

Microsoft is killing Cortana on Windows starting late 2023
After introducing a string of AI-powered assistants for its products, Microsoft has now...

The Week in Ransomware - June 2nd 2023 - Whodunit?
We may have a rebrand in the making, and a ransomware operation is likely behind a new zero-day...

Friday Squid Blogging: Squid Chromolithographs
Beautiful illustrations. As usual, you can also use this squid post to talk about the security...

Malaysia goes its own Huawei, won't ban Chinese vendor from 5G network
Malaysia could be putting itself on a collision course with the EU and US as the country looks...

Windows 11 to require SMB signing to prevent NTLM relay attacks
Microsoft says SMB signing will be required by default for all connections to defend against...

NSA and FBI: Kimsuky hackers pose as journalists to steal intel
State-sponsored North Korean hacker group Kimsuky has been impersonating journalists and...

Improve your app security on Azure
Azure Virtual Network Manager is a new tool for grouping network resources, configuring the...
Vulnerabilities by Risk level (Last 12 months)
Vulnerabilities by Vendor (Last 12 months)
Vendor | Last 12 months | # |
1313 | ||
Microsoft | 767 | |
Fedoraproject | 561 | |
Debian | 507 | |
Apple | 354 |
Latest Vulnerabilities
-
CVE-2022-35743
7.8Microsoft Windows Support Diagnostic Tool (MSDT) Remote Code Execution Vulnerability
locallow complexity -
CVE-2022-35744
9.8Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability
networklow complexitycritical -
CVE-2022-35745
8.1Windows Secure Socket Tunneling Protocol (SSTP) Remote Code Execution Vulnerability
networkhigh complexity -
CVE-2022-35746
7.8Windows Digital Media Receiver Elevation of Privilege Vulnerability
locallow complexity -
CVE-2022-35747
5.9Windows Point-to-Point Protocol (PPP) Denial of Service Vulnerability
networkhigh complexity
Latest Critical Vulnerabilities
-
CVE-2022-35744
9.8Windows Point-to-Point Protocol (PPP) Remote Code Execution Vulnerability
networklow complexitycritical -
CVE-2021-46887 - Unspecified vulnerability in Huawei Emui 10.1.0/10.1.1/11.0.0
9.8Lack of length check vulnerability in the HW_KEYMASTER module. Successful exploitation of this vulnerability may cause out-of-bounds read.
-
CVE-2022-48478 - Unspecified vulnerability in Huawei Harmonyos 2.0
9.8The facial recognition TA of some products lacks memory length verification. Successful exploitation of this vulnerability may cause exceptions of the facial recognition service.
-
CVE-2022-48479 - Out-of-bounds Read vulnerability in Huawei Harmonyos 2.0
9.8The facial recognition TA of some products has the out-of-bounds memory read vulnerability. Successful exploitation of this vulnerability may cause exceptions of the facial recognition service.
-
CVE-2023-2851
10.0** UNSUPPPORTED WHEN ASSIGNED ** Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in AGT Tech Ceppatron allows Command Line Execution through SQL...
-
CVE-2023-2882
9.8Generation of Incorrect Security Tokens vulnerability in CBOT Chatbot allows Token Impersonation, Privilege Abuse.This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7.
networklow complexitycritical -
CVE-2023-2884
9.8Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG), Use of Insufficiently Random Values vulnerability in CBOT Chatbot allows Signature Spoofing by Key Recreation.This issue...
-
CVE-2023-2887
9.1Authentication Bypass by Spoofing vulnerability in CBOT Chatbot allows Authentication Bypass.This issue affects Chatbot: before Core: v4.0.3.4 Panel: v4.0.3.7.