CyberSecurityBoard
Sponsor Register Login

CVE-2022-2030

A directory traversal vulnerability caused by specific character sequences within an improperly sanitized URL was identified in some CGI programs of Zyxel USG FLEX 100(W) firmware versions 4.50 through 5.30, USG FLEX 200 firmware versions 4.50 through 5.30, USG FLEX 500 firmware versions 4.50 through 5.30, USG FLEX 700 firmware versions 4.50 through 5.30, USG FLEX 50(W) firmware versions 4.16 through 5.30, USG20(W)-VPN firmware versions 4.16 through 5.30, ATP series firmware versions 4.32 through 5.30, VPN series firmware versions 4.30 through 5.30, USG/ZyWALL series firmware versions 4.11 through 4.72, that could allow an authenticated attacker to access some restricted files on a vulnerable device.

Publication date: Tue, 19 Jul 2022 11:15:00 +0000


Cyber News related to CVE-2022-2030

Third Of European Businesses Have Adopted AI, AWS - AWS finds AI already adopted at sizeable number of European businesses, resulting in increased revenues, productivity. An insight into the adoption rate of artificial intelligence within the business community has been offered in a new report from ...
1 year ago Silicon.co.uk
Uncertainty Is the Biggest Challenge to Australia's Cyber Security Strategy - Political shifts could lead to changes in Australia's cyber security strategy. Early in 2023, as the Australian government started to craft its cyber security vision, it met with opposition at both ends of the political spectrum. On the right wing, ...
1 year ago Techrepublic.com
CVE-2022-48919 - In the Linux kernel, the following vulnerability has been resolved: ...
5 months ago
India Seeks Strengthened Interpol Collaboration for Real-Time Crime Prevention - India has called for coordinated efforts through Interpol channels to address transnational crimes, including terrorism, online radicalization, and cyber-enabled financial fraud, on a real-time basis, officials revealed on Friday. At the 91st General ...
1 year ago Cysecurity.news
UK Parliament Opens Inquiry into Cyber-Resilience - UK lawmakers have launched an inquiry into the cyber-resilience of critical national infrastructure, claiming the country is the third most targeted globally, after the US and Ukraine. The Science, Innovation and Technology Committee will oversee the ...
1 year ago Infosecurity-magazine.com
CVE-2016-2019 - HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2017, CVE-2016-2020, CVE-2016-2021, CVE-2016-2022, and ...
8 years ago
CVE-2016-2017 - HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2019, CVE-2016-2020, CVE-2016-2021, CVE-2016-2022, and ...
8 years ago
CVE-2016-2022 - HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2017, CVE-2016-2019, CVE-2016-2020, CVE-2016-2021, and ...
8 years ago
CVE-2016-2021 - HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2017, CVE-2016-2019, CVE-2016-2020, CVE-2016-2022, and ...
8 years ago
CVE-2016-2030 - HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2017, CVE-2016-2019, CVE-2016-2020, CVE-2016-2021, and ...
8 years ago
CVE-2016-2020 - HPE Systems Insight Manager (SIM) before 7.5.1 allows remote authenticated users to obtain sensitive information or modify data via unspecified vectors, a different vulnerability than CVE-2016-2017, CVE-2016-2019, CVE-2016-2021, CVE-2016-2022, and ...
8 years ago
CVE-2022-2030 - A directory traversal vulnerability caused by specific character sequences within an improperly sanitized URL was identified in some CGI programs of Zyxel USG FLEX 100(W) firmware versions 4.50 through 5.30, USG FLEX 200 firmware versions 4.50 ...
2 years ago
Why Cybersecurity Businesses Need a Real-Time Collaboration Tool - When the Cybercrime in a Pandemic World study was released in late 2021, the report noted that cybersecurity threats had risen 81% since the coronavirus raised its ugly head. It was a time of restrictive lockdowns, stay-at-home orders, and mask ...
2 years ago Hackread.com
How the White House sees the future of safeguarding AI - On October 30, 2023, President Biden issued an executive order to set new standards for the safety and security of Artificial Intelligence. What the executive order means for the future of AI. Since the middle of 2022, AI has quickly infiltrated ...
1 year ago Securityintelligence.com
Cyber Security Trends to Watch in Australia in 2024 - Ransomware attacks on infrastructure and mid-market businesses are tipped to rise, while the use of AI cyber tools will grow as IT customers seek more signal and less noise from vendors. The year 2023 was a big year for cyber security professionals ...
1 year ago Techrepublic.com
BT's Successor Allison Kirkby CEO On 1 February - With current chief executive Philip Jansen stepping down at the end of the month, BT confirms February start for new boss. BT Group has confirmed the start date of its first female chief executive, who will lead the former UK telecoms incumbent from ...
1 year ago Silicon.co.uk
Critical GitLab flaw allows account takeover without user interaction, patch quickly! - A critical vulnerability in GitLab CE/EE can be easily exploited by attackers to reset GitLab user account passwords. Users who have two-factor authentication enabled on their account are safe from account takeover. CVE-2023-7028 was reported through ...
1 year ago Helpnetsecurity.com CVE-2023-7028 CVE-2023-5356 CVE-2023-4812 CVE-2023-6955 CVE-2023-2030
CVE-2012-2033 - Adobe Shockwave Player before 11.6.5.635 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2029, CVE-2012-2030, CVE-2012-2031, and ...
7 years ago
CVE-2012-2030 - Adobe Shockwave Player before 11.6.5.635 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2029, CVE-2012-2031, CVE-2012-2032, and ...
7 years ago
CVE-2012-2032 - Adobe Shockwave Player before 11.6.5.635 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2029, CVE-2012-2030, CVE-2012-2031, and ...
7 years ago
CVE-2012-2031 - Adobe Shockwave Player before 11.6.5.635 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2029, CVE-2012-2030, CVE-2012-2032, and ...
7 years ago
CVE-2012-2029 - Adobe Shockwave Player before 11.6.5.635 allows attackers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors, a different vulnerability than CVE-2012-2030, CVE-2012-2031, CVE-2012-2032, and ...
7 years ago
GitLab warns of critical zero-click account hijacking vulnerability - GitLab has released security updates for both the Community and Enterprise Edition to address two critical vulnerabilities, one of them allowing account hijacking with no user interaction. The most critical security issue GitLab patched has the ...
1 year ago Bleepingcomputer.com CVE-2023-7028 CVE-2023-5356 CVE-2023-4812 CVE-2023-6955 CVE-2023-2030
2FA-less GitLab users vulnerable to account takeovers The Register - GitLab admins should apply the latest batch of security patches pronto given the new critical account-bypass vulnerability just disclosed. Tracked as CVE-2023-7028, the maximum-severity bug exploits a change introduced in version 16.1.0 back in May ...
1 year ago Go.theregister.com CVE-2023-7028 CVE-2023-5356 CVE-2023-4812 CVE-2023-6955 CVE-2023-2030
CVE-2005-2030 - Ultimate PHP Board (UPB) 1.9.6 GOLD uses weak encryption for passwords in the users.dat file, which allows attackers to easily decrypt the passwords and gain privileges, possibly after exploiting CVE-2005-2005 to obtain users.dat. ...
8 years ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)