βΌ CVE-2022-24859 βΌ
π Read
via "National Vulnerability Database".
PyPDF2 is an open source python PDF library capable of splitting, merging, cropping, and transforming the pages of PDF files. In versions prior to 1.27.5 an attacker who uses this vulnerability can craft a PDF which leads to an infinite loop if the PyPDF2 if the code attempts to get the content stream. The reason is that the last while-loop in `ContentStream._readInlineImage` only terminates when it finds the `EI` token, but never actually checks if the stream has already ended. This issue has been resolved in version `1.27.5`. Users unable to upgrade should validate and PDFs prior to iterating over their content stream.π Read
via "National Vulnerability Database".
βΌ CVE-2022-1054 βΌ
π Read
via "National Vulnerability Database".
The RSVP and Event Management Plugin WordPress plugin before 2.7.8 does not have any authorisation checks when exporting its entries, and has the export function hooked to the init action. As a result, unauthenticated attackers could call it and retrieve PII such as first name, last name and email address of user registered for eventsπ Read
via "National Vulnerability Database".
βΌ CVE-2022-1037 βΌ
π Read
via "National Vulnerability Database".
The EXMAGE WordPress plugin before 1.0.7 does to ensure that images added via URLs are external images, which could lead to a blind SSRF issue by using local URLsπ Read
via "National Vulnerability Database".
βΌ CVE-2022-1063 βΌ
π Read
via "National Vulnerability Database".
The Thank Me Later WordPress plugin through 3.3.4 does not sanitise and escape the Message Subject field before outputting it in the Messages list, which could allow high privileges users such as admin to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowedπ Read
via "National Vulnerability Database".
βοΈ Contiβs Ransomware Toll on the Healthcare Industry βοΈ
π Read
via "Krebs on Security".
Conti -- one of the most ruthless and successful Russian ransomware groups -- publicly declared during the height of the COVID-19 pandemic that it would refrain from targeting healthcare providers. But new information confirms this pledge was always a lie, and that Conti has launched more than 200 attacks against hospitals and other healthcare facilities since first surfacing in 2018 under the name "Ryuk."π Read
via "Krebs on Security".
Krebsonsecurity
Contiβs Ransomware Toll on the Healthcare Industry
Conti -- one of the most ruthless and successful Russian ransomware groups -- publicly declared during the height of the COVID-19 pandemic that it would refrain from targeting healthcare providers. But new information confirms this pledge was always a lieβ¦
π΄ Security-as-Code Gains More Support, But Still Nascent π΄
π Read
via "Dark Reading".
Google and other firms are adding security configuration to software so cloud applications and services have well-defined security settings β a key component of DevSecOps.π Read
via "Dark Reading".
Dark Reading
Security-as-Code Gains More Support, but Still Nascent
Google and other firms are adding security configuration to software so cloud applications and services have well-defined security settings β a key component of DevSecOps.
βΌ CVE-2022-29457 βΌ
π Read
via "National Vulnerability Database".
Zoho ManageEngine ADSelfService Plus before 6121, ADAuditPlus 7060, Exchange Reporter Plus 5701, and ADManagerPlus 7131 allow NTLM Hash disclosure during certain storage-path configuration steps.π Read
via "National Vulnerability Database".
βΌ CVE-2022-29458 βΌ
π Read
via "National Vulnerability Database".
ncurses 6.3 before patch 20220416 has an out-of-bounds read and segmentation violation in convert_strings in tinfo/read_entry.c in the terminfo library.π Read
via "National Vulnerability Database".
π΄ Swimlane Extends Cloud-Based Security Automation into APJ Amid Momentous Growth in Region π΄
π Read
via "Dark Reading".
Swimlaneβs Asia-Pacific presence grows 173%, highlighting rising demand for low-code security automation.π Read
via "Dark Reading".
Dark Reading
Swimlane Extends Cloud-Based Security Automation into APJ Amid Momentous Growth in Region
Swimlaneβs Asia-Pacific presence grows 173%, highlighting rising demand for low-code security automation.
π΄ 76% of Organizations Worldwide Expect to Suffer a Cyberattack This Year π΄
π Read
via "Dark Reading".
Study shows that more than 35% have suffered seven or more successful attacks.π Read
via "Dark Reading".
Dark Reading
76% of Organizations Worldwide Expect to Suffer a Cyberattack This Year
Study shows that more than 35% have suffered seven or more successful attacks.
