‼ CVE-2021-3779 ‼
📖 Read
via "National Vulnerability Database".
A malicious MySQL server can request local file content from a client using ruby-mysql prior to version 2.10.0 without explicit authorization from the user. This issue was resolved in version 2.10.0 and later.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-31052 ‼
📖 Read
via "National Vulnerability Database".
Synapse is an open source home server implementation for the Matrix chat network. In versions prior to 1.61.1 URL previews of some web pages can exhaust the available stack space for the Synapse process due to unbounded recursion. This is sometimes recoverable and leads to an error for the request causing the problem, but in other cases the Synapse process may crash altogether. It is possible to exploit this maliciously, either by malicious users on the homeserver, or by remote users sending URLs that a local user's client may automatically request a URL preview for. Remote users are not able to exploit this directly, because the URL preview endpoint is authenticated. Deployments with `url_preview_enabled: false` set in configuration are not affected. Deployments with `url_preview_enabled: true` set in configuration **are** affected. Deployments with no configuration value set for `url_preview_enabled` are not affected, because the default is `false`. Administrators of homeservers with URL previews enabled are advised to upgrade to v1.61.1 or higher. Users unable to upgrade should set `url_preview_enabled` to false.📖 Read
via "National Vulnerability Database".
🕴 China-Backed APT Pwns Building-Automation Systems with ProxyLogon 🕴
📖 Read
via "Dark Reading".
The previously unknown state-sponsored group is compromising industrial targets with the ShadowPad malware before burrowing deeper into networks.📖 Read
via "Dark Reading".
Dark Reading
China-Backed APT Pwns Building-Automation Systems With ProxyLogon
The previously unknown state-sponsored group is compromising industrial targets with the ShadowPad malware before burrowing deeper into networks.
♟️ The Link Between AWM Proxy & the Glupteba Botnet ♟️
📖 Read
via "Krebs on Security".
On December 7, 2021, Google announced it had sued two Russian men allegedly responsible for operating the Glupteba botnet, a global malware menace that has infected millions of computers over the past decade. That same day, AWM Proxy -- a 14-year-old anonymity service that rents hacked PCs to cybercriminals -- suddenly went offline. Security experts had long seen a link between Glupteba and AWM Proxy, but new research shows AWM Proxy's founder is one of the men being sued by Google.📖 Read
via "Krebs on Security".
Krebs on Security
The Link Between AWM Proxy & the Glupteba Botnet
On December 7, 2021, Google announced it had sued two Russian men allegedly responsible for operating the Glupteba botnet, a global malware menace that has infected millions of computers over the past decade. That same day, AWM Proxy -- a…
🕴 'Raccoon Stealer' Scurries Back on the Scene After Hiatus 🕴
📖 Read
via "Dark Reading".
Researchers this week said they had observed criminals using a new and improved version of the prolific malware, barely three months after its authors announced they were quitting.📖 Read
via "Dark Reading".
Dark Reading
Cyberattacks & Data Breaches recent news | Dark Reading
Explore the latest news and expert commentary on Cyberattacks & Data Breaches, brought to you by the editors of Dark Reading
🕴 RSA 2022: Omdia Research Take Aways 🕴
📖 Read
via "Dark Reading".
The RSA conference in San Francisco always feels like drinking from a fire hose but especially this year at the first in-person RSA since the pandemic began.📖 Read
via "Dark Reading".
Dark Reading
RSA 2022: Omdia Research Take Aways
The RSA conference in San Francisco always feels like drinking from a fire hose but especially this year at the first in-person RSA since the pandemic began.
🕴 Google Analytics Continues to Lose SEO Visibility as Bans Continue 🕴
📖 Read
via "Dark Reading".
Google Analytics has been found to be in violation of GDPR privacy laws by Italy — the third country to ban it.📖 Read
via "Dark Reading".
Dark Reading
Google Analytics Continues to Lose SEO Visibility as Bans Continue
Google Analytics has been found to be in violation of GDPR privacy laws by Italy — the third country to ban it.
‼ CVE-2022-31061 ‼
📖 Read
via "National Vulnerability Database".
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. In affected versions there is a SQL injection vulnerability which is possible on login page. No user credentials are required to exploit this vulnerability. Users are advised to upgrade as soon as possible. There are no known workarounds for this issue.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-28621 ‼
📖 Read
via "National Vulnerability Database".
A remote disclosure of sensitive information vulnerability was discovered in HPE NonStop DSM/SCM version: T6031H03^ADP. HPE has provided a software update to resolve this vulnerability in HPE NonStop DSM/SCM.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-31068 ‼
📖 Read
via "National Vulnerability Database".
