βΌ CVE-2022-2017 βΌ
π Read
via "National Vulnerability Database".
A vulnerability was found in SourceCodester Prison Management System 1.0. It has been rated as critical. This issue affects some unknown processing of the file /pms/admin/visits/view_visit.php of the component Visit Handler. The manipulation of the argument id with the input 2%27and%201=2%20union%20select%201,2,3,4,5,6,7,user(),database()--+ leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used.π Read
via "National Vulnerability Database".
π΄ Emotet Banking Trojan Resurfaces, Skating Past Email Security π΄
π Read
via "Dark Reading".
The malware is using spreadsheets, documents, and other types of Microsoft Office attachments in a new and improved version that is often able to bypass email gateway-security scanners.π Read
via "Dark Reading".
Dark Reading
Emotet Banking Trojan Resurfaces, Skating Past Email Security
The malware is using spreadsheets, documents, and other types of Microsoft Office attachments in a new and improved version that is often able to bypass email gateway-security scanners.
π΄ Identity-First Security Helps Reduce and Neutralize Enterprise Threats π΄
π Read
via "Dark Reading".
Okta's Marc Rogers and Auth0's Jameeka Aaron join Dark Reading's Terry Sweeney at Dark Reading News Desk during RSA Conference to talk about remote work security.π Read
via "Dark Reading".
Darkreading
Identity-First Security Helps Reduce and Neutralize Enterprise Threats
Okta's Marc Rogers and Auth0's Jameeka Aaron join Dark Reading's Terry Sweeney at Dark Reading News Desk during RSA Conference to talk about remote work security.
βΌ CVE-2022-29224 βΌ
π Read
via "National Vulnerability Database".
Envoy is a cloud-native high-performance proxy. Versions of envoy prior to 1.22.1 are subject to a segmentation fault in the GrpcHealthCheckerImpl. Envoy can perform various types of upstream health checking. One of them uses gRPC. Envoy also has a feature which can ΓΒ’Γ’βΒ¬Γ
βholdΓΒ’Γ’βΒ¬? (prevent removal) upstream hosts obtained via service discovery until configured active health checking fails. If an attacker controls an upstream host and also controls service discovery of that host (via DNS, the EDS API, etc.), an attacker can crash Envoy by forcing removal of the host from service discovery, and then failing the gRPC health check request. This will crash Envoy via a null pointer dereference. Users are advised to upgrade to resolve this vulnerability. Users unable to upgrade may disable gRPC health checking and/or replace it with a different health checking type as a mitigation.π Read
via "National Vulnerability Database".
βΌ CVE-2022-30898 βΌ
π Read
via "National Vulnerability Database".
A Cross-site request forgery (CSRF) vulnerability in Cscms music portal system v4.2 allows remote attackers to change the administrator's username and password.π Read
via "National Vulnerability Database".
βΌ CVE-2022-24876 βΌ
π Read
via "National Vulnerability Database".
GLPI is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. Kanban is a GLPI view to display Projects, Tickets, Changes or Problems on a task board. In versions prior to 10.0.1 a user can exploit a cross site scripting vulnerability in Kanban by injecting HTML code in its user name. Users are advised to upgrade. There are no known workarounds for this issue.π Read
via "National Vulnerability Database".
π΄ DigiCert Acquires DNS Made Easy π΄
π Read
via "Dark Reading".
The certificate management company plans to integrate DNS services throughout its portfolio.π Read
via "Dark Reading".
Dark Reading
DigiCert Acquires DNS Made Easy
The certificate management company plans to integrate DNS services throughout its portfolio.
π΄ Prevent Breaches and Malware With Proactive Defenses π΄
π Read
via "Dark Reading".
Darktrace's Mike Beck joins Dark Reading's Terry Sweeney at Dark Reading News Desk during RSA Conference to talk about risk management.π Read
via "Dark Reading".
Darkreading
Prevent Breaches and Malware With Proactive Defenses
Darktrace's Mike Beck joins Dark Reading's Terry Sweeney at Dark Reading News Desk during RSA Conference to talk about risk management.
π΄ Lacework Blends Artificial Intelligence and Automation to Bolster Cloud Security π΄
π Read
via "Dark Reading".
Lacework's Mark Nunnikhoven joins Dark Reading's Terry Sweeney at Dark Reading News Desk during RSA Conference to talk about AI and cloud security.π Read
via "Dark Reading".
Darkreading
Lacework Blends Artificial Intelligence and Automation to Bolster Cloud Security
Lacework's Mark Nunnikhoven joins Dark Reading's Terry Sweeney at Dark Reading News Desk during RSA Conference to talk about AI and cloud security.
π΄ Noname: Proactiveness Is the Name of the Game in App Security π΄
π Read
via "Dark Reading".
Noname Security's Shay Levi joins Dark Reading's Terry Sweeney at Dark Reading News Desk during RSA Conference to talk about making code more secure.π Read
via "Dark Reading".
Darkreading
Noname: Proactiveness Is the Name of the Game in App Security
Noname Security's Shay Levi joins Dark Reading's Terry Sweeney at Dark Reading News Desk during RSA Conference to talk about making code more secure.
π΄ Sysdig Takes a Deeper Cut at Cloud Security π΄
π Read
via "Dark Reading".
