CVE-2022-40304
published 2022-11-23CVE-2022-40304: An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic…
PriorityP278high7.8CVSS 3.1
AVLACLPRNUIRSUCHIHAH
ITWVulnCheck KEV
Exploited in the wild
EPSS
6.78%
93.2th percentile
An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked.
Affected
27 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | ios_15.7.2_and_ipados | — | — |
| apple | ios_16.1.1_and_ipados | — | — |
| apple | ipados | < 15.7.2 | 15.7.2 |
| apple | iphone_os | < 15.7.2 | 15.7.2 |
| apple | macos | >= 11.0 < 11.7.2 | 11.7.2 |
| apple | macos | >= 12.0 < 12.6.2 | 12.6.2 |
| apple | macos_big_sur | — | — |
| apple | macos_monterey | — | — |
| apple | macos_ventura | — | — |
| apple | tvos | < 16.2 | 16.2 |
| apple | tvos16.2 | — | — |
| apple | watchos | < 9.2 | 9.2 |
| apple | watchos | — | — |
| debian | libxml2 | < libxml2 2.9.14+dfsg-1.1 (bookworm) | libxml2 2.9.14+dfsg-1.1 (bookworm) |
| msrc | cbl2_libxml2_2.10.3-1_on_cbl_mariner_2.0 | — | — |
| msrc | cm1_libxml2_2.9.14-3_on_cbl_mariner_1.0 | — | — |
| nokogiri | nokogiri | >= 0 < 1.13.9 | 1.13.9 |
| xmlsoft | libxml2 | < 2.10.3 | 2.10.3 |
| xmlsoft | libxml2 | >= 0 < 2.9.10+dfsg-6.7+deb11u3 | 2.9.10+dfsg-6.7+deb11u3 |
| xmlsoft | libxml2 | >= 0 < 2.9.14+dfsg-1.1 | 2.9.14+dfsg-1.1 |
| xmlsoft | libxml2 | >= 0 < 2.9.14+dfsg-1.1 | 2.9.14+dfsg-1.1 |
| xmlsoft | libxml2 | >= 0 < 2.9.14+dfsg-1.1 | 2.9.14+dfsg-1.1 |
| xmlsoft | libxml2 | >= 0 < 2.9.4+dfsg1-6.1ubuntu1.8 | 2.9.4+dfsg1-6.1ubuntu1.8 |
| xmlsoft | libxml2 | >= 0 < 2.9.10+dfsg-5ubuntu0.20.04.5 | 2.9.10+dfsg-5ubuntu0.20.04.5 |
| xmlsoft | libxml2 | >= 0 < 2.9.13+dfsg-1ubuntu0.2 | 2.9.13+dfsg-1ubuntu0.2 |
Detection & IOCsextracted from sources · hover to see the quote
- →CVE-2022-40304 involves invalid XML entity definitions that corrupt a hash table key in libxml2, potentially leading to a double-free condition; monitor for malformed XML entity definitions being parsed by libxml2 versions before 2.10.3 ↗
- →Apple reported active exploitation of this issue against iOS versions released before iOS 15.7.1; prioritize detection and patching on Apple platforms ↗
- ·CVE-2022-40304 is a local (non-remote) vulnerability per Oracle advisories; remote exploit is listed as No, limiting attack surface to local or file-based vectors ↗
- ·The vulnerability affects libxml2 before version 2.10.3; patched via Apple out-of-band updates for iOS and macOS ↗
CVSS provenance
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
ghsa7.5HIGH
osv7.8HIGH
vulncheck7.8HIGH
vendor_debian7.8HIGH
vendor_msrc7.8HIGH
vendor_oracle7.8HIGH
vendor_redhat7.8HIGH
vendor_ubuntu7.5HIGH
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Siemens SCALANCE W700
cisa_ics·2025-02-13
Siemens SCALANCE W700
ICS Advisory
##
Siemens SCALANCE W700
Release DateFebruary 13, 2025
Alert CodeICSA-25-044-09
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v3 9.8
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: SCALANCE W700
- Vulnerabilities: Double Free, Improper Restriction of Communication Channel to Intended Endpoints, Improper Resource Sh
CISA ICS
Siemens SIMATIC and SIPLUS
cisa_ics·2024-06-13
Siemens SIMATIC and SIPLUS
ICS Advisory
##
Siemens SIMATIC and SIPLUS
Release DateJune 13, 2024
Alert CodeICSA-24-165-10
