β GnuTLS patches memory mismanagement bug β update now! β
π Read
via "Naked Security".
GnuTLS may well be the most widespread cryptographic toolkit you've never heard of. Learn more...π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
π΄ Name That Edge Toon: Up a Tree π΄
π Read
via "Dark Reading".
Come up with a clever caption, and our panel of experts will reward the winner with a $25 Amazon gift card.π Read
via "Dark Reading".
Dark Reading
Name That Edge Toon: Up a Tree
Come up with a clever caption, and our panel of experts will reward the winner with a $25 Amazon gift card.
π΄ Chromium Browsers Allow Data Exfiltration via Bookmark Syncing π΄
π Read
via "Dark Reading".
"Bruggling" emerges as a novel technique for pilfering data out from a compromised environment β or for sneaking in malicious code and attack tools.π Read
via "Dark Reading".
Dark Reading
Chromium Browsers Allow Data Exfiltration via Bookmark Syncing
"Bruggling" emerges as a novel technique for pilfering data out from a compromised environment β or for sneaking in malicious code and attack tools.
βΌ CVE-2022-34307 βΌ
π Read
via "National Vulnerability Database".
IBM CICS TX 11.1 does not set the secure attribute on authorization tokens or session cookies. Attackers may be able to get the cookie values by sending a http:// link to a user or by planting this link in a site the user goes to. The cookie will be sent to the insecure link and the attacker can then obtain the cookie value by snooping the traffic. IBM X-Force ID: 229436.π Read
via "National Vulnerability Database".
βΌ CVE-2022-34161 βΌ
π Read
via "National Vulnerability Database".
IBM CICS TX 11.1 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 229331.π Read
via "National Vulnerability Database".
βΌ CVE-2022-33955 βΌ
π Read
via "National Vulnerability Database".
IBM CICS TX 11.1 could allow allow an attacker with physical access to the system to execute code due using a back and refresh attack. IBM X-Force ID: 229312.π Read
via "National Vulnerability Database".
βΌ CVE-2022-34162 βΌ
π Read
via "National Vulnerability Database".
IBM CICS TX 11.1 could allow a remote attacker to hijack the clicking action of the victim. By persuading a victim to visit a malicious Web site, a remote attacker could exploit this vulnerability to hijack the victim's click actions and possibly launch further attacks against the victim. IBM X-Force ID: 229332.π Read
via "National Vulnerability Database".
βΌ CVE-2022-31109 βΌ
π Read
via "National Vulnerability Database".
laminas-diactoros is a PHP package containing implementations of the PSR-7 HTTP message interfaces and PSR-17 HTTP message factory interfaces. Applications that use Diactoros, and are either not behind a proxy, or can be accessed via untrusted proxies, can potentially have the host, protocol, and/or port of a `Laminas\Diactoros\Uri` instance associated with the incoming server request modified to reflect values from `X-Forwarded-*` headers. Such changes can potentially lead to XSS attacks (if a fully-qualified URL is used in links) and/or URL poisoning. Since the `X-Forwarded-*` headers do have valid use cases, particularly in clustered environments using a load balancer, the library offers mitigation measures only in the v2 releases, as doing otherwise would break these use cases immediately. Users of v2 releases from 2.11.1 can provide an additional argument to `Laminas\Diactoros\ServerRequestFactory::fromGlobals()` in the form of a `Laminas\Diactoros\RequestFilter\RequestFilterInterface` instance, including the shipped `Laminas\Diactoros\RequestFilter\NoOpRequestFilter` implementation which ignores the `X-Forwarded-*` headers. Starting in version 3.0, the library will reverse behavior to use the `NoOpRequestFilter` by default, and require users to opt-in to `X-Forwarded-*` header usage via a configured `Laminas\Diactoros\RequestFilter\LegacyXForwardedHeaderFilter` instance. Users are advised to upgrade to version 2.11.1 or later to resolve this issue. Users unable to upgrade may configure web servers to reject `X-Forwarded-*` headers at the web server level.π Read
via "National Vulnerability Database".
βΌ CVE-2022-31148 βΌ
π Read
via "National Vulnerability Database".
Shopware is an open source e-commerce software. In versions from 5.7.0 a persistent cross site scripting (XSS) vulnerability exists in the customer module. Users are recommend to update to the current version 5.7.14. You can get the update to 5.7.14 regularly via the Auto-Updater or directly via the download overview. There are no known workarounds for this issue.π Read
via "National Vulnerability Database".
βΌ CVE-2022-34164 βΌ
π Read
via "National Vulnerability Database".
IBM CICS TX 11.1 could allow a local user to impersonate another legitimate user due to improper input validation. IBM X-Force ID: 229338.π Read
via "National Vulnerability Database".
βΌ CVE-2022-34163 βΌ
π Read
via "National Vulnerability Database".
IBM CICS TX 11.1 is vulnerable to HTTP header injection, caused by improper validation of input by the HOST headers. This could allow an attacker to conduct various attacks against the vulnerable system, including cross-site scripting, cache poisoning or session hijacking. IBM X-Force ID: 229333.π Read
via "National Vulnerability Database".
