βΌ CVE-2022-31084 βΌ
π Read
via "National Vulnerability Database".
LDAP Account Manager (LAM) is a webfrontend for managing entries (e.g. users, groups, DHCP settings) stored in an LDAP directory. In versions prior to 8.0 There are cases where LAM instantiates objects from arbitrary classes. An attacker can inject the first constructor argument. This can lead to code execution if non-LAM classes are instantiated that execute code during object creation. This issue has been fixed in version 8.0.π Read
via "National Vulnerability Database".
βΌ CVE-2022-31057 βΌ
π Read
via "National Vulnerability Database".
Shopware is an open source e-commerce software made in Germany. Versions of Shopware 5 prior to version 5.7.12 are subject to an authenticated Stored XSS in Administration. Users are advised to upgrade. There are no known workarounds for this issue.π Read
via "National Vulnerability Database".
βΌ CVE-2022-31065 βΌ
π Read
via "National Vulnerability Database".
BigBlueButton is an open source web conferencing system. In affected versions an attacker can embed malicious JS in their username and have it executed on the victim's client. When a user receives a private chat from the attacker (whose username contains malicious JavaScript), the script gets executed. Additionally when the victim receives a notification that the attacker has left the session. This issue has been patched in version 2.4.8 and 2.5.0. There are no known workarounds for this issue.π Read
via "National Vulnerability Database".
π΄ Federal, State Agencies' Aid Programs Face Synthetic Identity Fraud π΄
π Read
via "Dark Reading".
Balancing public service with fraud prevention requires rule revisions and public trust.π Read
via "Dark Reading".
Dark Reading
Federal, State Agencies' Aid Programs Face Synthetic Identity Fraud
Balancing public service with fraud prevention requires rule revisions and public trust.
π’ Cisco to exit Russia, Belarus in business wind-down π’
π Read
via "ITPro".
The tech giant is the latest to leave the region altogether as Russia continues its invasion of Ukraineπ Read
via "ITPro".
IT PRO
Cisco to exit Russia, Belarus in business wind-down | IT PRO
The tech giant is the latest to leave the region altogether as Russia continues its invasion of Ukraine
π’ Carnival hit with $5 million fine over cyber security violations π’
π Read
via "ITPro".
The cruise line operator was criticised for failing to implement multi-factor authentication and failing to conduct cyber security training for its staffπ Read
via "ITPro".
IT PRO
Carnival hit with $5 million fine over cyber security violations | IT PRO
The cruise line operator was criticised for failing to implement multi-factor authentication and failing to conduct cyber security training for its staff
π’ Cloudflare unveils new One Partner Program with zero trust at its core π’
π Read
via "ITPro".
Cloudflare CEO Matthew Prince says the initiative aims to take the complexity out of zero trust architectureπ Read
via "ITPro".
IT PRO
Cloudflare unveils new One Partner Program with zero trust at its core | IT PRO
Cloudflare CEO Matthew Prince says the initiative aims to take the complexity out of zero trust architecture
π’ LockBit 2.0 ransomware disguised as PDFs distributed in email attacks π’
π Read
via "ITPro".
Researchers have urged vigilance over compressed attachments sent under false pretensesπ Read
via "ITPro".
IT PRO
LockBit 2.0 ransomware disguised as PDFs distributed in email attacks | IT PRO
Researchers have urged vigilance over compressed attachments sent under false pretenses
π’ Google warns of βISP-controlled Hermit spyware π’
π Read
via "ITPro".
The spyware primarily targets Android and iOS users in Italy and Kazakhstanπ Read
via "ITPro".
IT PRO
Google warns of βISP-controlled Hermit spyware | IT PRO
The spyware primarily targets Android and iOS users in Italy and Kazakhstan
π’ Kaspersky finds most effective phishing emails imitate corporate messages, delivery notifications π’
π Read
via "ITPro".
Almost one in five employees clicked links in business related emails, but most emails containing threats or promising money were identified as phishingπ Read
via "ITPro".
IT PRO
Kaspersky finds most effective phishing emails imitate corporate messages, delivery notifications | IT PRO
Almost one in five employees clicked links in business related emails, but most emails containing threats or promising money were identified as phishing
π’ WatchGuard Firebox M590 review: Big red network security π’
π Read
via "ITPro".
A powerful mid-range UTM appliance with top-notch security features at a sensible priceπ Read
via "ITPro".
IT PRO
WatchGuard Firebox M590 review: Big red network security | IT PRO
A powerful mid-range UTM appliance with top-notch security features at a sensible price
βΌ CVE-2022-32995 βΌ
π Read
via "National Vulnerability Database".
Halo CMS v1.5.3 was discovered to contain a Server-Side Request Forgery (SSRF) via the template remote download function.π Read
via "National Vulnerability Database".
βΌ CVE-2022-31096 βΌ
π Read
via "National Vulnerability Database".
Discourse is an open source discussion platform. Under certain conditions, a logged in user can redeem an invite with an email that either doesn't match the invite's email or does not adhere to the email domain restriction of an invite link. The impact of this flaw is aggravated when the invite has been configured to add the user that accepts the invite into restricted groups. Once a user has been incorrectly added to a restricted group, the user may then be able to view content which that are restricted to the respective group. Users are advised to upgrade to the current stable releases. There are no known workarounds to this issue.π Read
via "National Vulnerability Database".
βΌ CVE-2022-33879 βΌ
π Read
via "National Vulnerability Database".
