Aggregator

CVE-2022-50223 | Linux Kernel up to 5.19.1 LoongArch /proc/cpuinfo cpu_max_bits_warn stack-based overflow (Nessus ID 246641 / WID-SEC-2025-1350)

Vuldb Updates
5 months 1 week ago
A vulnerability described as critical has been identified in Linux Kernel up to 5.19.1. Affected by this vulnerability is the function cpu_max_bits_warn of the file /proc/cpuinfo of the component LoongArch. Executing a manipulation can lead to stack-based buffer overflow. This vulnerability is tracked as CVE-2022-50223. The attack is only possible within the local network. No exploit exists. Upgrading the affected component is recommended.
vuldb.com

CVE-2022-50224 | Linux Kernel up to 5.19.1 KVM kvm_amd privilege escalation (EUVD-2022-55201 / Nessus ID 243424)

Vuldb Updates
5 months 1 week ago
A vulnerability classified as problematic has been found in Linux Kernel up to 5.19.1. Affected by this issue is the function kvm_amd of the component KVM. The manipulation leads to privilege escalation. This vulnerability is listed as CVE-2022-50224. The attack must be carried out from within the local network. There is no available exploit. It is recommended to upgrade the affected component.
vuldb.com

CVE-2022-50222 | Linux Kernel up to 5.19.1 tty vcs_read initialization (Nessus ID 271309 / WID-SEC-2025-1350)

Vuldb Updates
5 months 1 week ago
A vulnerability categorized as problematic has been discovered in Linux Kernel up to 5.19.1. The impacted element is the function vcs_read of the component tty. The manipulation results in improper initialization. This vulnerability was named CVE-2022-50222. The attack needs to be approached within the local network. There is no available exploit. It is advisable to upgrade the affected component.
vuldb.com

CVE-2022-50221 | Linux Kernel up to 5.19.1 drm_fb_helper_deferred_io out-of-bounds (WID-SEC-2025-1350)

Vuldb Updates
5 months 1 week ago
A vulnerability labeled as problematic has been found in Linux Kernel up to 5.19.1. Affected by this issue is the function drm_fb_helper_deferred_io. Executing a manipulation can lead to out-of-bounds read. The identification of this vulnerability is CVE-2022-50221. The attack needs to be done within the local network. There is no exploit available. The affected component should be upgraded.
vuldb.com

Anthropic backs Python Software Foundation security work with $1.5 million

Help Net Security
5 months 1 week ago

Anthropic has signed a two-year partnership with the Python Software Foundation (PSF), committing a total of $1.5 million to support the foundation’s work, with a focus on Python ecosystem security. Anthropic’s funding will help the PSF move its security roadmap forward, including work aimed at protecting millions of PyPI users from supply chain attacks. Planned projects include new tools that automatically review every package uploaded to PyPI, moving beyond today’s report-driven, after-the-fact checks. The PSF … More →

The post Anthropic backs Python Software Foundation security work with $1.5 million appeared first on Help Net Security.

Sinisa Markovic

Detecting browser extensions for bot detection, lessons from LinkedIn and Castle

Security Boulevard
5 months 1 week ago

Modern bot detection rarely deals with obviously fake browsers. Most large-scale automation today runs inside browser instances, with patched fingerprints, realistic behavior, and few visible automation artifacts. This pushes detection systems toward weaker, contextual signals rather than single hard indicators.

Browser extensions are one such signal.

Extensions run in separate

The post Detecting browser extensions for bot detection, lessons from LinkedIn and Castle appeared first on Security Boulevard.

Antoine Vastel

CVE-2022-50937 | Ametys CMS 4.4.1 External Link cross site scripting (Exploit 50692 / EDB-50692)

VulDB Recent Entries
5 months 1 week ago
A vulnerability was found in Ametys CMS 4.4.1. It has been classified as problematic. Affected by this issue is some unknown functionality of the component External Link Handler. The manipulation leads to cross site scripting. This vulnerability is referenced as CVE-2022-50937. Remote exploitation of the attack is possible. Furthermore, an exploit is available.
vuldb.com

CVE-2023-54336 | Infonetsoftware Mediconta 3.7.27 unquoted search path (Exploit 51064 / EDB-51064)

VulDB Recent Entries
5 months 1 week ago
A vulnerability was found in Infonetsoftware Mediconta 3.7.27 and classified as problematic. Affected by this vulnerability is an unknown functionality. Executing a manipulation can lead to unquoted search path. The identification of this vulnerability is CVE-2023-54336. The attack can only be executed locally. Furthermore, there is an exploit available.
vuldb.com

CVE-2023-53984 | Clevo HotKey Clipboard 2.1.0.6 HKClipSvc Service unquoted search path (Exploit 51206 / EDB-51206)

VulDB Recent Entries
5 months 1 week ago
A vulnerability, which was classified as problematic, has been found in Clevo HotKey Clipboard 2.1.0.6. This affects an unknown function of the component HKClipSvc Service. This manipulation causes unquoted search path. This vulnerability is handled as CVE-2023-53984. It is possible to launch the attack on the local host. Additionally, an exploit exists.
vuldb.com

CVE-2022-50938 | Contpaqi CONTPAQ AdminPAQ 14.0.0 AppKeyLicenseServer Service unquoted search path (Exploit 50690 / EDB-50690)

VulDB Recent Entries
5 months 1 week ago
A vulnerability classified as problematic has been found in Contpaqi CONTPAQ AdminPAQ 14.0.0. The affected element is an unknown function of the component AppKeyLicenseServer Service. The manipulation leads to unquoted search path. This vulnerability is traded as CVE-2022-50938. An attack has to be approached locally. Furthermore, there is an exploit available.
vuldb.com

Managed ad