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v3 9.8
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: SIMATIC, SIPLUS
- Vulnerabilities: Inadequate Encryption Strength, Improper Restriction of Operations within the Bounds of a Memory Bu
CISA ICS
Siemens ST7 ScadaConnect
cisa_ics·2024-06-13·CVSS 7.5
[HIGH] Siemens ST7 ScadaConnect
ICS Advisory
##
Siemens ST7 ScadaConnect
Release DateJune 13, 2024
Alert CodeICSA-24-165-04
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v3 8.2
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: ST7 ScadaConnect
- Vulnerabilities: Integer Overflow or Wraparound, Double Free, Improper Certificate Validation, Inefficient Regular Ex
CISA ICS
Siemens TIM 1531 IRC
cisa_ics·2024-06-13·CVSS 5.5
[MEDIUM] Siemens TIM 1531 IRC
ICS Advisory
##
Siemens TIM 1531 IRC
Release DateJune 13, 2024
Alert CodeICSA-24-165-06
Related topics:
Industrial Control System Vulnerabilities, Industrial Control Systems
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v4 6.9
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: SIPLUS TIM 1531 IRC
- Vulnerabilities: Improper Input Validation, Out-of-bounds Write, Inadequate Encryption Strength, Double Free, Missing
CISA ICS
Siemens Telecontrol Server Basic
cisa_ics·2024-04-11
Siemens Telecontrol Server Basic
ICS Advisory
##
Siemens Telecontrol Server Basic
Release DateApril 11, 2024
Alert CodeICSA-24-102-08
As of January 10, 2023, CISA will no longer be updating ICS security advisories for Siemens product vulnerabilities beyond the initial advisory. For the most up-to-date information on vulnerabilities in this advisory, please see Siemens' ProductCERT Security Advisories (CERT Services | Services | Siemens Global).
View CSAF
## 1. EXECUTIVE SUMMARY
- CVSS v3 8.8
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: Telecontrol Server Basic
- Vulnerabilities: Inadequate Encryption Strength, Double Free, Integer Overflow or Wraparound, External Control of File Name or Path, Path Traversal, Improper Input Validation, Missing Encry
Oracle
Oracle Oracle Communications Risk Matrix: Install/Upgrade (libxml2) — CVE-2022-40304
vendor_oracle·2023-04-15·CVSS 7.8
CVE-2022-40304 [HIGH] Oracle Oracle Communications Risk Matrix: Install/Upgrade (libxml2) — CVE-2022-40304
Oracle Oracle Communications Risk Matrix: Install/Upgrade (libxml2) vulnerability
CVE: CVE-2022-40304
CVSS: 7.8
Protocol: None
Remote exploit: No
Affected versions: Local
Advisory: cpuapr2023 (APR 2023)
Oracle
Oracle Oracle Communications Risk Matrix: Oracle Linux (libxml2) — CVE-2022-40304
vendor_oracle·2023-01-15·CVSS 7.8
CVE-2022-40304 [HIGH] Oracle Oracle Communications Risk Matrix: Oracle Linux (libxml2) — CVE-2022-40304
Oracle Oracle Communications Risk Matrix: Oracle Linux (libxml2) vulnerability
CVE: CVE-2022-40304
CVSS: 7.8
Protocol: None
Remote exploit: No
Affected versions: Local
Advisory: cpujan2023 (JAN 2023)
Apple
CVE-2022-40304: macOS Big Sur 11.7.2
vendor_apple·2022-12-13·CVSS 7.8
CVE-2022-40304 [HIGH] CVE-2022-40304: macOS Big Sur 11.7.2
Apple Security Update: About the security content of macOS Big Sur 11.7.2
Product: macOS Big Sur
Version: 11.7.2
CVE: CVE-2022-40304
Component: Kernel
Impact: A remote user may be able to cause kernel code execution
Description: The issue was addressed with improved memory handling.
