βΌ CVE-2021-4122 βΌ
π Read
via "National Vulnerability Database".
It was found that a specially crafted LUKS header could trick cryptsetup into disabling encryption during the recovery of the device. An attacker with physical access to the medium, such as a flash disk, could use this flaw to force a user into permanently disabling the encryption layer of that medium.π Read
via "National Vulnerability Database".
βΌ CVE-2021-3998 βΌ
π Read
via "National Vulnerability Database".
A flaw was found in glibc. The realpath() function can mistakenly return an unexpected value, potentially leading to information leakage and disclosure of sensitive data.π Read
via "National Vulnerability Database".
βΌ CVE-2021-4125 βΌ
π Read
via "National Vulnerability Database".
It was found that the original fix for log4j CVE-2021-44228 and CVE-2021-45046 in the OpenShift metering hive containers was incomplete, as not all JndiLookup.class files were removed. This CVE only applies to the OpenShift Metering hive container images, shipped in OpenShift 4.8, 4.7 and 4.6.π Read
via "National Vulnerability Database".
βΌ CVE-2021-4189 βΌ
π Read
via "National Vulnerability Database".
A flaw was found in Python, specifically in the FTP (File Transfer Protocol) client library in PASV (passive) mode. The issue is how the FTP client trusts the host from the PASV response by default. This flaw allows an attacker to set up a malicious FTP server that can trick FTP clients into connecting back to a given IP address and port. This vulnerability could lead to FTP client scanning ports, which otherwise would not have been possible.π Read
via "National Vulnerability Database".
βΌ CVE-2021-4159 βΌ
π Read
via "National Vulnerability Database".
A vulnerability was found in the Linux kernel's EBPF verifier when handling internal data structures. Internal memory locations could be returned to userspace. A local attacker with the permissions to insert eBPF code to the kernel can use this to leak internal kernel memory details defeating some of the exploit mitigations in place for the kernel.π Read
via "National Vulnerability Database".
βΌ CVE-2022-34836 βΌ
π Read
via "National Vulnerability Database".
Relative Path Traversal vulnerability in ABB Zenon 8.20 allows the user to access files on the Zenon system and user also can add own log messages and e.g., flood the log entries. An attacker who successfully exploit the vulnerability could access the Zenon runtime activities such as the start and stop of various activity and the last error code etc.π Read
via "National Vulnerability Database".
βΌ CVE-2022-34838 βΌ
π Read
via "National Vulnerability Database".
Storing Passwords in a Recoverable Format vulnerability in ABB Zenon 8.20 allows an attacker who successfully exploit the vulnerability may add or alter data points and corresponding attributes. Once such engineering data is used the data visualization will be altered for the end user.π Read
via "National Vulnerability Database".
βΌ CVE-2022-2978 βΌ
π Read
via "National Vulnerability Database".
A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function security_inode_alloc to fail with following call to function nilfs_mdt_destroy. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.π Read
via "National Vulnerability Database".
βΌ CVE-2021-4178 βΌ
π Read
via "National Vulnerability Database".
A arbitrary code execution flaw was found in the Fabric 8 Kubernetes client affecting versions 5.0.0-beta-1 and above. Due to an improperly configured YAML parsing, this will allow a local and privileged attacker to supply malicious YAML.π Read
via "National Vulnerability Database".
βΌ CVE-2021-4037 βΌ
π Read
via "National Vulnerability Database".
A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a directory is SGID and belongs to a certain group and is writable by a user who is not a member of this group. This can lead to excessive permissions granted in case when they should not. This vulnerability is similar to the previous CVE-2018-13405 and adds the missed fix for the XFS.π Read
via "National Vulnerability Database".
βΌ CVE-2022-2234 βΌ
π Read
via "National Vulnerability Database".
An authenticated mySCADA myPRO 8.26.0 user may be able to modify parameters to run commands directly in the operating system.π Read
via "National Vulnerability Database".
βΌ CVE-2021-4040 βΌ
π Read
via "National Vulnerability Database".