βΌ CVE-2022-31128 βΌ
π Read
via "National Vulnerability Database".
Tuleap is a Free & Open Source Suite to improve management of software developments and collaboration. In affected versions Tuleap does not properly verify permissions when creating branches with the REST API in Git repositories using the fine grained permissions. Users can create branches via the REST endpoint `POST git/:id/branches` regardless of the permissions set on the repository. This issue has been fixed in version 13.10.99.82 Tuleap Community Edition as well as in version 13.10-3 of Tuleap Enterprise Edition. Users are advised to upgrade. There are no known workarounds for this issue.π Read
via "National Vulnerability Database".
π΄ Credential Canaries Create Minefield for Attackers π΄
π Read
via "Dark Reading".
Canary tokens β also known as honey tokens β force attackers to second-guess their potential good fortune when they come across user and application secrets.π Read
via "Dark Reading".
Dark Reading
Credential Canaries Create Minefield for Attackers
Canary tokens β also known as honey tokens β force attackers to second-guess their potential good fortune when they come across user and application secrets.
π΄ Ransomware Hit on European Pipeline & Energy Supplier Encevo Linked to BlackCat π΄
π Read
via "Dark Reading".
Customers across several European countries are urged to update credentials in the wake of the attack that affected a gas-pipeline operator and power company.π Read
via "Dark Reading".
Dark Reading
Ransomware Hit on European Pipeline & Energy Supplier Encevo Linked to BlackCat
Customers across several European countries are urged to update credentials in the wake of the attack that affected a gas-pipeline operator and power company.
βΌ CVE-2022-31177 βΌ
π Read
via "National Vulnerability Database".
Flask-AppBuilder is an application development framework built on top of Flask python framework. In versions prior to 4.1.3 an authenticated Admin user could query other users by their salted and hashed passwords strings. These filters could be made by using partial hashed password strings. The response would not include the hashed passwords, but an attacker could infer partial password hashes and their respective users. This issue has been fixed in version 4.1.3. Users are advised to upgrade. There are no known workarounds for this issue.π Read
via "National Vulnerability Database".
βΌ CVE-2022-31173 βΌ
π Read
via "National Vulnerability Database".
Juniper is a GraphQL server library for Rust. Affected versions of Juniper are vulnerable to uncontrolled recursion resulting in a program crash. This issue has been addressed in version 0.15.10. Users are advised to upgrade. Users unable to upgrade should limit the recursion depth manually.π Read
via "National Vulnerability Database".
βΌ CVE-2022-31178 βΌ
π Read
via "National Vulnerability Database".
eLabFTW is an electronic lab notebook manager for research teams. A vulnerability was discovered which allows a logged in user to read a template without being authorized to do so. This vulnerability has been patched in 4.3.4. Users are advised to upgrade. There are no known workarounds for this issue.π Read
via "National Vulnerability Database".
βΌ CVE-2022-31155 βΌ
π Read
via "National Vulnerability Database".
Sourcegraph is an opensource code search and navigation engine. In Sourcegraph versions before 3.41.0, it is possible for an attacker to delete other usersΓΒ’Γ’β¬ÒβΒ’ saved searches due to a bug in the authorization check. The vulnerability does not allow the reading of other usersΓΒ’Γ’β¬ÒβΒ’ saved searches, only overwriting them with attacker-controlled searches. The issue is patched in Sourcegraph version 3.41.0. There is no workaround for this issue and updating to a secure version is highly recommended.π Read
via "National Vulnerability Database".
βΌ CVE-2022-31154 βΌ
π Read
via "National Vulnerability Database".
Sourcegraph is an opensource code search and navigation engine. It is possible for an authenticated Sourcegraph user to edit the Code Monitors owned by any other Sourcegraph user. This includes being able to edit both the trigger and the action of the monitor in question. An attacker is not able to read contents of existing code monitors, only override the data. The issue is fixed in Sourcegraph 3.42. There are no workaround for the issue and patching is highly recommended.π Read
via "National Vulnerability Database".
π΄ DoJ: Foreign Adversaries Breach US Federal Court Records π΄
π Read
via "Dark Reading".
A Justice Department official testifies to a House committee that the cyberattack is a "significant concern."π Read
via "Dark Reading".
Dark Reading
DoJ: Foreign Adversaries Breach US Federal Court Records
A Justice Department official testifies to a House committee that the cyberattack is a "significant concern."
βΌ CVE-2022-31190 βΌ
π Read
via "National Vulnerability Database".
DSpace open source software is a repository application which provides durable access to digital resources. dspace-xmlui is a UI component for DSpace. In affected versions metadata on a withdrawn Item is exposed via the XMLUI "mets.xml" object, as long as you know the handle/URL of the withdrawn Item. This vulnerability only impacts the XMLUI. Users are advised to upgrade to version 6.4 or newer.π Read
via "National Vulnerability Database".