Apple
CVE-2022-40304: tvOS16.2
vendor_apple·2022-12-13·CVSS 7.8
CVE-2022-40304 [HIGH] CVE-2022-40304: tvOS16.2
Apple Security Update: About the security content of tvOS16.2
Product: tvOS16.2
CVE: CVE-2022-40304
Component: Kernel
Impact: An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. Apple is aware of a report that this issue may have been exploited against versions of iOS released before iOS 15.7.1.
Description: The issue was addressed with improved checks.
Apple
CVE-2022-40304: iOS 15.7.2 and iPadOS 15.7.2
vendor_apple·2022-12-13·CVSS 7.8
CVE-2022-40304 [HIGH] CVE-2022-40304: iOS 15.7.2 and iPadOS 15.7.2
Apple Security Update: About the security content of iOS 15.7.2 and iPadOS 15.7.2
Product: iOS 15.7.2 and iPadOS
Version: 15.7.2
CVE: CVE-2022-40304
Component: Kernel
Impact: An app may be able to execute arbitrary code with kernel privileges
Description: A race condition was addressed with additional validation.
Apple
CVE-2022-40304: macOS Monterey 12.6.2
vendor_apple·2022-12-13·CVSS 7.8
CVE-2022-40304 [HIGH] CVE-2022-40304: macOS Monterey 12.6.2
Apple Security Update: About the security content of macOS Monterey 12.6.2
Product: macOS Monterey
Version: 12.6.2
CVE: CVE-2022-40304
Component: Kernel
Impact: A remote user may be able to cause kernel code execution
Description: The issue was addressed with improved memory handling.
Apple
CVE-2022-40304: watchOS 9.2
vendor_apple·2022-12-13·CVSS 7.8
CVE-2022-40304 [HIGH] CVE-2022-40304: watchOS 9.2
Apple Security Update: About the security content of watchOS 9.2
Product: watchOS
Version: 9.2
CVE: CVE-2022-40304
Component: Kernel
Impact: An attacker with arbitrary read and write capability may be able to bypass Pointer Authentication. Apple is aware of a report that this issue may have been exploited against versions of iOS released before iOS 15.7.1.
Description: The issue was addressed with improved checks.
Ubuntu
libxml2 vulnerabilities
vendor_ubuntu·2022-12-05·CVSS 7.5
CVE-2022-40304 [HIGH] libxml2 vulnerabilities
Title: libxml2 vulnerabilities
Summary: Several security issues were fixed in libxml2.
It was discovered that libxml2 incorrectly handled certain XML files.
An attacker could possibly use this issue to cause a crash.
(CVE-2022-2309)
It was discovered that libxml2 incorrectly handled certain XML files.
An attacker could possibly use this issue to expose sensitive information
or cause a crash. (CVE-2022-40303)
It was discovered that libxml2 incorrectly handled certain XML files.
An attacker could possibly use this issue to execute arbitrary code.
(CVE-2022-40304)
Instructions: In general, a standard system update will make all the necessary changes.
Ubuntu
libxml2 vulnerabilities
vendor_ubuntu·2022-12-05·CVSS 7.5
CVE-2022-40304 [HIGH] libxml2 vulnerabilities
Title: libxml2 vulnerabilities
Summary: Several security issues were fixed in libxml2.
USN-5760-1 fixed vulnerabilities in libxml2. This update provides the
corresponding updates for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that libxml2 incorrectly handled certain XML files.
An attacker could possibly use this issue to expose sensitive information
or cause a crash. (CVE-2022-40303)
It was discovered that libxml2 incorrectly handled certain XML files.
