RedPacket Security - InfoSec News & Tutorials

WWBN AVideo objects/aVideoEncoder.json.php SQL injection | CVE-2022-33147

August 18, 2022

NAME WWBN AVideo objects/aVideoEncoder.json.php SQL injection Platforms Affected:WWBN AVideo 11.6 WWBN AVideo dev master commit 3f7c0364Risk Level:8.3Exploitability:HighConsequences:Data Manipulation DESCRIPTION WWBN...

WWBN AVideo cloneServer.json.php SQL injection | CVE-2022-33149

August 18, 2022

NAME WWBN AVideo cloneServer.json.php SQL injection Platforms Affected:WWBN AVideo 11.6 WWBN AVideo dev master commit 3f7c0364Risk Level:8.3Exploitability:HighConsequences:Data Manipulation DESCRIPTION WWBN...

Google Chrome Chrome OS Shell code execution | CVE-2022-2859

August 18, 2022

NAME Google Chrome Chrome OS Shell code execution Platforms Affected:Google Chrome 104.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Google Chrome could allow a...

Google Chrome Blink code execution | CVE-2022-2857

August 18, 2022

NAME Google Chrome Blink code execution Platforms Affected:Google Chrome 104.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Google Chrome could allow a remote attacker...

Apple iOS and iPadOS code execution | CVE-2022-32893

August 18, 2022

NAME Apple iOS and iPadOS code execution Platforms Affected:Apple macOS Monterey 12.5 Apple iOS 15.6 Apple iPadOS 15.6Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access...

Emerson Proficy Machine Edition directory traversal | CVE-2022-2788

August 18, 2022

NAME Emerson Proficy Machine Edition directory traversal Platforms Affected:Emerson Proficy Machine Edition 9.80Risk Level:9.3Exploitability:UnprovenConsequences:File Manipulation DESCRIPTION Emerson Proficy Machine Edition...

WWBN AVideo privilege escalation | CVE-2022-30605

August 18, 2022

NAME WWBN AVideo privilege escalation Platforms Affected:WWBN AVideo 11.6 WWBN AVideo dev master commit 3f7c0364Risk Level:8.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION WWBN AVideo...

WWBN AVideo cross-site scripting | CVE-2022-26842

August 18, 2022

NAME WWBN AVideo cross-site scripting Platforms Affected:WWBN AVideo 11.6 WWBN AVideo dev master commit 3f7c0364Risk Level:9.6Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION WWBN AVideo...

PortBloque S security bypass | CVE-2022-2662

August 18, 2022

NAME PortBloque S security bypass Platforms Affected:Sequi PortBloque SRisk Level:9.6Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION PortBloque S could allow a remote attacker to...

Google Chrome Sign-In Flow code execution | CVE-2022-2858

August 18, 2022

NAME Google Chrome Sign-In Flow code execution Platforms Affected:Google Chrome 104.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Google Chrome could allow a remote...

Google Chrome FedCM code execution | CVE-2022-2852

August 18, 2022

NAME Google Chrome FedCM code execution Platforms Affected:Google Chrome 104.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Google Chrome could allow a remote attacker...

Google Chrome SwiftShader code execution | CVE-2022-2854

August 18, 2022

NAME Google Chrome SwiftShader code execution Platforms Affected:Google Chrome 104.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Google Chrome could allow a remote attacker...

WWBN AVideo add.json.php SQL injection | CVE-2022-33148

August 18, 2022

NAME WWBN AVideo add.json.php SQL injection Platforms Affected:WWBN AVideo 11.6 WWBN AVideo dev master commit 3f7c0364Risk Level:8.3Exploitability:HighConsequences:Data Manipulation DESCRIPTION WWBN...

Google Chrome ANGLE code execution | CVE-2022-2855

August 18, 2022

NAME Google Chrome ANGLE code execution Platforms Affected:Google Chrome 104.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Google Chrome could allow a remote attacker...

PoC exploit code for critical Realtek RCE flaw released online

August 18, 2022

Exploit code for a critical vulnerability affecting networking devices using Realtek RTL819x system on a chip released online. The PoC...

Daily Vulnerability Trends: Thu Aug 18 2022

August 18, 2022

Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-37393Zimbra's sudo configuration permits the zimbra user to execute the zmslapd binary...

Black Hat USA 2022 and DEF CON 30

August 18, 2022

Black Hat 2022 USA Briefings wrapped up this past week, along with its sister conference DEF CON 30. The DEF...

BlackCat/ALPHV Ransomware Victim: Accelya

August 18, 2022

BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...

China-linked RedAlpha behind multi-year credential theft campaign

August 18, 2022

A China-linked APT group named RedAlpha is behind a long-running mass credential theft campaign aimed at organizations worldwide. Recorded Future researchers attributed...