โผ CVE-2022-29170 โผ
๐ Read
via "National Vulnerability Database".
Grafana is an open-source platform for monitoring and observability. In Grafana Enterprise, the Request security feature allows list allows to configure Grafana in a way so that the instance doesnรยขรขโยฌรขโยขt call or only calls specific hosts. The vulnerability present starting with version 7.4.0-beta1 and prior to versions 7.5.16 and 8.5.3 allows someone to bypass these security configurations if a malicious datasource (running on an allowed host) returns an HTTP redirect to a forbidden host. The vulnerability only impacts Grafana Enterprise when the Request security allow list is used and there is a possibility to add a custom datasource to Grafana which returns HTTP redirects. In this scenario, Grafana would blindly follow the redirects and potentially give secure information to the clients. Grafana Cloud is not impacted by this vulnerability. Versions 7.5.16 and 8.5.3 contain a patch for this issue. There are currently no known workarounds.๐ Read
via "National Vulnerability Database".
๐ด Quantum Key Distribution for a Post-Quantum World ๐ด
๐ Read
via "Dark Reading".
New versions of QKD use separate wavelengths on the same fiber, improving cost and efficiency, but distance is still a challenge.๐ Read
via "Dark Reading".
Dark Reading
Quantum Key Distribution for a Post-Quantum World
New versions of QKD use separate wavelengths on the same fiber, improving cost and efficiency, but distance is still a challenge.
๐ด Partial Patching Still Provides Strong Protection Against APTs ๐ด
๐ Read
via "Dark Reading".
Organizations that deploy updates only after a vulnerability is disclosed apply far fewer updates and do so at a lower cost than those that stay up to date on all of their software, university researchers say.๐ Read
via "Dark Reading".
Dark Reading
Partial Patching Still Provides Strong Protection Against APTs
Organizations that deploy updates only after a vulnerability is disclosed apply far fewer updates and do so at a lower cost than those that stay up to date on all of their software, university researchers say.
๐ด Chatbot Army Deployed in Latest DHL Shipping Phish ๐ด
๐ Read
via "Dark Reading".
In a new phishing tactic, faux chatbots establish a conversation with victims to guide them to malicious links, researchers say.๐ Read
via "Dark Reading".
Dark Reading
Chatbot Army Deployed in Latest DHL Shipping Phish
In a new phishing tactic, faux chatbots establish a conversation with victims to guide them to malicious links, researchers say.
โผ CVE-2022-29183 โผ
๐ Read
via "National Vulnerability Database".
GoCD is a continuous delivery server. GoCD versions 20.2.0 until 21.4.0 are vulnerable to reflected cross-site scripting via abuse of the pipeline comparison function's error handling to render arbitrary HTML into the returned page. This could allow an attacker to trick a victim into executing code which would allow the attacker to operate on, or gain control over the same resources as the victim had access to. This issue is fixed in GoCD 21.4.0. As a workaround, block access to `/go/compare/.*` prior to GoCD Server via a reverse proxy, web application firewall or equivalent, which would prevent use of the pipeline comparison function.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-29181 โผ
๐ Read
via "National Vulnerability Database".
Nokogiri is an open source XML and HTML library for Ruby. Nokogiri prior to version 1.13.6 does not type-check all inputs into the XML and HTML4 SAX parsers, allowing specially crafted untrusted inputs to cause illegal memory access errors (segfault) or reads from unrelated memory. Version 1.13.6 contains a patch for this issue. As a workaround, ensure the untrusted input is a `String` by calling `#to_s` or equivalent.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-1770 โผ
๐ Read
via "National Vulnerability Database".
Improper Privilege Management in GitHub repository polonel/trudesk prior to 1.2.2.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-29178 โผ
๐ Read
via "National Vulnerability Database".
Cilium is open source software for providing and securing network connectivity and loadbalancing between application workloads. Cilium prior to versions 1.9.16, 1.10.11, and 1.11.15 contains an incorrect default permissions vulnerability. Operating Systems with users belonging to the group ID 1000 can access the API of Cilium via Unix domain socket available on the host where Cilium is running. This could allow malicious users to compromise integrity as well as system availability on that host. The problem has been fixed and the patch is available in versions 1.9.16, 1.10.11, and 1.11.5. A potential workaround is to modify Cilium's DaemonSet to run with a certain command, which can be found in the GitHub Security Advisory for this vulnerability.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-28995 โผ
๐ Read
via "National Vulnerability Database".