An attacker could possibly use this issue to execute arbitrary code.
(CVE-2022-40304)
Instructions: In general, a standard system update will make all the necessary changes.
Apple
CVE-2022-40304: iOS 16.1.1 and iPadOS 16.1.1
vendor_apple·2022-11-09·CVSS 7.8
CVE-2022-40304 [HIGH] CVE-2022-40304: iOS 16.1.1 and iPadOS 16.1.1
Apple Security Update: About the security content of iOS 16.1.1 and iPadOS 16.1.1
Product: iOS 16.1.1 and iPadOS
Version: 16.1.1
CVE: CVE-2022-40304
Component: About Apple security updates
Impact: A remote user may be able to cause unexpected app termination or arbitrary code execution
Description: An integer overflow was addressed through improved input validation.
Apple
CVE-2022-40304: macOS Ventura 13.0.1
vendor_apple·2022-11-09·CVSS 7.8
CVE-2022-40304 [HIGH] CVE-2022-40304: macOS Ventura 13.0.1
Apple Security Update: About the security content of macOS Ventura 13.0.1
Product: macOS Ventura
Version: 13.0.1
CVE: CVE-2022-40304
Component: About Apple security updates
Impact: A remote user may be able to cause unexpected app termination or arbitrary code execution
Description: An integer overflow was addressed through improved input validation.
Microsoft
An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key potentially leading to subsequent logic errors. In one case a double-free can be p
vendor_msrc·2022-11-08·CVSS 7.8
CVE-2022-40304 [HIGH] CWE-415 An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key potentially leading to subsequent logic errors. In one case a double-free can be p
An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key potentially leading to subsequent logic errors. In one case a double-free can be provoked.
FAQ: Is Azure Linux the only Microsoft product that includes this open-source library and is therefore potentially affected by this vulnerability?
One of the main benefits to our customers who choose to use the Azure Linux distro is the commitment to keep it up to date with the most recent and most secure versions of the open source libraries with which the distro is composed. Microsoft is committed to transparency in this work which is why we began publishing CSAF/VEX in October 2025. See this blog post for more information. If impact to additional products is identified, we will up
Red Hat
libxml2: dict corruption caused by entity reference cycles
vendor_redhat·2022-10-14·CVSS 7.8
CVE-2022-40304 [HIGH] CWE-415 libxml2: dict corruption caused by entity reference cycles
libxml2: dict corruption caused by entity reference cycles
An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked.
A flaw was found in libxml2. When a reference cycle is detected in the XML entity cleanup function the XML entity data can be stored in a dictionary. In this case, the dictionary becomes corrupted resulting in logic errors, including memory errors like double free.
Statement: The most likely impact of this flaw is a Denial of Service in the application linked to the library. To reflect this, Red Hat Product Security has rated this flaw as having a moderate security impact.
Package: libxml2 (Red Hat Enterprise Linux 6) -
Debian
CVE-2022-40304: libxml2 - An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity def...
vendor_debian·2022·CVSS 7.8
CVE-2022-40304 [HIGH] CVE-2022-40304: libxml2 - An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity def...
An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked.
Scope: local
bookworm: resolved (fixed in 2.9.14+dfsg-1.1)
bullseye: resolved (fixed in 2.9.10+dfsg-6.7+deb11u3)
forky: resolved (fixed in 2.9.14+dfsg-1.1)
sid: resolved (fixed in 2.9.14+dfsg-1.1)
trixie: resolved (fixed in 2.9.14+dfsg-1.1)
OSV
libxml2 vulnerabilities
osv·2022-12-05·CVSS 7.5
CVE-2022-40303 [HIGH] libxml2 vulnerabilities
libxml2 vulnerabilities
USN-5760-1 fixed vulnerabilities in libxml2. This update provides the
corresponding updates for Ubuntu 14.04 ESM and Ubuntu 16.04 ESM.
Original advisory details:
It was discovered that libxml2 incorrectly handled certain XML files.