A flaw was found in AMQ Broker. This issue can cause a partial interruption to the availability of AMQ Broker via an Out of memory (OOM) condition. This flaw allows an attacker to partially disrupt availability to the broker through a sustained attack of maliciously crafted messages. The highest threat from this vulnerability is system availability.π Read
via "National Vulnerability Database".
βΌ CVE-2021-4218 βΌ
π Read
via "National Vulnerability Database".
A flaw was found in the Linux kernelΓ’β¬β’s implementation of reading the SVC RDMA counters. Reading the counter sysctl panics the system. This flaw allows a local attacker with local access to cause a denial of service while the system reboots. The issue is specific to CentOS/RHEL.π Read
via "National Vulnerability Database".
βΌ CVE-2021-4213 βΌ
π Read
via "National Vulnerability Database".
A flaw was found in JSS, where it did not properly free up all memory. Over time, the wasted memory builds up in the server memory, saturating the serverΓ’β¬β’s RAM. This flaw allows an attacker to force the invocation of an out-of-memory process, causing a denial of service.π Read
via "National Vulnerability Database".
βΌ CVE-2021-4217 βΌ
π Read
via "National Vulnerability Database".
A flaw was found in unzip. The vulnerability occurs due to improper handling of Unicode strings, which can lead to a null pointer dereference. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution.π Read
via "National Vulnerability Database".
βΌ CVE-2021-4028 βΌ
π Read
via "National Vulnerability Database".
A flaw in the Linux kernel's implementation of RDMA communications manager listener code allowed an attacker with local access to setup a socket to listen on a high port allowing for a list element to be used after free. Given the ability to execute code, a local attacker could leverage this use-after-free to crash the system or possibly escalate privileges on the system.π Read
via "National Vulnerability Database".
π΄ Ransomware Gang Demands $10M in Attack on French Hospital π΄
π Read
via "Dark Reading".
Center Hospitalier Sud Francilien (CHSF), a hospital outside of Paris, has redirected incoming patients to other medical facilities in the wake of a ransomware attack that began on Aug. 21.π Read
via "Dark Reading".
Dark Reading
Ransomware Gang Demands $10M in Attack on French Hospital
Center Hospitalier Sud Francilien (CHSF), a hospital outside of Paris, has redirected incoming patients to other medical facilities in the wake of a ransomware attack that began on Aug. 21.
π΄ Efficient 'MagicWeb' Malware Subverts AD FS Authentication, Microsoft Warns π΄
π Read
via "Dark Reading".
The Russia-backed Nobelium APT has pioneered a post-exploitation tool allowing attackers to authenticate as any user.π Read
via "Dark Reading".
Dark Reading
Efficient 'MagicWeb' Malware Subverts AD FS Authentication, Microsoft Warns
The Russia-backed Nobelium APT has pioneered a post-exploitation tool allowing attackers to authenticate as any user.
π΄ CISA: Just-Disclosed Palo Alto Networks Firewall Bug Under Active Exploit π΄
π Read
via "Dark Reading".
The bug tracked as CVE-2022-0028 allows attackers to hijack firewalls without authentication, in order to mount DDoS hits on their targets of choice.π Read
via "Dark Reading".
Dark Reading
CISA: Just-Disclosed Palo Alto Networks Firewall Bug Under Active Exploit
The bug tracked as CVE-2022-0028 allows attackers to hijack firewalls without authentication, in order to mount DDoS hits on their targets of choice.
βΌ CVE-2022-32837 βΌ
π Read
via "National Vulnerability Database".
This issue was addressed with improved checks. This issue is fixed in macOS Monterey 12.5, tvOS 15.6, iOS 15.6 and iPadOS 15.6. An app may be able to cause unexpected system termination or write kernel memory.π Read
via "National Vulnerability Database".
βΌ CVE-2022-32893 βΌ
π Read
via "National Vulnerability Database".
An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.6.1 and iPadOS 15.6.1, macOS Monterey 12.5.1, Safari 15.6.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.π Read
via "National Vulnerability Database".