βΌ CVE-2022-30887 βΌ
π Read
via "National Vulnerability Database".
Pharmacy Management System v1.0 was discovered to contain a remote code execution (RCE) vulnerability via the component /php_action/editProductImage.php. This vulnerability allows attackers to execute arbitrary code via a crafted image file.π Read
via "National Vulnerability Database".
ποΈ WordPress theme Jupiter patches critical privilege escalation flaw ποΈ
π Read
via "The Daily Swig".
Users urged to update systems amid reports of active exploitationπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
WordPress theme Jupiter patches critical privilege escalation flaw
Users urged to update systems amid reports of active exploitation
π1
βΌ CVE-2022-24905 βΌ
π Read
via "National Vulnerability Database".
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. A vulnerability was found in Argo CD prior to versions 2.3.4, 2.2.9, and 2.1.15 that allows an attacker to spoof error messages on the login screen when single sign on (SSO) is enabled. In order to exploit this vulnerability, an attacker would have to trick the victim to visit a specially crafted URL which contains the message to be displayed. As far as the research of the Argo CD team concluded, it is not possible to specify any active content (e.g. Javascript) or other HTML fragments (e.g. clickable links) in the spoofed message. A patch for this vulnerability has been released in Argo CD versions 2.3.4, 2.2.9, and 2.1.15. There are currently no known workarounds.π Read
via "National Vulnerability Database".
βΌ CVE-2022-28660 βΌ
π Read
via "National Vulnerability Database".
The querier component in Grafana Enterprise Logs 1.1.x through 1.3.x before 1.4.0 does not require authentication when X-Scope-OrgID is used. Versions 1.2.1, 1.3.1, and 1.4.0 contain the bugfix. This affects -auth.type=enterprise in microservices modeπ Read
via "National Vulnerability Database".
βΌ CVE-2022-29165 βΌ
π Read
via "National Vulnerability Database".
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. A critical vulnerability has been discovered in Argo CD starting with version 1.4.0 and prior to versions 2.1.15, 2.2.9, and 2.3.4 which would allow unauthenticated users to impersonate as any Argo CD user or role, including the `admin` user, by sending a specifically crafted JSON Web Token (JWT) along with the request. In order for this vulnerability to be exploited, anonymous access to the Argo CD instance must have been enabled. In a default Argo CD installation, anonymous access is disabled. The vulnerability can be exploited to impersonate as any user or role, including the built-in `admin` account regardless of whether it is enabled or disabled. Also, the attacker does not need an account on the Argo CD instance in order to exploit this. If anonymous access to the instance is enabled, an attacker can escalate their privileges, effectively allowing them to gain the same privileges on the cluster as the Argo CD instance, which is cluster admin in a default installation. This will allow the attacker to create, manipulate and delete any resource on the cluster. They may also exfiltrate data by deploying malicious workloads with elevated privileges, thus bypassing any redaction of sensitive data otherwise enforced by the Argo CD API. A patch for this vulnerability has been released in Argo CD versions 2.3.4, 2.2.9, and 2.1.15. As a workaround, one may disable anonymous access, but upgrading to a patched version is preferable.π Read
via "National Vulnerability Database".
βΌ CVE-2022-24904 βΌ
π Read
via "National Vulnerability Database".
Argo CD is a declarative, GitOps continuous delivery tool for Kubernetes. Argo CD starting with version 0.7.0 and prior to versions 2.1.15m 2.2.9, and 2.3.4 is vulnerable to a symlink following bug allowing a malicious user with repository write access to leak sensitive files from Argo CD's repo-server. A malicious Argo CD user with write access for a repository which is (or may be) used in a directory-type Application may commit a symlink which points to an out-of-bounds file. Sensitive files which could be leaked include manifest files from other Applications' source repositories (potentially decrypted files, if you are using a decryption plugin) or any JSON-formatted secrets which have been mounted as files on the repo-server. A patch for this vulnerability has been released in Argo CD versions 2.3.4, 2.2.9, and 2.1.15. Users of versions 2.3.0 or above who do not have any Jsonnet/directory-type Applications may disable the Jsonnet/directory config management tool as a workaround.π Read
via "National Vulnerability Database".
βΌ CVE-2021-43729 βΌ
π Read
via "National Vulnerability Database".
Pix-Link MiNi Router 28K.MiniRouter.20190211 was discovered to contain a stored cross-site scripting (XSS) vulnerability due to an unsanitized Security Key parameter.π Read
via "National Vulnerability Database".
βΌ CVE-2021-30028 βΌ
π Read
via "National Vulnerability Database".
SOOTEWAY Wi-Fi Range Extender v1.5 was discovered to use default credentials (the admin password for the admin account) to access the TELNET service, allowing attackers to erase/read/write the firmware remotely.π Read
via "National Vulnerability Database".
βΌ CVE-2021-43728 βΌ
π Read
via "National Vulnerability Database".
Pix-Link MiNi Router 28K.MiniRouter.20190211 was discovered to contain a stored cross-site scripting (XSS) vulnerability due to an unsanitized SSID parameter.π Read
via "National Vulnerability Database".
βΌ CVE-2022-31245 βΌ
π Read
via "National Vulnerability Database".
mailcow before 2022-05d allows a remote authenticated user to inject OS commands and escalate privileges to domain admin via the --debug option in conjunction with the ---PIPEMESS option in Sync Jobs.π Read
via "National Vulnerability Database".