βΌ CVE-2022-29464 βΌ
π Read
via "National Vulnerability Database".
Certain WSO2 products allow unrestricted file upload with resultant remote code execution. This affects WSO2 API Manager 2.2.0 and above through 4.0.0; WSO2 Identity Server 5.2.0 and above through 5.11.0; WSO2 Identity Server Analytics 5.4.0, 5.4.1, 5.5.0, and 5.6.0; WSO2 Identity Server as Key Manager 5.3.0 and above through 5.10.0; and WSO2 Enterprise Integrator 6.2.0 and above through 6.6.0.π Read
via "National Vulnerability Database".
βΌ CVE-2022-24841 βΌ
π Read
via "National Vulnerability Database".
fleetdm/fleet is an open source device management, built on osquery. All versions of fleet making use of the teams feature are affected by this authorization bypass issue. Fleet instances without teams, or with teams but without restricted team accounts are not affected. In affected versions a team admin can erroneously add themselves as admin, maintainer or observer on other teams. Users are advised to upgrade to version 4.13. There are no known workarounds for this issue.π Read
via "National Vulnerability Database".
π1
βΌ CVE-2022-28108 βΌ
π Read
via "National Vulnerability Database".
Selenium Server (Grid) before 4 allows CSRF because it permits non-JSON content types such as application/x-www-form-urlencoded, multipart/form-data, and text/plain.π Read
via "National Vulnerability Database".
βΌ CVE-2022-1065 βΌ
π Read
via "National Vulnerability Database".
A vulnerability within the authentication process of Abacus ERP allows a remote attacker to bypass the second authentication factor. This issue affects: Abacus ERP v2022 versions prior to R1 of 2022-01-15; v2021 versions prior to R4 of 2022-01-15; v2020 versions prior to R6 of 2022-01-15; v2019 versions later than R5 (service pack); v2018 versions later than R5 (service pack). This issue does not affect: Abacus ERP v2019 versions prior to R5 of 2020-03-15; v2018 versions prior to R7 of 2020-04-15; v2017 version and prior versions and prior versions.π Read
via "National Vulnerability Database".
π΄ Verica Launches Prowler Pro to Make AWS Security Simpler for Customers π΄
π Read
via "Dark Reading".
The enterprise grade solution will provide enhanced cloud security and provide new open-source tools.π Read
via "Dark Reading".
Dark Reading
Verica Launches Prowler Pro to Make AWS Security Simpler for Customers
The enterprise grade solution will provide enhanced cloud security and provide new open-source tools.
ποΈ Utah Consumer Privacy Act: New legislation adds another wrinkle to the US legal landscape ποΈ
π Read
via "The Daily Swig".
Soon to be enacted law provides further governance for citizensβ dataπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Utah Consumer Privacy Act: New legislation adds another wrinkle to the US legal landscape
Soon to be enacted law provides further governance for citizensβ data
π΄ How to Interpret the EU's Guidance on DNS Abuse Worldwide π΄
π Read
via "Dark Reading".
From higher standards in top-level domains to increased adoption of security controls, stepped-up measures can help fight DNS abuse and protect Web domains.π Read
via "Dark Reading".
Dark Reading
How to Interpret the EU's Guidance on DNS Abuse Worldwide
From higher standards in top-level domains to increased adoption of security controls, stepped-up measures can help fight DNS abuse and protect Web domains.
βΌ CVE-2022-27927 βΌ
π Read
via "National Vulnerability Database".
A SQL injection vulnerability exists in Microfinance Management System 1.0 when MySQL is being used as the application database. An attacker can issue SQL commands to the MySQL database through the vulnerable course_code and/or customer_number parameter.π Read
via "National Vulnerability Database".
βΌ CVE-2022-0645 βΌ
π Read
via "National Vulnerability Database".
Open redirect vulnerability via endpoint authorize_and_redirect/?redirect= in GitHub repository posthog/posthog prior to 1.34.1.π Read
via "National Vulnerability Database".
βΌ CVE-2022-26595 βΌ
π Read
via "National Vulnerability Database".
Liferay Portal 7.3.7, 7.4.0, and 7.4.1, and Liferay DXP 7.2 fix pack 13, and 7.3 fix pack 2 does not properly check user permission when accessing a list of sites/groups, which allows remote authenticated users to view sites/groups via the user's site membership assignment UI.π Read
via "National Vulnerability Database".