π΄ CISO Shares Top Strategies to Communicate Security's Value to the Biz π΄
π Read
via "Dark Reading".
In a keynote address at Black Hat Asia in Singapore this week, CISO and former NASA security engineer George Do discussed his go-to model for measuring security effectiveness β and getting others in the organization to listen.π Read
via "Dark Reading".
Dark Reading
CISO Shares Top Strategies to Communicate Security's Value to the Biz
In a keynote address at Black Hat Asia in Singapore this week, CISO and former NASA security engineer George Do discussed his go-to model for measuring security effectiveness β and getting others in the organization to listen.
βΌ CVE-2022-25862 βΌ
π Read
via "National Vulnerability Database".
This affects the package sds from 0.0.0. The library could be tricked into adding or modifying properties of the Object.prototype by abusing the set function located in js/set.js. **Note:** This vulnerability derives from an incomplete fix to [CVE-2020-7618](https://security.snyk.io/vuln/SNYK-JS-SDS-564123)π Read
via "National Vulnerability Database".
βΌ CVE-2022-22281 βΌ
π Read
via "National Vulnerability Database".
A buffer overflow vulnerability in the SonicWall SSL-VPN NetExtender Windows Client (32 and 64 bit) in 10.2.322 and earlier versions, allows an attacker to potentially execute arbitrary code in the host windows operating system.π Read
via "National Vulnerability Database".
βΌ CVE-2022-21190 βΌ
π Read
via "National Vulnerability Database".
This affects the package convict before 6.2.3. This is a bypass of [CVE-2022-22143](https://security.snyk.io/vuln/SNYK-JS-CONVICT-2340604). The [fix](https://github.com/mozilla/node-convict/commit/3b86be087d8f14681a9c889d45da7fe3ad9cd880) introduced, relies on the startsWith method and does not prevent the vulnerability: before splitting the path, it checks if it starts with __proto__ or this.constructor.prototype. To bypass this check it's possible to prepend the dangerous paths with any string value followed by a dot, like for example foo.__proto__ or foo.this.constructor.prototype.π Read
via "National Vulnerability Database".
βΌ CVE-2022-1701 βΌ
π Read
via "National Vulnerability Database".
SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions uses a shared and hard-coded encryption key to store data.π Read
via "National Vulnerability Database".
βΌ CVE-2022-25865 βΌ
π Read
via "National Vulnerability Database".
The package workspace-tools before 0.18.4 are vulnerable to Command Injection via git argument injection. When calling the fetchRemoteBranch(remote: string, remoteBranch: string, cwd: string) function, both the remote and remoteBranch parameters are passed to the git fetch subcommand in a way that additional flags can be set. The additional flags can be used to perform a command injection.π Read
via "National Vulnerability Database".
βΌ CVE-2022-1702 βΌ
π Read
via "National Vulnerability Database".
SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions accept a user-controlled input that specifies a link to an external site and uses that link in a redirect which leads to Open redirection vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2022-22282 βΌ
π Read
via "National Vulnerability Database".
SonicWall SMA1000 series firmware 12.4.0, 12.4.1-02965 and earlier versions incorrectly restricts access to a resource using HTTP connections from an unauthorized actor leading to Improper Access Control vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2022-24831 βΌ
π Read
via "National Vulnerability Database".
OpenClinica is an open source software for Electronic Data Capture (EDC) and Clinical Data Management (CDM). Versions prior to 3.16.1 are vulnerable to SQL injection due to the use of string concatenation to create SQL queries instead of prepared statements. No known workarounds exist. This issue has been patched in 3.16.1, 3.15.9, 3.14.1, and 3.13.1 and users are advised to upgrade.π Read
via "National Vulnerability Database".
βΌ CVE-2022-24830 βΌ
π Read
via "National Vulnerability Database".
OpenClinica is an open source software for Electronic Data Capture (EDC) and Clinical Data Management (CDM). OpenClinica prior to version 3.16 is vulnerable to path traversal in multiple endpoints, leading to arbitrary file read/write, and potential remote code execution. There are no known workarounds. This issue has been patched and users are recommended to upgrade.π Read
via "National Vulnerability Database".