π΄ Microsoft Rushes a Fix After May Patch Tuesday Breaks Authentication π΄
π Read
via "Dark Reading".
Two of Microsoft's Patch Tuesday updates need a do-over after causing certificate-based authentication errors.π Read
via "Dark Reading".
Dark Reading
Microsoft Rushes a Fix After May Patch Tuesday Breaks Authentication
Two of Microsoft's Patch Tuesday updates need a do-over after causing certificate-based authentication errors.
π Friday Five 5/20 π
π Read
via "".
In this week's Friday Five, read about the outing of a ransomware mastermind, growing threats against the global maritime supply chain, an under-the-radar iPhone exploit, and more!
π Read
via "".
Digital Guardian
Friday Five 5/20
In this week's Friday Five, read about the outing of a ransomware mastermind, growing threats against the global maritime supply chain, an under-the-radar iPhone exploit, and more!
βΌ CVE-2022-29160 βΌ
π Read
via "National Vulnerability Database".
Nextcloud Android is the Android client for Nextcloud, a self-hosted productivity platform. Prior to version 3.19.0, sensitive tokens, images, and user related details exist after deletion of a user account. This could result in misuse of the former account holder's information. Nextcloud Android version 3.19.0 contains a patch for this issue. There are no known workarounds available.π Read
via "National Vulnerability Database".
βΌ CVE-2022-22365 βΌ
π Read
via "National Vulnerability Database".
IBM WebSphere Application Server 7.0, 8.0, 8.5, and 9.0, with the Ajax Proxy Web Application (AjaxProxy.war) deployed, is vulnerable to spoofing by allowing a man-in-the-middle attacker to spoof SSL server hostnames. IBM X-Force ID: 220904.π Read
via "National Vulnerability Database".
βΌ CVE-2022-29163 βΌ
π Read
via "National Vulnerability Database".
Nextcloud Server is the file server software for Nextcloud, a self-hosted productivity platform. Prior to versions 22.2.6 and 23.0.3, a user can create a link that is not password protected even if the administrator requires links to be password protected. Versions 22.2.6 and 23.0.3 contain a patch for this issue. There are currently no known workarounds.π Read
via "National Vulnerability Database".
βΌ CVE-2021-39043 βΌ
π Read
via "National Vulnerability Database".
IBM Jazz Team Server 6.0.6, 6.0.6.1, 7.0, 7.0.1, and 7.0.2 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 214032.π Read
via "National Vulnerability Database".
βΌ CVE-2022-29159 βΌ
π Read
via "National Vulnerability Database".
Nextcloud Deck is a Kanban-style project & personal management tool for Nextcloud. In versions prior to 1.4.8, 1.5.6, and 1.6.1, an authenticated user can move stacks with cards from their own board to a board of another user. The Nextcloud Deck app contains a patch for this issue in versions 1.4.8, 1.5.6, and 1.6.1. There are no known currently-known workarounds available.π Read
via "National Vulnerability Database".
βΌ CVE-2022-24906 βΌ
π Read
via "National Vulnerability Database".
Nextcloud Deck is a Kanban-style project & personal management tool for Nextcloud, similar to Trello. The full path of the application is exposed to unauthorized users. It is recommended that the Nextcloud Deck app is upgraded to 1.2.11, 1.4.6, or 1.5.4. There is no workaround available.π Read
via "National Vulnerability Database".
βΌ CVE-2022-29177 βΌ
π Read
via "National Vulnerability Database".
Go Ethereum is the official Golang implementation of the Ethereum protocol. Prior to version 1.10.17, a vulnerable node, if configured to use high verbosity logging, can be made to crash when handling specially crafted p2p messages sent from an attacker node. Version 1.10.17 contains a patch that addresses the problem. As a workaround, setting loglevel to default level (`INFO`) makes the node not vulnerable to this attack.π Read
via "National Vulnerability Database".
βΌ CVE-2022-29170 βΌ
π Read
via "National Vulnerability Database".
Grafana is an open-source platform for monitoring and observability. In Grafana Enterprise, the Request security feature allows list allows to configure Grafana in a way so that the instance doesnΓΒ’Γ’β¬ÒβΒ’t call or only calls specific hosts. The vulnerability present starting with version 7.4.0-beta1 and prior to versions 7.5.16 and 8.5.3 allows someone to bypass these security configurations if a malicious datasource (running on an allowed host) returns an HTTP redirect to a forbidden host. The vulnerability only impacts Grafana Enterprise when the Request security allow list is used and there is a possibility to add a custom datasource to Grafana which returns HTTP redirects. In this scenario, Grafana would blindly follow the redirects and potentially give secure information to the clients. Grafana Cloud is not impacted by this vulnerability. Versions 7.5.16 and 8.5.3 contain a patch for this issue. There are currently no known workarounds.π Read
via "National Vulnerability Database".
π΄ Quantum Key Distribution for a Post-Quantum World π΄
π Read
via "Dark Reading".
New versions of QKD use separate wavelengths on the same fiber, improving cost and efficiency, but distance is still a challenge.π Read
via "Dark Reading".
Dark Reading
Quantum Key Distribution for a Post-Quantum World
New versions of QKD use separate wavelengths on the same fiber, improving cost and efficiency, but distance is still a challenge.