‼ CVE-2022-30318 ‼
📖 Read
via "National Vulnerability Database".
Honeywell ControlEdge through R151.1 uses Hard-coded Credentials. According to FSCT-2022-0056, there is a Honeywell ControlEdge hardcoded credentials issue. The affected components are characterized as: SSH. The potential impact is: Remote code execution, manipulate configuration, denial of service. The Honeywell ControlEdge PLC and RTU product line exposes an SSH service on port 22/TCP. Login as root to this service is permitted and credentials for the root user are hardcoded without automatically changing them upon first commissioning. The credentials for the SSH service are hardcoded in the firmware. The credentials grant an attacker access to a root shell on the PLC/RTU, allowing for remote code execution, configuration manipulation and denial of service.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-38152 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in wolfSSL before 5.5.0. When a TLS 1.3 client connects to a wolfSSL server and SSL_clear is called on its session, the server crashes with a segmentation fault. This occurs in the second session, which is created through TLS session resumption and reuses the initial struct WOLFSSL. If the server reuses the previous session structure (struct WOLFSSL) by calling wolfSSL_clear(WOLFSSL* ssl) on it, the next received Client Hello (that resumes the previous session) crashes the server. Note that this bug is only triggered when resuming sessions using TLS session resumption. Only servers that use wolfSSL_clear instead of the recommended SSL_free; SSL_new sequence are affected. Furthermore, wolfSSL_clear is part of wolfSSL's compatibility layer and is not enabled by default. It is not part of wolfSSL's native API.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-3028 ‼
📖 Read
via "National Vulnerability Database".
A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-30317 ‼
📖 Read
via "National Vulnerability Database".
Honeywell Experion LX through 2022-05-06 has Missing Authentication for a Critical Function. According to FSCT-2022-0055, there is a Honeywell Experion LX Control Data Access (CDA) EpicMo protocol with unauthenticated functionality issue. The affected components are characterized as: Honeywell Control Data Access (CDA) EpicMo (55565/TCP). The potential impact is: Firmware manipulation, Denial of service. The Honeywell Experion LX Distributed Control System (DCS) utilizes the Control Data Access (CDA) EpicMo protocol (55565/TCP) for device diagnostics and maintenance purposes. This protocol does not have any authentication features, allowing any attacker capable of communicating with the ports in question to invoke (a subset of) desired functionality. There is no authentication functionality on the protocol in question. An attacker capable of invoking the protocols' functionalities could issue firmware download commands potentially allowing for firmware manipulation and reboot devices causing denial of service.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-28625 ‼
📖 Read
via "National Vulnerability Database".
A local disclosure of sensitive information vulnerability was discovered in HPE OneView version(s): Prior to 7.0 or 6.60.01. A low privileged user could locally exploit this vulnerability to disclose sensitive information resulting in a complete loss of confidentiality, integrity, and availability. To exploit this vulnerability, HPE OneView must be configured with credential access to external repositories. HPE has provided a software update to resolve this vulnerability in HPE OneView.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-2866 ‼
📖 Read
via "National Vulnerability Database".
FATEK FvDesigner version 1.5.103 and prior is vulnerable to an out-of-bounds write while processing project files. If a valid user is tricked into using maliciously crafted project files, an attacker could achieve arbitrary code execution.📖 Read
via "National Vulnerability Database".
âš URGENT! Apple quietly slips out zero-day update for older iPhones âš
📖 Read
via "Naked Security".
Patch as soon as you can - that recent WebKit zero-day affecting new iPhones is apparently being used against older models, too.📖 Read
via "Naked Security".
Sophos News
Naked Security – Sophos News
🕴 Google Fixes 24 Vulnerabilities with New Chrome Update 🕴
📖 Read
via "Dark Reading".
But one issue that lets websites overwrite content on a user's system clipboard appears unfixed in the new Version 105 of Chrome.📖 Read
via "Dark Reading".
Dark Reading
Google Fixes 24 Vulnerabilities With New Chrome Update
But one issue that lets websites overwrite content on a user's system clipboard appears unfixed in the new Version 105 of Chrome.
‼ CVE-2022-38812 ‼
📖 Read
via "National Vulnerability Database".
AeroCMS 0.1.1 is vulnerable to SQL Injection via the author parameter.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-37183 ‼
📖 Read
via "National Vulnerability Database".