βΌ CVE-2022-1379 βΌ
π Read
via "National Vulnerability Database".
URL Restriction Bypass in GitHub repository plantuml/plantuml prior to V1.2022.5. An attacker can abuse this to bypass URL restrictions that are imposed by the different security profiles and achieve server side request forgery (SSRF). This allows accessing restricted internal resources/servers or sending requests to third party servers.π Read
via "National Vulnerability Database".
π΄ How to Turn a Coke Can Into an Eavesdropping Device π΄
π Read
via "Dark Reading".
Cyber-researchers are testing the bounds of optical attacks with a technique that allows attackers to recover voice audio from meetings if there are shiny, lightweight objects nearby.π Read
via "Dark Reading".
Dark Reading
How to Turn a Coke Can Into an Eavesdropping Device
Cyber-researchers are testing the bounds of optical attacks with a technique that allows attackers to recover voice audio from meetings if there are shiny, lightweight objects nearby.
π€1
βΌ CVE-2021-41965 βΌ
π Read
via "National Vulnerability Database".
A SQL injection vulnerability exists in ChurchCRM version 2.0.0 to 4.4.5 that allows an authenticated attacker to issue an arbitrary SQL command to the database through the unsanitized EN_tyid, theID and EID fields used when an Edit action on an existing record is being performed.π Read
via "National Vulnerability Database".
π1
β He sold cracked passwords for a living β now heβs serving 4 years in prison β
π Read
via "Naked Security".
Crooks don't need a password for every user on your network to break in and wreak havoc. One could be enough...π Read
via "Naked Security".
β€2π1
β Firefox out-of-band update to 100.0.1 β just in time for Pwn2Own? β
π Read
via "Naked Security".
A new point-release of Firefox. Not unusual, but the timing of this one is interesting, with Pwn2Own coming up in a few days.π Read
via "Naked Security".
Naked Security
Firefox out-of-band update to 100.0.1 β just in time for Pwn2Own?
A new point-release of Firefox. Not unusual, but the timing of this one is interesting, with Pwn2Own coming up in a few days.
βΌ CVE-2022-30763 βΌ
π Read
via "National Vulnerability Database".
Janet before 1.22.0 mishandles arrays.π Read
via "National Vulnerability Database".
π2
βΌ CVE-2022-30779 βΌ
π Read
via "National Vulnerability Database".
Laravel 9.1.8, when processing attacker-controlled data for deserialization, allows Remote Code Execution via an unserialize pop chain in __destruct in GuzzleHttp\Cookie\FileCookieJar.php.π Read
via "National Vulnerability Database".
βΌ CVE-2022-30778 βΌ
π Read
via "National Vulnerability Database".
Laravel 9.1.8, when processing attacker-controlled data for deserialization, allows Remote Code Execution via an unserialize pop chain in __destruct in Illuminate\Broadcasting\PendingBroadcast.php and dispatch($command) in Illuminate\Bus\QueueingDispatcher.php.π Read
via "National Vulnerability Database".
βΌ CVE-2022-30767 βΌ
π Read
via "National Vulnerability Database".
nfs_lookup_reply in net/nfs.c in Das U-Boot through 2022.04 (and through 2022.07-rc2) has an unbounded memcpy with a failed length check, leading to a buffer overflow. NOTE: this issue exists because of an incorrect fix for CVE-2019-14196.π Read
via "National Vulnerability Database".
βΌ CVE-2022-30775 βΌ
π Read
via "National Vulnerability Database".
xpdf 4.04 allocates excessive memory when presented with crafted input. This can be triggered by (for example) sending a crafted PDF document to the pdftoppm binary. It is most easily reproduced with the DCMAKE_CXX_COMPILER=afl-clang-fast++ option.π Read
via "National Vulnerability Database".
βΌ CVE-2022-30770 βΌ
π Read
via "National Vulnerability Database".
Terminalfour before 8.3.8 allows XSS, aka RDSM-31817. 8.2.18.2.1 and 8.2.18.5 are also fixed versions.π Read
via "National Vulnerability Database".