βΌ CVE-2022-0758 βΌ
π Read
via "National Vulnerability Database".
Rapid7 Nexpose versions 6.6.129 and earlier suffer from a reflected cross site scripting vulnerability, within the shared scan configuration component of the tool. With this vulnerability an attacker could pass literal values as the test credentials, providing the opportunity for a potential XSS attack. This issue is fixed in Rapid7 Nexpose version 6.6.130.π Read
via "National Vulnerability Database".
π1
βΌ CVE-2021-44088 βΌ
π Read
via "National Vulnerability Database".
An SQL Injection vulnerability exists in Sourcecodester Attendance and Payroll System v1.0 which allows a remote attacker to bypass authentication via unsanitized login parameters.π Read
via "National Vulnerability Database".
βΌ CVE-2021-44087 βΌ
π Read
via "National Vulnerability Database".
A Remote Code Execution (RCE) vulnerability exists in Sourcecodester Attendance and Payroll System v1.0 which allows an unauthenticated remote attacker to upload a maliciously crafted PHP via photo upload.π Read
via "National Vulnerability Database".
βΌ CVE-2022-0237 βΌ
π Read
via "National Vulnerability Database".
Rapid7 Insight Agent versions 3.1.2.38 and earlier suffer from a privilege escalation vulnerability, whereby an attacker can hijack the flow of execution due to an unquoted argument to the runas.exe command used by the ir_agent.exe component, resulting in elevated rights and persistent access to the machine. This issue was fixed in Rapid7 Insight Agent version 3.1.3.80.π Read
via "National Vulnerability Database".
βΌ CVE-2022-0757 βΌ
π Read
via "National Vulnerability Database".
Rapid7 Nexpose versions 6.6.93 and earlier are susceptible to an SQL Injection vulnerability, whereby valid search operators are not defined. This lack of validation can allow an attacker to manipulate the "ANY" and "OR" operators in the SearchCriteria and inject SQL code. This issue was fixed in Rapid7 Nexpose version 6.6.129.π Read
via "National Vulnerability Database".
βΌ CVE-2021-43961 βΌ
π Read
via "National Vulnerability Database".
Sonatype Nexus Repository Manager 3.36.0 allows HTML Injection.π Read
via "National Vulnerability Database".
βΌ CVE-2022-26965 βΌ
π Read
via "National Vulnerability Database".
In Pluck 4.7.16, an admin user can use the theme upload functionality at /admin.php?action=themeinstall to perform remote code execution.π Read
via "National Vulnerability Database".
βΌ CVE-2022-27240 βΌ
π Read
via "National Vulnerability Database".
scheme/webauthn.c in Glewlwyd SSO server 2.x before 2.6.2 has a buffer overflow associated with a webauthn assertion.π Read
via "National Vulnerability Database".
βΌ CVE-2021-45966 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in Pascom Cloud Phone System before 7.20.x. In the management REST API, /services/apply in exd.pl allows remote attackers to execute arbitrary code via shell metacharacters.π Read
via "National Vulnerability Database".
βΌ CVE-2021-45967 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in Pascom Cloud Phone System before 7.20.x. A configuration error between NGINX and a backend Tomcat server leads to a path traversal in the Tomcat server, exposing unintended endpoints.π Read
via "National Vulnerability Database".
βΌ CVE-2021-45868 βΌ
π Read
via "National Vulnerability Database".
In the Linux kernel before 5.15.3, fs/quota/quota_tree.c does not validate the block number in the quota tree (on disk). This can, for example, lead to a kernel/locking/rwsem.c use-after-free if there is a corrupted quota file.π Read
via "National Vulnerability Database".
βΌ CVE-2021-45968 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in xmppserver jar in the XMPP Server component of the JIve platform, as used in Pascom Cloud Phone System before 7.20.x (and in other products). An endpoint in the backend Tomcat server of the Pascom allows SSRF, a related issue to CVE-2019-18394.π Read
via "National Vulnerability Database".
βΌ CVE-2022-27191 βΌ
π Read
via "National Vulnerability Database".
golang.org/x/crypto/ssh before 0.0.0-20220314234659-1baeb1ce4c0b in Go through 1.16.15 and 1.17.x through 1.17.8 allows an attacker to crash a server in certain circumstances involving AddHostKey.π Read
via "National Vulnerability Database".
βΌ CVE-2021-22571 βΌ
π Read
via "National Vulnerability Database".
A local attacker could read files from some other users' SA360 reports stored in the /tmp folder during staging process before the files are loaded in BigQuery. We recommend upgrading to version 1.0.3 or above.π Read
via "National Vulnerability Database".
π1
βΌ CVE-2021-45834 βΌ
π Read
via "National Vulnerability Database".
An attacker can upload or transfer files of dangerous types to the OpenDocMan 1.4.4 portal via add.php using MIME-bypass, which may be automatically processed within the product's environment or lead to arbitrary code execution.π Read
via "National Vulnerability Database".
βΌ CVE-2021-45835 βΌ
π Read
via "National Vulnerability Database".
The Online Admission System 1.0 allows an unauthenticated attacker to upload or transfer files of dangerous types to the application through documents.php, which may be used to execute malicious code or lead to code execution.π Read
via "National Vulnerability Database".
βΌ CVE-2022-24655 βΌ
π Read
via "National Vulnerability Database".
A stack overflow vulnerability exists in the upnpd service in Netgear EX6100v1 201.0.2.28, CAX80 2.1.2.6, and DC112A 1.0.0.62, which may lead to the execution of arbitrary code without authentication.π Read
via "National Vulnerability Database".
π€1
π΄ The Road Ahead for Cyber and Infrastructure Security π΄
π Read
via "Dark Reading".
Despite cost, it's time to focus on securing legacy systems and physical infrastructure along with digital systems.π Read
via "Dark Reading".
Dark Reading
The Road Ahead for Cyber and Infrastructure Security
Despite cost, it's time to focus on securing legacy systems and physical infrastructure along with digital systems.
π1
βΌ CVE-2022-24595 βΌ
π Read
via "National Vulnerability Database".
Automotive Grade Linux Kooky Koi 11.0.0, 11.0.1, 11.0.2, 11.0.3, 11.0.4, and 11.0.5 is affected by Incorrect Access Control in usr/bin/afb-daemon. To exploit the vulnerability, an attacker should send a well-crafted HTTP (or WebSocket) request to the socket listened by the afb-daemon process. No credentials nor user interactions are required.π Read
via "National Vulnerability Database".
βΌ CVE-2022-0742 βΌ
π Read
via "National Vulnerability Database".
Memory leak in icmp6 implementation in Linux Kernel 5.13+ allows a remote attacker to DoS a host by making it go out-of-memory via icmp6 packets of type 130 or 131. We recommend upgrading past commit 2d3916f3189172d5c69d33065c3c21119fe539fc.π Read
via "National Vulnerability Database".
β Google Blows Lid Off Conti, Diavol Ransomware Access-Broker Ops β
π Read
via "Threat Post".
Researchers have exposed the work of Exotic Lily, a full-time cybercriminal initial-access group that uses phishing to infiltrate organizationsβ networks for further malicious activity.π Read
via "Threat Post".
Threat Post
Google Blows Lid Off Conti, Diavol Ransomware Access-Broker Ops
Researchers have exposed the work of Exotic Lily, a full-time cybercriminal initial-access group that uses phishing to infiltrate organizationsβ networks for further malicious activity.