An attacker could possibly use this issue to expose sensitive information
or cause a crash. (CVE-2022-40303)
It was discovered that libxml2 incorrectly handled certain XML files.
An attacker could possibly use this issue to execute arbitrary code.
(CVE-2022-40304)
OSV
libxml2 vulnerabilities
osv·2022-12-05·CVSS 7.5
CVE-2022-2309 [HIGH] libxml2 vulnerabilities
libxml2 vulnerabilities
It was discovered that libxml2 incorrectly handled certain XML files.
An attacker could possibly use this issue to cause a crash.
(CVE-2022-2309)
It was discovered that libxml2 incorrectly handled certain XML files.
An attacker could possibly use this issue to expose sensitive information
or cause a crash. (CVE-2022-40303)
It was discovered that libxml2 incorrectly handled certain XML files.
An attacker could possibly use this issue to execute arbitrary code.
(CVE-2022-40304)
OSV
CVE-2022-40304: An issue was discovered in libxml2 before 2
osv·2022-11-23·CVSS 7.8
CVE-2022-40304 [HIGH] CVE-2022-40304: An issue was discovered in libxml2 before 2
An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked.
GHSA
GHSA-g848-pppp-vg6f: An issue was discovered in libxml2 before 2
ghsa_unreviewed·2022-11-23
CVE-2022-40304 [HIGH] CWE-415 GHSA-g848-pppp-vg6f: An issue was discovered in libxml2 before 2
An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked.
OSV
Update bundled libxml2 to v2.10.3 to resolve multiple CVEs
osv·2022-10-18·CVSS 7.5
CVE-2022-2309 [HIGH] Update bundled libxml2 to v2.10.3 to resolve multiple CVEs
Update bundled libxml2 to v2.10.3 to resolve multiple CVEs
### Summary
Nokogiri v1.13.9 upgrades the packaged version of its dependency libxml2 to [v2.10.3](https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.10.3) from v2.9.14.
libxml2 v2.10.3 addresses the following known vulnerabilities:
- [CVE-2022-2309](https://nvd.nist.gov/vuln/detail/CVE-2022-2309)
- [CVE-2022-40304](https://nvd.nist.gov/vuln/detail/CVE-2022-40304)
- [CVE-2022-40303](https://nvd.nist.gov/vuln/detail/CVE-2022-40303)
Please note that this advisory only applies to the CRuby implementation of Nokogiri `= 1.13.9`.
Users who are unable to upgrade Nokogiri may also choose a more complicated mitigation: compile and link Nokogiri against external libraries libxml2 `>= 2.10.3` which will also address these same issues.
GHSA
Update bundled libxml2 to v2.10.3 to resolve multiple CVEs
ghsa·2022-10-18·CVSS 7.5
CVE-2022-2309 [HIGH] Update bundled libxml2 to v2.10.3 to resolve multiple CVEs
Update bundled libxml2 to v2.10.3 to resolve multiple CVEs
### Summary
Nokogiri v1.13.9 upgrades the packaged version of its dependency libxml2 to [v2.10.3](https://gitlab.gnome.org/GNOME/libxml2/-/releases/v2.10.3) from v2.9.14.
libxml2 v2.10.3 addresses the following known vulnerabilities:
- [CVE-2022-2309](https://nvd.nist.gov/vuln/detail/CVE-2022-2309)
- [CVE-2022-40304](https://nvd.nist.gov/vuln/detail/CVE-2022-40304)
- [CVE-2022-40303](https://nvd.nist.gov/vuln/detail/CVE-2022-40303)
Please note that this advisory only applies to the CRuby implementation of Nokogiri `= 1.13.9`.
Users who are unable to upgrade Nokogiri may also choose a more complicated mitigation: compile and link Nokogiri against external libraries libxml2 `>= 2.10.3` which will also address these same issues.
