OpenSSL 3.0.5 awaits release to fix potential worse-than-Heartbleed flaw
The latest version of OpenSSL v3, a widely used open-source library for secure networking using...
LGBTQ+ folks warned of dating app extortion scams
In September, the bureau said such schemes usually include initial contact through dating apps...
Android malware ‘Revive’ impersonates BBVA bank’s 2FA app
A new Android banking malware named Revive has been discovered that impersonates a 2FA...
Harmony blockchain loses nearly $100M due to hacked private keys
We wish to provide the suspect an opportunity to communicate with the Harmony Foundation and...
US, Brazil seize 272 websites used to illegally download music
The domains of six websites that streamed and provided illegal downloads of copyrighted music...
US seizes websites used to illegally download and stream music
The domains of six websites that streamed and provided illegal downloads of copyrighted music...
Microsoft will fix Windows RRAS, VPN issues for all users in July
Microsoft has finally confirmed Internet connectivity issues affecting servers with Routing and...
Vulnerabilities by Risk level (Last 12 months)
Vulnerabilities by Vendor (Last 12 months)
| Vendor | Last 12 months | # |
| 1442 | ||
| Microsoft | 966 | |
| Fedoraproject | 965 | |
| Debian | 750 | |
| Oracle | 683 |
Latest Vulnerabilities
-
CVE-2022-32983
5.0Knot Resolver through 5.5.1 may allow DNS cache poisoning when there is an attempt to limit forwarding actions by filters.
-
CVE-2022-33913 - Incorrect Authorization vulnerability in Mahara 22.04.2
4.3In Mahara 21.04 before 21.04.6, 21.10 before 21.10.4, and 22.04.2, files can sometimes be downloaded through thumb.php with no permission check.
-
CVE-2022-1720 - Out-of-bounds Read vulnerability in Debian Linux 9.0
6.8Buffer Over-read in function grab_file_name in GitHub repository vim/vim prior to 8.2.4956. This vulnerability is capable of crashing the software, memory modification, and possible remote execution.
-
CVE-2022-31794 - OS Command Injection vulnerability in Fujitsu Eternus Cs8000 Firmware 8.1
10.0An issue was discovered on Fujitsu ETERNUS CentricStor CS8000 (Control Center) devices before 8.1A SP02 P04. The vulnerability resides in the requestTempFile function in hw_view.php. An attacker...
-
CVE-2022-31795 - OS Command Injection vulnerability in Fujitsu Eternus Cs8000 Firmware 8.1
10.0An issue was discovered on Fujitsu ETERNUS CentricStor CS8000 (Control Center) devices before 8.1A SP02 P04. The vulnerability resides in the grel_finfo function in grel.php. An attacker is able...
Latest Critical Vulnerabilities
-
CVE-2022-31794 - OS Command Injection vulnerability in Fujitsu Eternus Cs8000 Firmware 8.1
10.0An issue was discovered on Fujitsu ETERNUS CentricStor CS8000 (Control Center) devices before 8.1A SP02 P04. The vulnerability resides in the requestTempFile function in hw_view.php. An attacker...
-
CVE-2022-31795 - OS Command Injection vulnerability in Fujitsu Eternus Cs8000 Firmware 8.1
10.0An issue was discovered on Fujitsu ETERNUS CentricStor CS8000 (Control Center) devices before 8.1A SP02 P04. The vulnerability resides in the grel_finfo function in grel.php. An attacker is able...
-
CVE-2022-30329 - OS Command Injection vulnerability in Trendnet Tew-831Dr Firmware 1.0601.130.1.1356
10.0An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. An OS injection vulnerability exists within the web interface, allowing an attacker with valid credentials to execute arbitrary...
-
CVE-2022-24562 - Improper Authentication vulnerability in Iobit Iotransfer 4.3.1.1561
10.0In IOBit IOTransfer 4.3.1.1561, an unauthenticated attacker can send GET and POST requests to Airserv and gain arbitrary read/write access to the entire file-system (with admin privileges) on the...
-
CVE-2022-30650 - Out-of-bounds Write vulnerability in Adobe Incopy
9.3Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by a Heap-based Buffer Overflow vulnerability that could result in arbitrary code execution in the context of the...
-
CVE-2022-30651 - Out-of-bounds Read vulnerability in Adobe Incopy
9.3Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds read vulnerability when parsing a crafted file, which could result in a read past the end of an...
-
CVE-2022-30652 - Out-of-bounds Write vulnerability in Adobe Incopy
9.3Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current...
-
CVE-2022-30653 - Out-of-bounds Write vulnerability in Adobe Incopy
9.3Adobe InCopy versions 17.2 (and earlier) and 16.4.1 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current...