‼ CVE-2022-29175 ‼
📖 Read
via "National Vulnerability Database".
Vyper is a pythonic smart contract language for the ethereum virtual machine. Since version 0.3.2, decimals use the full range of the underlying int168 type. multiplication of 168 bit integers can wrap in 256-bit arithmetic, but safemul does not check for that. This has been patched in v0.3.4. There are no known workarounds for this issue.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-29172 ‼
📖 Read
via "National Vulnerability Database".
Auth0 is an authentication broker that supports both social and enterprise identity providers, including Active Directory, LDAP, Google Apps, and Salesforce. In versions before `11.33.0`, when the “additional signup fieldsâ€? feature [is configured](https://github.com/auth0/lock#additional-sign-up-fields), a malicious actor can inject invalidated HTML code into these additional fields, which is then stored in the service `user_metdata` payload (using the `name` property). Verification emails, when applicable, are generated using this metadata. It is therefor possible for an actor to craft a malicious link by injecting HTML, which is then rendered as the recipient's name within the delivered email template. You are impacted by this vulnerability if you are using `auth0-lock` version `11.32.2` or lower and are using the “additional signup fieldsâ€? feature in your application. Upgrade to version `11.33.0`.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-29167 ‼
📖 Read
via "National Vulnerability Database".
Hawk is an HTTP authentication scheme providing mechanisms for making authenticated HTTP requests with partial cryptographic verification of the request and response, covering the HTTP method, request URI, host, and optionally the request payload. Hawk used a regular expression to parse `Host` HTTP header (`Hawk.utils.parseHost()`), which was subject to regular expression DoS attack - meaning each added character in the attacker's input increases the computation time exponentially. `parseHost()` was patched in `9.0.1` to use built-in `URL` class to parse hostname instead. `Hawk.authenticate()` accepts `options` argument. If that contains `host` and `port`, those would be used instead of a call to `utils.parseHost()`.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-29535 ‼
📖 Read
via "National Vulnerability Database".
Zoho ManageEngine OPManager through 125588 allows SQL Injection via a few default reports.📖 Read
via "National Vulnerability Database".
📢 Millions of Lenovo laptops thought to be vulnerable to newly discovered UEFI malware attacks 📢
📖 Read
via "ITPro".
ESET researchers said the core vulnerabilities were 'easy' to spot due to "unfortunate" and "honest" driver names📖 Read
via "ITPro".
IT PRO
Millions of Lenovo laptops thought to be vulnerable to newly discovered UEFI malware attacks | IT PRO
ESET researchers said the core vulnerabilities were 'easy' to spot due to "unfortunate" and "honest" driver names
📢 ConnectWise unveils new incident response service 📢
📖 Read
via "ITPro".
New offering provides an “immediate lifeline” to a team of cyber experts in the event of a security breach📖 Read
via "ITPro".
IT PRO
ConnectWise unveils new incident response service | IT PRO
New offering provides an “immediate lifeline” to a team of cyber experts in the event of a security breach
📢 REvil ransomware group's infrastructure comes back online hinting at fresh campaign 📢
📖 Read
via "ITPro".
The ransomware gang's old deep web infrastructure is now redirecting to a new website with new victims📖 Read
via "ITPro".
IT PRO
REvil ransomware group's infrastructure comes back online hinting at fresh campaign | IT PRO
The ransomware gang's old deep web infrastructure is now redirecting to a new website with new victims
📢 Exclusive: Former Shiseido staff say company was aware of data breach weeks before official notice 📢
📖 Read
via "ITPro".
Fake companies were created using the stolen identities of hundreds of Shiseido employees, former staff claim📖 Read
via "ITPro".
IT PRO
Exclusive: Former Shiseido staff say company was aware of data breach weeks before official notice | IT PRO
Fake companies were created using the stolen identities of hundreds of Shiseido employees, former staff claim
📢 Report: UK businesses are less secure when using police-endorsed cyber security tool 📢
📖 Read
via "ITPro".
The cyber security researcher found the developer of the free software to be "incompetent" and the myriad flaws in the cyber crime-fighting monitoring tool left businesses more at risk of cyber attacks📖 Read
via "ITPro".
IT PRO
Report: UK businesses are less secure when using police-endorsed cyber security tool | IT PRO
The cyber security researcher found the developer of the free software to be "incompetent" and the myriad flaws in the cyber crime-fighting monitoring tool left businesses more at risk of cyber attacks
📢 Microsoft announces lucrative new bug bounty awards for M365 products and services 📢
📖 Read
via "ITPro".
The new awards will focus on scenario-based weaknesses and offer bonuses of up to 30% for the most severe bugs📖 Read
via "ITPro".
ITPro
Microsoft announces lucrative new bug bounty awards for M365 products and services
The new awards will focus on scenario-based weaknesses and offer bonuses of up to 30% for the most severe bugs
📢 Tech leaders share how to break into the tech industry 📢
📖 Read
via "ITPro".
“You have to feel like a true member of the IT world before you actually become a member"📖 Read
via "ITPro".
IT PRO
Tech leaders share how to break into the tech industry | IT PRO
“You have to feel like a true member of the IT world before you actually become a member"
📢 Funky Pigeon site offline after "cyber incident" 📢
📖 Read
via "ITPro".
The WH Smith-owned card site has reported the breach to "the relevant regulators"📖 Read
via "ITPro".
IT PRO
Funky Pigeon site offline after "cyber incident" | IT PRO
The WH Smith-owned card site has reported the breach to "the relevant regulators"
📢 Encryption battle plays out in Australian Parliament 📢
📖 Read
via "ITPro".
The opposition said that the government is “addicted to secrecy”📖 Read
via "ITPro".