Rengine v1.0.2 was discovered to contain a remote code execution (RCE) vulnerability via the yaml configuration function.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-28531 โผ
๐ Read
via "National Vulnerability Database".
Sourcecodester Covid-19 Directory on Vaccination System1.0 is vulnerable to SQL Injection via the admin/login.php txtusername (aka Username) field.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-29179 โผ
๐ Read
via "National Vulnerability Database".
Cilium is open source software for providing and securing network connectivity and loadbalancing between application workloads. Prior to versions 1.9.16, 1.10.11, and 1.11.15, if an attacker is able to perform a container escape of a container running as root on a host where Cilium is installed, the attacker can escalate privileges to cluster admin by using Cilium's Kubernetes service account. The problem has been fixed and the patch is available in versions 1.9.16, 1.10.11, and 1.11.5. There are no known workarounds available.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-29182 โผ
๐ Read
via "National Vulnerability Database".
GoCD is a continuous delivery server. GoCD versions 19.11.0 through 21.4.0 (inclusive) are vulnerable to a Document Object Model (DOM)-based cross-site scripting attack via a pipeline run's Stage Details > Graphs tab. It is possible for a malicious script on a attacker-hosted site to execute script that will run within the user's browser context and GoCD session via abuse of a messaging channel used for communication between with the parent page and the stage details graph's iframe. This could allow an attacker to steal a GoCD user's session cookies and/or execute malicious code in the user's context. This issue is fixed in GoCD 22.1.0. There are currently no known workarounds.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-28990 โผ
๐ Read
via "National Vulnerability Database".
WASM3 v0.5.0 was discovered to contain a heap overflow via the component /wabt/bin/poc.wasm.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-29186 โผ
๐ Read
via "National Vulnerability Database".
Rundeck is an open source automation service with a web console, command line tools and a WebAPI. Rundeck community and rundeck-enterprise docker images contained a pre-generated SSH keypair. If the id_rsa.pub public key of the keypair was copied to authorized_keys files on remote host, those hosts would allow access to anyone with the exposed private credentials. This misconfiguration only impacts Rundeck Docker instances of PagerDutyรโรยฎ Process Automation On Prem (formerly Rundeck) version 4.0 and earlier, not Debian, RPM or .WAR. Additionally, the id_rsa.pub file would have to be copied from the Docker image filesystem contents without overwriting it and used to configure SSH access on a host. A patch on Rundeck's `main` branch has removed the pre-generated SSH key pair, but it does not remove exposed keys that have been configured. To patch, users must run a script on hosts in their environment to search for exposed keys and rotate them. Two workarounds are available: Do not use any pre-existing public key file from the rundeck docker images to allow SSH access by adding it to authorized_keys files and, if you have copied the public key file included in the docker image, remove it from any authorized_keys files.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-29424 โผ
๐ Read
via "National Vulnerability Database".
Authenticated (admin or higher user role) Reflected Cross-Site Scripting (XSS) vulnerability in Biplob Adhikari's Image Hover Effects Ultimate plugin <= 9.7.1 at WordPress.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-29191 โผ
๐ Read
via "National Vulnerability Database".
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, the implementation of `tf.raw_ops.GetSessionTensor` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-29192 โผ
๐ Read
via "National Vulnerability Database".
TensorFlow is an open source platform for machine learning. Prior to versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4, The implementation of `tf.raw_ops.QuantizeAndDequantizeV4Grad` does not fully validate the input arguments. This results in a `CHECK`-failure which can be used to trigger a denial of service attack. Versions 2.9.0, 2.8.1, 2.7.2, and 2.6.4 contain a patch for this issue.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-21195 โผ
๐ Read
via "National Vulnerability Database".
All versions of package url-regex are vulnerable to Regular Expression Denial of Service (ReDoS) which can cause the CPU usage to crash.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-29434 โผ
๐ Read
via "National Vulnerability Database".
Insecure Direct Object References (IDOR) vulnerability in Spiffy Plugins Spiffy Calendar <= 4.9.0 at WordPress allows an attacker to edit or delete events.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-29448 โผ
๐ Read
via "National Vulnerability Database".
Authenticated (admin or higher user role) Local File Inclusion (LFI) vulnerability in Wow-Company's Herd Effects plugin <= 5.2 at WordPress.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-29427 โผ
๐ Read
via "National Vulnerability Database".
Cross-Site Request Forgery (CSRF) vulnerability in Aftab Muni's Disable Right Click For WP plugin <= 1.1.6 at WordPress.๐ Read
via "National Vulnerability Database".