Piwigo 12.3.0 is vulnerable to Cross Site Scripting (XSS) via /search/1940/created-monthly-list.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-36046 ‼
📖 Read
via "National Vulnerability Database".
Next.js is a React framework that can provide building blocks to create web applications. All of the following must be true to be affected by this CVE: Next.js version 12.2.3, Node.js version above v15.0.0 being used with strict `unhandledRejection` exiting AND using next start or a [custom server](https://nextjs.org/docs/advanced-features/custom-server). Deployments on Vercel ([vercel.com](https://vercel.com/)) are not affected along with similar environments where `next-server` isn't being shared across requests.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-36566 ‼
📖 Read
via "National Vulnerability Database".
Rengine v1.3.0 was discovered to contain a command injection vulnerability via the scan engine function.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-37184 ‼
📖 Read
via "National Vulnerability Database".
The application manage_website.php on Garage Management System 1.0 is vulnerable to Shell File Upload. The already authenticated malicious user, can upload a dangerous RCE or LCE exploit file.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-37128 ‼
📖 Read
via "National Vulnerability Database".
In D-Link DIR-816 A2_v1.10CNB04.img the network can be initialized without authentication via /goform/wizard_end.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-38153 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in wolfSSL before 5.5.0 (when --enable-session-ticket is used); however, only version 5.3.0 is exploitable. Man-in-the-middle attackers or a malicious server can crash TLS 1.2 clients during a handshake. If an attacker injects a large ticket (more than 256 bytes) into a NewSessionTicket message in a TLS 1.2 handshake, and the client has a non-empty session cache, the session cache frees a pointer that points to unallocated memory, causing the client to crash with a "free(): invalid pointer" message. NOTE: It is likely that this is also exploitable during TLS 1.3 handshakes between a client and a malicious server. With TLS 1.3, it is not possible to exploit this as a man-in-the-middle.📖 Read
via "National Vulnerability Database".
📢 Gov to force through tough telecoms regulations to boost network security 📢
📖 Read
via "ITPro".
Regulator Ofcom will have powers to monitor, investigate and fine providers that fail to meet the new requirements📖 Read
via "ITPro".
IT PRO
Gov to force through tough telecoms regulations to boost network security | IT PRO
Regulator Ofcom will have powers to monitor, investigate and fine providers that fail to meet the new requirements
📢 Cuba ransomware group claims attack on Montenegro government 📢
📖 Read
via "ITPro".
The double extortion specialists claim to have stolen the data days before Montenegro announced a sustained and co-ordinated series of cyber attacks targeting it from Russia📖 Read
via "ITPro".
IT PRO
Cuba ransomware group claims attack on Montenegro government | IT PRO
The double extortion specialists claim to have stolen the data days before Montenegro announced a sustained and co-ordinated series of cyber attacks targeting it from Russia
📢 MI5 reveals it has been working with an AI non-profit on national security since 2017 📢
📖 Read
via "ITPro".
The security service has been working with The Alan Turing Institute and has decided to unveil the partnership today to allow the pair to work more closely together📖 Read
via "ITPro".
IT PRO
MI5 reveals it has been working with an AI non-profit on national security since 2017 | IT PRO
The security service has been working with The Alan Turing Institute and has decided to unveil the partnership today to allow the pair to work more closely together
‼ CVE-2022-37123 ‼
📖 Read
via "National Vulnerability Database".
D-link DIR-816 A2_v1.10CNB04.img is vulnerable to Command injection via /goform/form2userconfig.cgi.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-37125 ‼
📖 Read
via "National Vulnerability Database".
D-link DIR-816 A2_v1.10CNB04.img is vulnerable to Command injection via /goform/NTPSyncWithHost.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-36051 ‼
📖 Read
via "National Vulnerability Database".
ZITADEL combines the ease of Auth0 and the versatility of Keycloak.**Actions**, introduced in ZITADEL **1.42.0** on the API and **1.56.0** for Console, is a feature, where users with role.`ORG_OWNER` are able to create Javascript Code, which is invoked by the system at certain points during the login. **Actions**, for example, allow creating authorizations (user grants) on newly created users programmatically. Due to a missing authorization check, **Actions** were able to grant authorizations for projects that belong to other organizations inside the same Instance. Granting authorizations via API and Console is not affected by this vulnerability. There is currently no known workaround, users should update.📖 Read
via "National Vulnerability Database".