IT PRO
Encryption battle plays out in Australian Parliament | IT PRO
The opposition said that the government is “addicted to secrecy”
‼ CVE-2022-24902 ‼
📖 Read
via "National Vulnerability Database".
TkVideoplayer is a simple library to play video files in tkinter. Uncontrolled memory consumption in versions of TKVideoplayer prior to 2.0.0 can theoretically lead to performance degradation. There are no known workarounds. This issue has been patched and users are advised to upgrade to version 2.0.0 or later.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-29171 ‼
📖 Read
via "National Vulnerability Database".
Sourcegraph is a fast and featureful code search and navigation engine. Versions before 3.38.0 are vulnerable to Remote Code Execution in the gitserver service. The Gitolite code host integration with Phabricator allows Sourcegraph site admins to specify a `callsignCommand`, which is used to obtain the Phabricator metadata for a Gitolite repository. An administrator who is able to edit or add a Gitolite code host and has administrative access to Sourcegraph’s bundled Grafana instance can change this command arbitrarily and run it remotely. This grants direct access to the infrastructure underlying the Sourcegraph installation. The attack requires: site-admin privileges on the instance of Sourcegraph, Administrative privileges on the bundled Grafana monitoring instance, Knowledge of the gitserver IP address or DNS name (if running in Kubernetes). This can be found through Grafana. The issue is patched in version 3.38.0. You may disable Gitolite code hosts. We still highly encourage upgrading regardless of workarounds.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-24903 ‼
📖 Read
via "National Vulnerability Database".
Rsyslog is a rocket-fast system for log processing. Modules for TCP syslog reception have a potential heap buffer overflow when octet-counted framing is used. This can result in a segfault or some other malfunction. As of our understanding, this vulnerability can not be used for remote code execution. But there may still be a slight chance for experts to do that. The bug occurs when the octet count is read. While there is a check for the maximum number of octets, digits are written to a heap buffer even when the octet count is over the maximum, This can be used to overrun the memory buffer. However, once the sequence of digits stop, no additional characters can be added to the buffer. In our opinion, this makes remote exploits impossible or at least highly complex. Octet-counted framing is one of two potential framing modes. It is relatively uncommon, but enabled by default on receivers. Modules `imtcp`, `imptcp`, `imgssapi`, and `imhttp` are used for regular syslog message reception. It is best practice not to directly expose them to the public. When this practice is followed, the risk is considerably lower. Module `imdiag` is a diagnostics module primarily intended for testbench runs. We do not expect it to be present on any production installation. Octet-counted framing is not very common. Usually, it needs to be specifically enabled at senders. If users do not need it, they can turn it off for the most important modules. This will mitigate the vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-24817 ‼
📖 Read
via "National Vulnerability Database".
Flux2 is an open and extensible continuous delivery solution for Kubernetes. Flux2 versions between 0.1.0 and 0.29.0, helm-controller 0.1.0 to v0.19.0, and kustomize-controller 0.1.0 to v0.23.0 are vulnerable to Code Injection via malicious Kubeconfig. In multi-tenancy deployments this can also lead to privilege escalation if the controller's service account has elevated permissions. Workarounds include disabling functionality via Validating Admission webhooks by restricting users from setting the `spec.kubeConfig` field in Flux `Kustomization` and `HelmRelease` objects. Additional mitigations include applying restrictive AppArmor and SELinux profiles on the controller’s pod to limit what binaries can be executed. This vulnerability is fixed in kustomize-controller v0.23.0 and helm-controller v0.19.0, both included in flux2 v0.29.0📖 Read
via "National Vulnerability Database".
‼ CVE-2022-24899 ‼
📖 Read
via "National Vulnerability Database".
Contao is a powerful open source CMS that allows you to create professional websites and scalable web applications. In versions of Contao prior to 4.13.3 it is possible to inject code into the canonical tag. As a workaround users may disable canonical tags in the root page settings.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-29164 ‼
📖 Read
via "National Vulnerability Database".
Argo Workflows is an open source container-native workflow engine for orchestrating parallel jobs on Kubernetes. In affected versions an attacker can create a workflow which produces a HTML artifact containing an HTML file that contains a script which uses XHR calls to interact with the Argo Server API. The attacker emails the deep-link to the artifact to their victim. The victim opens the link, the script starts running. As the script has access to the Argo Server API (as the victim), so may read information about the victim’s workflows, or create and delete workflows. Note the attacker must be an insider: they must have access to the same cluster as the victim and must already be able to run their own workflows. The attacker must have an understanding of the victim’s system. We have seen no evidence of this in the wild. We urge all users to upgrade to the fixed versions.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-24878 ‼
📖 Read
via "National Vulnerability Database".
Flux is an open and extensible continuous delivery solution for Kubernetes. Path Traversal in the kustomize-controller via a malicious `kustomization.yaml` allows an attacker to cause a Denial of Service at the controller level. Workarounds include automated tooling in the user's CI/CD pipeline to validate `kustomization.yaml` files conform with specific policies. This vulnerability is fixed in kustomize-controller v0.24.0 and included in flux2 v0.29.0. Users are recommended to upgrade.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-24877 ‼
📖 Read
via "National Vulnerability Database".
Flux is an open and extensible continuous delivery solution for Kubernetes. Path Traversal in the kustomize-controller via a malicious `kustomization.yaml` allows an attacker to expose sensitive data from the controller’s pod filesystem and possibly privilege escalation in multi-tenancy deployments. Workarounds include automated tooling in the user's CI/CD pipeline to validate `kustomization.yaml` files conform with specific policies. This vulnerability is fixed in kustomize-controller v0.24.0 and included in flux2 v0.29.0.📖 Read
via "National Vulnerability Database".
👍1