Found 7 bookmarks
Custom sorting
CVE-2022-21661: Exposing Database Info via WordPress SQL Injection
CVE-2022-21661: Exposing Database Info via WordPress SQL Injection
In October of this year, we received a report from ngocnb and khuyenn from GiaoHangTietKiem JSC covering a SQL injection vulnerability in WordPress. The bug could allow an attacker to expose data stored in a connected database. This vulnerability was recently addressed as CVE-2022-21661 ( ZDI-22-020
#zerodayinitiative#EN#2022#CVE-2022-21661#SQL-injection#vulnerability#WordPress
·zerodayinitiative.com·
CVE-2022-21661: Exposing Database Info via WordPress SQL Injection
Control Your Types or Get Pwned: Remote Code Execution in Exchange PowerShell Backend
Control Your Types or Get Pwned: Remote Code Execution in Exchange PowerShell Backend
By now you have likely already heard about the in-the-wild exploitation of Exchange Server, chaining CVE-2022-41040 and CVE-2022-41082. It was originally submitted to the ZDI program by the researcher known as “DA-0x43-Dx4-DA-Hx2-Tx2-TP-S-Q from GTSC”. After successful validation, it was immediately
#zerodayinitiative#EN#2022#0-day#CVE-2022-41040#CVE-2022-41082#PowerShell
·zerodayinitiative.com·
Control Your Types or Get Pwned: Remote Code Execution in Exchange PowerShell Backend
Zero Day Initiative — CVE-2022-23088: Exploiting a Heap Overflow in the FreeBSD Wi-Fi Stack
Zero Day Initiative — CVE-2022-23088: Exploiting a Heap Overflow in the FreeBSD Wi-Fi Stack
In April of this year, FreeBSD patched a 13-year-old heap overflow in the Wi-Fi stack that could allow network-adjacent attackers to execute arbitrary code on affected installations of FreeBSD Kernel. This bug was originally reported to the ZDI program by a researcher known as m00nbsd and patched in
#zerodayinitiative#EN#2022#CVE-2022-23088#HeapOverflow#FreeBSD#Wi-Fi
·zerodayinitiative.com·
Zero Day Initiative — CVE-2022-23088: Exploiting a Heap Overflow in the FreeBSD Wi-Fi Stack
CVE-2022-21661: Exposing Database Info via WordPress SQL Injection
CVE-2022-21661: Exposing Database Info via WordPress SQL Injection
In October of this year, we received a report from ngocnb and khuyenn from GiaoHangTietKiem JSC covering a SQL injection vulnerability in WordPress. The bug could allow an attacker to expose data stored in a connected database. This vulnerability was recently addressed as CVE-2022-21661 ( ZDI-22-020
#zerodayinitiative#EN#2022#CVE-2022-21661#SQL-injection#vulnerability#WordPress
·zerodayinitiative.com·
CVE-2022-21661: Exposing Database Info via WordPress SQL Injection
Control Your Types or Get Pwned: Remote Code Execution in Exchange PowerShell Backend
Control Your Types or Get Pwned: Remote Code Execution in Exchange PowerShell Backend
By now you have likely already heard about the in-the-wild exploitation of Exchange Server, chaining CVE-2022-41040 and CVE-2022-41082. It was originally submitted to the ZDI program by the researcher known as “DA-0x43-Dx4-DA-Hx2-Tx2-TP-S-Q from GTSC”. After successful validation, it was immediately
#zerodayinitiative#EN#2022#0-day#CVE-2022-41040#CVE-2022-41082#PowerShell
·zerodayinitiative.com·
Control Your Types or Get Pwned: Remote Code Execution in Exchange PowerShell Backend
Zero Day Initiative — CVE-2022-23088: Exploiting a Heap Overflow in the FreeBSD Wi-Fi Stack
Zero Day Initiative — CVE-2022-23088: Exploiting a Heap Overflow in the FreeBSD Wi-Fi Stack
In April of this year, FreeBSD patched a 13-year-old heap overflow in the Wi-Fi stack that could allow network-adjacent attackers to execute arbitrary code on affected installations of FreeBSD Kernel. This bug was originally reported to the ZDI program by a researcher known as m00nbsd and patched in
#zerodayinitiative#EN#2022#CVE-2022-23088#HeapOverflow#FreeBSD#Wi-Fi
·zerodayinitiative.com·
Zero Day Initiative — CVE-2022-23088: Exploiting a Heap Overflow in the FreeBSD Wi-Fi Stack
Zero Day Initiative — CVE-2022-23088: Exploiting a Heap Overflow in the FreeBSD Wi-Fi Stack
Zero Day Initiative — CVE-2022-23088: Exploiting a Heap Overflow in the FreeBSD Wi-Fi Stack
In April of this year, FreeBSD patched a 13-year-old heap overflow in the Wi-Fi stack that could allow network-adjacent attackers to execute arbitrary code on affected installations of FreeBSD Kernel. This bug was originally reported to the ZDI program by a researcher known as m00nbsd and patched in
#zerodayinitiative#EN#2022#CVE-2022-23088#HeapOverflow#FreeBSD#Wi-Fi
·zerodayinitiative.com·
Zero Day Initiative — CVE-2022-23088: Exploiting a Heap Overflow in the FreeBSD Wi-Fi Stack