VulnCheck
xmlsoft libxml2 Double Free
vulncheck·2022·CVSS 7.8
CVE-2022-40304 [HIGH] xmlsoft libxml2 Double Free
xmlsoft libxml2 Double Free
An issue was discovered in libxml2 before 2.10.3. Certain invalid XML entity definitions can corrupt a hash table key, potentially leading to subsequent logic errors. In one case, a double-free can be provoked.
Affected: xmlsoft libxml2
Required Action: Apply remediations or mitigations per vendor instructions or discontinue use of the product if remediation or mitigations are unavailable.
Exploitation References: https://support.apple.com/kb/HT213531
No detection rules found.
No public exploits indexed.
Checkpoint
14th November– Threat Intelligence Report
blogs_checkpoint·2022-11-14
CVE-2022-20465 14th November– Threat Intelligence Report
Latest Publications
CPR Podcast Channel
AI Research
Web 3.0 Security
Intelligence Reports
ThreatCloud AI
Threat Intelligence & Research
Zero Day Protection
Sandblast File Analysis
About Us
SUBSCRIBE
2026
2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
## 14th November– Threat Intelligence Report
For the latest discoveries in cyber research for the week of 14th November, please download our Threat Intelligence Bulletin .
Top Attacks and Breaches
The Australian Federal Police has disclosed that the hacking group responsible for the massive Medibank hack that compromised the personal information of 9.7 million customers is based in Russia. The group’s identity was not yet published.
Black Basta ransomware group has launched a cyberattack against Canadian grocery
Checkpoint
14th November– Threat Intelligence Report
blogs_checkpoint·2022-11-14
CVE-2022-20465 14th November– Threat Intelligence Report
Top Attacks and Breaches
The Australian Federal Police has disclosed that the hacking group responsible for the massive Medibank hack that compromised the personal information of 9.7 million customers is based in Russia. The group’s identity was not yet published.
Black Basta ransomware group has launched a cyberattack against Canadian grocery and pharmacy chain store Sobeys, impacting some of the company’s in-store services and operations.
Check Point Harmony Endpoint and Threat Emulation provide protection against this threat (Banker.Wins.Carbanak.*; Ransomware.Win.BlackBasta.*)
Security Researchers have disclosed two new surveillance campaigns targeting Uyghurs in the People’s Republic of China and abroad with BadBazaar and MOONSHINE spyware.
Threat actors are mass spreading scam e
http://seclists.org/fulldisclosure/2022/Dec/21http://seclists.org/fulldisclosure/2022/Dec/24http://seclists.org/fulldisclosure/2022/Dec/25http://seclists.org/fulldisclosure/2022/Dec/26http://seclists.org/fulldisclosure/2022/Dec/27https://gitlab.gnome.org/GNOME/libxml2/-/commit/1b41ec4e9433b05bb0376be4725804c54ef1d80bhttps://gitlab.gnome.org/GNOME/libxml2/-/tagshttps://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3https://security.netapp.com/advisory/ntap-20221209-0003/https://support.apple.com/kb/HT213531https://support.apple.com/kb/HT213533https://support.apple.com/kb/HT213534https://support.apple.com/kb/HT213535https://support.apple.com/kb/HT213536http://seclists.org/fulldisclosure/2022/Dec/21http://seclists.org/fulldisclosure/2022/Dec/24http://seclists.org/fulldisclosure/2022/Dec/25http://seclists.org/fulldisclosure/2022/Dec/26http://seclists.org/fulldisclosure/2022/Dec/27https://gitlab.gnome.org/GNOME/libxml2/-/commit/1b41ec4e9433b05bb0376be4725804c54ef1d80bhttps://gitlab.gnome.org/GNOME/libxml2/-/tagshttps://gitlab.gnome.org/GNOME/libxml2/-/tags/v2.10.3https://security.netapp.com/advisory/ntap-20221209-0003/https://support.apple.com/kb/HT213531https://support.apple.com/kb/HT213533https://support.apple.com/kb/HT213534https://support.apple.com/kb/HT213535https://support.apple.com/kb/HT213536
2022-11-23
Published
Exploited in the wild