Exploit for Missing Authentication for Critical Function in F5 Big-Ip Access Policy Manager

# CVE-2022-1388 > CVE-2022-1388 F5 BIG-IP iControl REST Auth By...Read More ...

Continue Reading
Cisco RV340 JSON RPC set-snmp Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Cisco RV340 routers. Although authentication is required to exploit this vulnerability, the ...

Continue Reading
Cisco RV340 JSON RPC set-snmp Command Injection Remote Code Execution Vulnerability

This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Cisco RV340 routers. Although authentication is required to exploit this vulnerability, the ...

Continue Reading
Deserialization of Untrusted Data in Apache Dubbo

Apache Dubbo prior to 2.6.9 and 2.7.10 by default supports generic calls to arbitrary methods exposed by provider interfaces. These invocations are handled by the GenericFilter which will find the ser ...

Continue Reading
(Pwn2Own) Cisco RV340 JSON RPC file-copy Command Injection Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Cisco RV340 routers. An attacker must first obtain the ability to execute low-privileged code on the targe ...

Continue Reading
Duo of Android dropper and payload target certain countries and app users

After making its first in-the-wild appearance in March 2021, Vultur—an information-stealing RAT that runs on Android—is back. And its dropper is equally nasty. Vultur (Romanian for "vulture") is kno ...

Continue Reading

Back to Main

Subscribe for the latest news: