GPAC 2.0.0 misuses a certain Unicode utf8_wcslen (renamed gf_utf8_wcslen) function in utils/utf.c, resulting in a heap-based buffer over-read, as demonstrated by MP4Box.
Source: NIST
CVE-2022-30976
admin
CVE-2022-30975
In Artifex MuJS through 1.2.0, jsP_dumpsyntax in jsdump.c has a NULL pointer dereference, as demonstrated by mujs-pp.
Source: NIST
CVE-2022-30975
CVE-2022-30974
compile in regexp.c in Artifex MuJS through 1.2.0 results in stack consumption because of unlimited recursion, a different issue than CVE-2019-11413.
Source: NIST
CVE-2022-30974
CVE-2019-25061
The random_password_generator (aka RandomPasswordGenerator) gem through 1.0.0 for Ruby uses Kernel#rand to generate passwords, which, due to its cyclic nature, can facilitate password prediction.
Source: NIST
CVE-2019-25061
CVE-2021-41946
In FiberHome VDSL2 Modem HG150-Ub_V3.0, a stored cross-site scripting (XSS) vulnerability in Parental Control –> Access Time Restriction –> Username field, a user cannot delete the rule due to the XSS.
Source: NIST
CVE-2021-41946
UK Government: Lack of Skills the Number One Issue in Cybersecurity
Andrew Elliot from DCMS provides an update on government initiatives to boost cybersecurity talent pipeline
Source: Infosecurity
UK Government: Lack of Skills the Number One Issue in Cybersecurity
Digital Skimming is Now the Preserve of Non-Magecart Groups
Commodity kit invites new entrants into the market
Source: Infosecurity
Digital Skimming is Now the Preserve of Non-Magecart Groups
Western Allies Warn of Top Cyber-Attack Mistakes
Poor cyber-hygiene to blame for many compromises
Source: Infosecurity
Western Allies Warn of Top Cyber-Attack Mistakes
Police Warn of £15m Courier Scams
Blend of phone and face-to-face fraud targets vulnerable
Source: Infosecurity
Police Warn of £15m Courier Scams
TorchLight Expands Cybersecurity Services With MDR Sentinel in Partnership With Microsoft
MDR Sentinel expands TorchLight’s leading managed detection and response (MDR) services with turnkey SIEM and SOAR capabilities from Microsoft; TorchLight also announces it attains elite Microsoft Gold Partner Status
Source: DarkReading
TorchLight Expands Cybersecurity Services With MDR Sentinel in Partnership With Microsoft