The initial fixes in CVE-2022-30126 and CVE-2022-30973 for regexes in the StandardsExtractingContentHandler were insufficient, and we found a separate, new regex DoS in a different regex in the StandardsExtractingContentHandler. These are now fixed in 1.28.4 and 2.4.1.π Read
via "National Vulnerability Database".
βΌ CVE-2022-31099 βΌ
π Read
via "National Vulnerability Database".
rulex is a new, portable, regular expression language. When parsing untrusted rulex expressions, the stack may overflow, possibly enabling a Denial of Service attack. This happens when parsing an expression with several hundred levels of nesting, causing the process to abort immediately. This is a security concern for you, if your service parses untrusted rulex expressions (expressions provided by an untrusted user), and your service becomes unavailable when the process running rulex aborts due to a stack overflow. The crash is fixed in version **0.4.3**. Affected users are advised to update to this version. There are no known workarounds for this issue.π Read
via "National Vulnerability Database".
βΌ CVE-2022-31090 βΌ
π Read
via "National Vulnerability Database".
Guzzle, an extensible PHP HTTP client. `Authorization` headers on requests are sensitive information. In affected versions when using our Curl handler, it is possible to use the `CURLOPT_HTTPAUTH` option to specify an `Authorization` header. On making a request which responds with a redirect to a URI with a different origin (change in host, scheme or port), if we choose to follow it, we should remove the `CURLOPT_HTTPAUTH` option before continuing, stopping curl from appending the `Authorization` header to the new request. Affected Guzzle 7 users should upgrade to Guzzle 7.4.5 as soon as possible. Affected users using any earlier series of Guzzle should upgrade to Guzzle 6.5.8 or 7.4.5. Note that a partial fix was implemented in Guzzle 7.4.2, where a change in host would trigger removal of the curl-added Authorization header, however this earlier fix did not cover change in scheme or change in port. If you do not require or expect redirects to be followed, one should simply disable redirects all together. Alternatively, one can specify to use the Guzzle steam handler backend, rather than curl.π Read
via "National Vulnerability Database".
βΌ CVE-2022-31098 βΌ
π Read
via "National Vulnerability Database".
Weave GitOps is a simple open source developer platform for people who want cloud native applications, without needing Kubernetes expertise. A vulnerability in the logging of Weave GitOps could allow an authenticated remote attacker to view sensitive cluster configurations, aka KubeConfg, of registered Kubernetes clusters, including the service account tokens in plain text from Weave GitOps's pod logs on the management cluster. An unauthorized remote attacker can also view these sensitive configurations from external log storage if enabled by the management cluster. This vulnerability is due to the client factory dumping cluster configurations and their service account tokens when the cluster manager tries to connect to an API server of a registered cluster, and a connection error occurs. An attacker could exploit this vulnerability by either accessing logs of a pod of Weave GitOps, or from external log storage and obtaining all cluster configurations of registered clusters. A successful exploit could allow the attacker to use those cluster configurations to manage the registered Kubernetes clusters. This vulnerability has been fixed by commit 567356f471353fb5c676c77f5abc2a04631d50ca. Users should upgrade to Weave GitOps core version v0.8.1-rc.6 or newer. There is no known workaround for this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2022-31103 βΌ
π Read
via "National Vulnerability Database".
lettersanitizer is a DOM-based HTML email sanitizer for in-browser email rendering. All versions of lettersanitizer below 1.0.2 are affected by a denial of service issue when processing a CSS at-rule `@keyframes`. This package is depended on by [react-letter](https://github.com/mat-sz/react-letter), therefore everyone using react-letter is also at risk. The problem has been patched in version 1.0.2.π Read
via "National Vulnerability Database".
βΌ CVE-2022-31100 βΌ
π Read
via "National Vulnerability Database".
rulex is a new, portable, regular expression language. When parsing untrusted rulex expressions, rulex may crash, possibly enabling a Denial of Service attack. This happens when the expression contains a multi-byte UTF-8 code point in a string literal or after a backslash, because rulex tries to slice into the code point and panics as a result. This is a security concern for you, if your service parses untrusted rulex expressions (expressions provided by an untrusted user), and your service becomes unavailable when the thread running rulex panics. The crashes are fixed in version **0.4.3**. Affected users are advised to update to this version. The only known workaround for this issue is to assume that regular expression parsing will panic and to add logic to catch panics.π Read
via "National Vulnerability Database".
βΌ CVE-2022-33009 βΌ
π Read
via "National Vulnerability Database".
A stored cross-site scripting (XSS) vulnerability in LightCMS v1.3.11 allows attackers to execute arbitrary web scripts or HTML via uploading a crafted PDF file.π Read
via "National Vulnerability Database".
βΌ CVE-2022-31091 βΌ
π Read
via "National Vulnerability Database".
Guzzle, an extensible PHP HTTP client. `Authorization` and `Cookie` headers on requests are sensitive information. In affected versions on making a request which responds with a redirect to a URI with a different port, if we choose to follow it, we should remove the `Authorization` and `Cookie` headers from the request, before containing. Previously, we would only consider a change in host or scheme. Affected Guzzle 7 users should upgrade to Guzzle 7.4.5 as soon as possible. Affected users using any earlier series of Guzzle should upgrade to Guzzle 6.5.8 or 7.4.5. Note that a partial fix was implemented in Guzzle 7.4.2, where a change in host would trigger removal of the curl-added Authorization header, however this earlier fix did not cover change in scheme or change in port. An alternative approach would be to use your own redirect middleware, rather than ours, if you are unable to upgrade. If you do not require or expect redirects to be followed, one should simply disable redirects all together.π Read
via "National Vulnerability Database".