âš Apple pushes out two emergency 0-day updates – get ’em now! âš
📖 Read
via "Naked Security".
More Apple zero-days - mobile devices, laptops and desktops affected. Update now!📖 Read
via "Naked Security".
Naked Security
Apple pushes out two emergency 0-day updates – get ’em now!
More Apple zero-days – mobile devices, laptops and desktops affected. Update now!
‼ CVE-2022-27963 ‼
📖 Read
via "National Vulnerability Database".
Xftp 7.0.0088p and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-24758 ‼
📖 Read
via "National Vulnerability Database".
The Jupyter notebook is a web-based notebook environment for interactive computing. Prior to version 6.4.9, unauthorized actors can access sensitive information from server logs. Anytime a 5xx error is triggered, the auth cookie and other header values are recorded in Jupyter server logs by default. Considering these logs do not require root access, an attacker can monitor these logs, steal sensitive auth/cookie information, and gain access to the Jupyter server. Jupyter notebook version 6.4.x contains a patch for this issue. There are currently no known workarounds.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-24797 ‼
📖 Read
via "National Vulnerability Database".
Pomerium is an identity-aware access proxy. In distributed service mode, Pomerium's Authenticate service exposes pprof debug and prometheus metrics handlers to untrusted traffic. This can leak potentially sensitive environmental information or lead to limited denial of service conditions. This issue is patched in version v0.17.1 Workarounds: Block access to `/debug` and `/metrics` paths on the authenticate service. This can be done with any L7 proxy, including Pomerium's own proxy service.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-46439 ‼
📖 Read
via "National Vulnerability Database".
The WinSEGAV AutoConfig service in EG Free Antivirus v2020 suffers from a local privilege escalation vulnerability, due to unquoted paths in the service's executable path.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-24794 ‼
📖 Read
via "National Vulnerability Database".
Express OpenID Connect is an Express JS middleware implementing sign on for Express web apps using OpenID Connect. Users of the `requiresAuth` middleware, either directly or through the default `authRequired` option, are vulnerable to an Open Redirect when the middleware is applied to a catch all route. If all routes under `example.com` are protected with the `requiresAuth` middleware, a visit to `http://example.com//google.com` will be redirected to `google.com` after login because the original url reported by the Express framework is not properly sanitized. This vulnerability affects versions prior to 2.7.2. Users are advised to upgrade. There are no known workarounds.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-27052 ‼
📖 Read
via "National Vulnerability Database".
FreeFtpd version 1.0.13 and below contains an unquoted service path vulnerability which allows local users to launch processes with elevated privileges.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-24791 ‼
📖 Read
via "National Vulnerability Database".
Wasmtime is a standalone JIT-style runtime for WebAssembly, using Cranelift. There is a use after free vulnerability in Wasmtime when both running Wasm that uses externrefs and enabling epoch interruption in Wasmtime. If you are not explicitly enabling epoch interruption (it is disabled by default) then you are not affected. If you are explicitly disabling the Wasm reference types proposal (it is enabled by default) then you are also not affected. The use after free is caused by Cranelift failing to emit stack maps when there are safepoints inside cold blocks. Cold blocks occur when epoch interruption is enabled. Cold blocks are emitted at the end of compiled functions, and change the order blocks are emitted versus defined. This reordering accidentally caused Cranelift to skip emitting some stack maps because it expected to emit the stack maps in block definition order, rather than block emission order. When Wasmtime would eventually collect garbage, it would fail to find live references on the stack because of the missing stack maps, think that they were unreferenced garbage, and therefore reclaim them. Then after the collection ended, the Wasm code could use the reclaimed-too-early references, which is a use after free. Patches have been released in versions 0.34.2 and 0.35.2, which fix the vulnerability. All Wasmtime users are recommended to upgrade to these patched versions. If upgrading is not an option for you at this time, you can avoid the vulnerability by either: disabling the Wasm reference types proposal, config.wasm_reference_types(false); or by disabling epoch interruption if you were previously enabling it. config.epoch_interruption(false).📖 Read
via "National Vulnerability Database".
‼ CVE-2022-27049 ‼
📖 Read
via "National Vulnerability Database".
Raidrive before v2021.12.35 allows attackers to arbitrarily move log files by pre-creating a mountpoint and log files before Raidrive is installed.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-27965 ‼
📖 Read
via "National Vulnerability Database".
Xlpd v7.0.0094 and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-27050 ‼
📖 Read
via "National Vulnerability Database".