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. In affected versions all GLPI instances with the native inventory used may leak sensitive information. The feature to get refused file is not authenticated. This issue has been addressed in version 10.0.2 and all affected users are advised to upgrade.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-2145 ‼
📖 Read
via "National Vulnerability Database".
Cloudflare WARP client for Windows (up to v. 2022.5.309.0) allowed creation of mount points from its ProgramData folder. During installation of the WARP client, it was possible to escalate privileges and overwrite SYSTEM protected files.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-31229 ‼
📖 Read
via "National Vulnerability Database".
Dell PowerScale OneFS, 8.2.x through 9.3.0.x, contain an error message with sensitive information. An administrator could potentially exploit this vulnerability, leading to disclosure of sensitive information. This sensitive information can be used to access sensitive resources.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-31230 ‼
📖 Read
via "National Vulnerability Database".
Dell PowerScale OneFS, versions 8.2.x-9.2.x, contain broken or risky cryptographic algorithm. A remote unprivileged malicious attacker could potentially exploit this vulnerability, leading to full system access.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-31106 ‼
📖 Read
via "National Vulnerability Database".
Underscore.deep is a collection of Underscore mixins that operate on nested objects. Versions of `underscore.deep` prior to version 0.5.3 are vulnerable to a prototype pollution vulnerability. An attacker can craft a malicious payload and pass it to `deepFromFlat`, which would pollute any future Objects created. Any users that have `deepFromFlat` or `deepPick` (due to its dependency on `deepFromFlat`) in their code should upgrade to version 0.5.3 as soon as possible. Users unable to upgrade may mitigate this issue by modifying `deepFromFlat` to prevent specific keywords which will prevent this from happening.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-31056 ‼
📖 Read
via "National Vulnerability Database".
GLPI is a Free Asset and IT Management Software package, Data center management, ITIL Service Desk, licenses tracking and software auditing. In affected versions all assistance forms (Ticket/Change/Problem) permit sql injection on the actor fields. This issue has been resolved in version 10.0.2 and all affected users are advised to upgrade.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-31108 ‼
📖 Read
via "National Vulnerability Database".
Mermaid is a JavaScript based diagramming and charting tool that uses Markdown-inspired text definitions and a renderer to create and modify complex diagrams. An attacker is able to inject arbitrary `CSS` into the generated graph allowing them to change the styling of elements outside of the generated graph, and potentially exfiltrate sensitive information by using specially crafted `CSS` selectors. The following example shows how an attacker can exfiltrate the contents of an input field by bruteforcing the `value` attribute one character at a time. Whenever there is an actual match, an `http` request will be made by the browser in order to "load" a background image that will let an attacker know what's the value of the character. This issue may lead to `Information Disclosure` via CSS selectors and functions able to generate HTTP requests. This also allows an attacker to change the document in ways which may lead a user to perform unintended actions, such as clicking on a link, etc. This issue has been resolved in version 9.1.3. Users are advised to upgrade. Users unable to upgrade should ensure that user input is adequately escaped before embedding it in CSS blocks.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-31885 ‼
📖 Read
via "National Vulnerability Database".
Marval MSM v14.19.0.12476 is vulnerable to OS Command Injection due to the insecure handling of VBScripts.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-2231 ‼
📖 Read
via "National Vulnerability Database".
NULL Pointer Dereference in GitHub repository vim/vim prior to 8.,2.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-3433 ‼
📖 Read
via "National Vulnerability Database".
Invalid channel map in CONNECT_IND results to Deadlock. Zephyr versions >= v2.5.0 Improper Check or Handling of Exceptional Conditions (CWE-703). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-3c2f-w4v6-qxrp📖 Read
via "National Vulnerability Database".
‼ CVE-2021-3430 ‼
📖 Read
via "National Vulnerability Database".
Assertion reachable with repeated LL_CONNECTION_PARAM_REQ. Zephyr versions >= v1.14 contain Reachable Assertion (CWE-617). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-46h3-hjcq-2jjr📖 Read
via "National Vulnerability Database".
‼ CVE-2021-3432 ‼
📖 Read
via "National Vulnerability Database".
Invalid interval in CONNECT_IND leads to Division by Zero. Zephyr versions >= v1.14.0 Divide By Zero (CWE-369). For more information, see https://github.com/zephyrproject-rtos/zephyr/security/advisories/GHSA-7364-p4wc-8mj4📖 Read
via "National Vulnerability Database".