Sysdig's Omer Azaria joins Dark Reading's Terry Sweeney at Dark Reading News Desk during RSA Conference to talk about cloud security.π Read
via "Dark Reading".
Darkreading
Sysdig Takes a Deeper Cut at Cloud Security
Sysdig's Omer Azaria joins Dark Reading's Terry Sweeney at Dark Reading News Desk during RSA Conference to talk about cloud security.
βΌ CVE-2022-29226 βΌ
π Read
via "National Vulnerability Database".
Envoy is a cloud-native high-performance proxy. In versions prior to 1.22.1 the OAuth filter implementation does not include a mechanism for validating access tokens, so by design when the HMAC signed cookie is missing a full authentication flow should be triggered. However, the current implementation assumes that access tokens are always validated thus allowing access in the presence of any access token attached to the request. Users are advised to upgrade. There is no known workaround for this issue.π Read
via "National Vulnerability Database".
βΌ CVE-2022-30703 βΌ
π Read
via "National Vulnerability Database".
Trend Micro Security 2021 and 2022 (Consumer) is vulnerable to an exposed dangerous method vulnerability that could allow an attacker to obtain access to leaked kernel addresses and disclose sensitive information. This vulnerability could also potentially be chained for privilege escalation.π Read
via "National Vulnerability Database".
βΌ CVE-2022-29228 βΌ
π Read
via "National Vulnerability Database".
Envoy is a cloud-native high-performance proxy. In versions prior to 1.22.1 the OAuth filter would try to invoke the remaining filters in the chain after emitting a local response, which triggers an ASSERT() in newer versions and corrupts memory on earlier versions. continueDecoding() shouldnΓΒ’Γ’β¬ÒβΒ’t ever be called from filters after a local reply has been sent. Users are advised to upgrade. There are no known workarounds for this issue.π Read
via "National Vulnerability Database".
βΌ CVE-2022-31051 βΌ
π Read
via "National Vulnerability Database".
semantic-release is an open source npm package for automated version management and package publishing. In affected versions secrets that would normally be masked by semantic-release can be accidentally disclosed if they contain characters that are excluded from uri encoding by `encodeURI`. Occurrence is further limited to execution contexts where push access to the related repository is not available without modifying the repository url to inject credentials. Users are advised to upgrade. Users unable to upgrade should ensure that secrets that do not contain characters that are excluded from encoding with `encodeURI` when included in a URL are already masked properly.π Read
via "National Vulnerability Database".
βΌ CVE-2022-30702 βΌ
π Read
via "National Vulnerability Database".
Trend Micro Security 2022 and 2021 (Consumer) is vulnerable to an Out-Of-Bounds Read Information Disclosure vulnerability that could allow an attacker to disclose sensitive information on an affected machine.π Read
via "National Vulnerability Database".
βΌ CVE-2022-31033 βΌ
π Read
via "National Vulnerability Database".
The Mechanize library is used for automating interaction with websites. Mechanize automatically stores and sends cookies, follows redirects, and can follow links and submit forms. In versions prior to 2.8.5 the Authorization header is leaked after a redirect to a different port on the same site. Users are advised to upgrade to Mechanize v2.8.5 or later. There are no known workarounds for this issue.π Read
via "National Vulnerability Database".
βΌ CVE-2022-29250 βΌ
π Read
via "National Vulnerability Database".
GLPI is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. In versions prior to version 10.0.1 it is possible to add extra information by SQL injection on search pages. In order to exploit this vulnerability a user must be logged in.π Read
via "National Vulnerability Database".
βΌ CVE-2022-29227 βΌ
π Read
via "National Vulnerability Database".
Envoy is a cloud-native high-performance edge/middle/service proxy. In versions prior to 1.22.1 if Envoy attempts to send an internal redirect of an HTTP request consisting of more than HTTP headers, thereΓΒ’Γ’β¬ÒβΒ’s a lifetime bug which can be triggered. If while replaying the request Envoy sends a local reply when the redirect headers are processed, the downstream state indicates that the downstream stream is not complete. On sending the local reply, Envoy will attempt to reset the upstream stream, but as it is actually complete, and deleted, this result in a use-after-free. Users are advised to upgrade. Users unable to upgrade are advised to disable internal redirects if crashes are observed.π Read
via "National Vulnerability Database".
βΌ CVE-2022-31045 βΌ
π Read
via "National Vulnerability Database".
Istio is an open platform to connect, manage, and secure microservices. In affected versions ill-formed headers sent to Envoy in certain configurations can lead to unexpected memory access resulting in undefined behavior or crashing. Users are most likely at risk if they have an Istio ingress Gateway exposed to external traffic. This vulnerability has been resolved in versions 1.12.8, 1.13.5, and 1.14.1. Users are advised to upgrade. There are no known workarounds for this issue.π Read
via "National Vulnerability Database".
βΌ CVE-2022-29225 βΌ
π Read
via "National Vulnerability Database".
Envoy is a cloud-native high-performance proxy. In versions prior to 1.22.1 secompressors accumulate decompressed data into an intermediate buffer before overwriting the body in the decode/encodeBody. This may allow an attacker to zip bomb the decompressor by sending a small highly compressed payload. Maliciously constructed zip files may exhaust system memory and cause a denial of service. Users are advised to upgrade. Users unable to upgrade may consider disabling decompression.π Read
via "National Vulnerability Database".