BitComet Service for Windows before version 1.8.6 contains an unquoted service path vulnerability which allows attackers to escalate privileges to the system level.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-27964 ‼
📖 Read
via "National Vulnerability Database".
Xmanager v7.0.0096 and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-24798 ‼
📖 Read
via "National Vulnerability Database".
Internet Routing Registry daemon version 4 is an IRR database server, processing IRR objects in the RPSL format. IRRd did not always filter password hashes in query responses relating to `mntner` objects and database exports. This may have allowed adversaries to retrieve some of these hashes, perform a brute-force search for the clear-text passphrase, and use these to make unauthorised changes to affected IRR objects. This issue only affected instances that process password hashes, which means it is limited to IRRd instances that serve authoritative databases. IRRd instances operating solely as mirrors of other IRR databases are not affected. This has been fixed in IRRd 4.2.3 and the main branch. Versions in the 4.1.x series never were affected. Users of the 4.2.x series are strongly recommended to upgrade. There are no known workarounds for this issue.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-27966 ‼
📖 Read
via "National Vulnerability Database".
Xshell v7.0.0099 and below contains a binary hijack vulnerability which allows attackers to execute arbitrary code via a crafted .exe file.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-24796 ‼
📖 Read
via "National Vulnerability Database".
RaspberryMatic is a free and open-source operating system for running a cloud-free smart-home using the homematicIP / HomeMatic hardware line of IoT devices. A Remote Code Execution (RCE) vulnerability in the file upload facility of the WebUI interface of RaspberryMatic exists. Missing input validation/sanitization in the file upload mechanism allows remote, unauthenticated attackers with network access to the WebUI interface to achieve arbitrary operating system command execution via shell metacharacters in the HTTP query string. Injected commands are executed as root, thus leading to a full compromise of the underlying system and all its components. Versions after `2.31.25.20180428` and prior to `3.63.8.20220330` are affected. Users are advised to update to version `3.63.8.20220330` or newer. There are currently no known workarounds to mitigate the security impact and users are advised to update to the latest version available.📖 Read
via "National Vulnerability Database".
📢 Breaking end-to-end encryption would do more harm than good, warn IT professionals 📢
📖 Read
via "ITPro".
Two-thirds of IT specialists said restricting the use of this technology would have a negative impact on protecting society📖 Read
via "ITPro".
IT PRO
Breaking end-to-end encryption would do more harm than good, warn IT professionals | IT PRO
Two-thirds of IT specialists said restricting the use of this technology would have a negative impact on protecting society
📢 Mobile security firm Zimperium to be acquired for $525 million 📢
📖 Read
via "ITPro".
Texas-based Zimperium offers on-device mobile threat defense to protect against cyber attacks📖 Read
via "ITPro".
IT PRO
Mobile security firm Zimperium to be acquired for $525 million | IT PRO
Texas-based Zimperium offers on-device mobile threat defense to protect against cyber attacks
📢 Google patches second Chrome browser zero-day of 2022 📢
📖 Read
via "ITPro".
Google acted quickly to secure against the type confusion vulnerability that was under active exploitation📖 Read
via "ITPro".
ITPro
Google patches second Chrome browser zero-day of 2022
Google acted quickly to secure against the type confusion vulnerability that was under active exploitation
📢 WatchGuard Firebox T40-W review: Powerful yet classy 📢
📖 Read
via "ITPro".
A powerful desktop security appliance with classy remote monitoring and configuration services📖 Read
via "ITPro".
IT PRO
WatchGuard Firebox T40-W review: Powerful yet classy | IT PRO
A powerful desktop security appliance with classy remote monitoring and configuration services
📢 Patch finally released for Spring4Shell zero-day after vulnerable businesses put on high alert 📢
📖 Read
via "ITPro".
With proof-of-concept code out in the wild, businesses are encouraged to assess their exposure to what's being dubbed 'Log4Shell 2.0'📖 Read
via "ITPro".
ITPro
Patch finally released for Spring4Shell zero-day after vulnerable businesses put on high alert
With proof-of-concept code out in the wild, businesses are encouraged to assess their exposure to what's being dubbed 'Log4Shell 2.0'
📢 NCSC warns businesses against using Kaspersky products 📢
📖 Read
via "ITPro".
Critical infrastructure companies, as well as organisations aiding Ukraine or criticising the Russian government, are at the highest risk of being compromised📖 Read
via "ITPro".
IT PRO
NCSC warns businesses against using Kaspersky products | IT PRO
Critical infrastructure companies, as well as organisations aiding Ukraine or criticising the Russian government, are at the highest risk of being compromised