takeover Vulnerability

Ddos July 16, 2022

Open-source analytics and interactive visualization solution Grafana received a critical update recently to fix two high-severity security...

CVE-2022-32224: Ruby on Rails Remote Code Execution Vulnerability

Ddos July 15, 2022

On July 12, a remote code execution vulnerability was disclosed that impacts all versions of the Ruby...

Critical Alert 1 Active Exploit Detected Today