[![GitLab](https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEhYZc3xYQ_xTXXfsk007TJAn60GvkJhGi8DmGccVWI-5Hz6rfxffac_G66fUvQznRCD2iQE0EKVjScj-_jN2jDNELZuOOAD_G9PeXPgassb1gL7fza19-INkXB2NvDqgWwaS ...

Continue Reading

August 24, 2022

Movable Type XMLRPC API provided by Six Apart Ltd. contains a command injection vulnerability ([CWE-74]()). Sending a specially crafted message by POST method to Movable Type XMLRPC API may allow arbi ...

Continue Reading

August 23, 2022

A use-after-free flaw was found in libvirt. The qemuMonitorUnregister() function in qemuProcessHandleMonitorEOF is called using multiple threads without being adequately protected by a monitor lock. T ...

Continue Reading

August 23, 2022

HTML injection combined with path traversal in the Email service in Gravitee API Management before 1.25.3 allows anonymous users to read arbitrary files via a /management/users/register request.Read M ...

Continue Reading

August 22, 2022

Incorrect default permissions in the installation binaries for Intel(R) SEAPI all versions may allow an authenticated user to potentially enable escalation of privilege via local access.Read More ...

Continue Reading

August 22, 2022

Uncontrolled search path in the installation binaries for Intel(R) SEAPI all versions may allow an authenticated user to potentially enable escalation of privilege via local access.Read More ...

Continue Reading

August 22, 2022

Insufficiently protected credentials in the installation binaries for Intel(R) SEAPI in all versions may allow an authenticated user to potentially enable escalation of privilege via local access.Read ...

Continue Reading

August 22, 2022

Today, Microsoft is excited to publish our second edition of [**Cyber Signals**](), spotlighting security trends and insights gathered from Microsoft’s 43 trillion security signals and 8,500 security ...

Continue Reading

August 22, 2022