‼ CVE-2022-40673 ‼
📖 Read
via "National Vulnerability Database".
KDiskMark before 3.1.0 lacks authorization checking for D-Bus methods such as Helper::flushPageCache.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-34831 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Keyfactor PrimeKey EJBCA before 7.9.0, related to possible inconsistencies in DNS identifiers submitted in an ACME order and the corresponding CSR submitted during finalization. During the ACME enrollment process, an order is submitted containing an identifier for one or multiple dnsNames. These are validated properly in the ACME challenge. However, if the validation passes, a non-compliant client can include additional dnsNames the CSR sent to the finalize endpoint, resulting in EJBCA issuing a certificate including the identifiers that were not validated. This occurs even if the certificate profile is configured to not allow a DN override by the CSR.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-37137 ‼
📖 Read
via "National Vulnerability Database".
PayMoney 3.3 is vulnerable to Stored Cross-Site Scripting (XSS) during replying the ticket. The XSS can be obtain from injecting under "Message" field with "description" parameter with the specially crafted payload to gain Stored XSS. The XSS then will prompt after that or can be access from the view ticket function.📖 Read
via "National Vulnerability Database".
🕴 TeamTNT Hits 150K Docker Containers via Malicious Cloud Images 🕴
📖 Read
via "Dark Reading".
Honeypot activity exposed two credentials that the threat actor is using to host and distribute malicious container images, security vendor says.📖 Read
via "Dark Reading".
Dark Reading
TeamTNT Hits Docker Containers via 150K Malicious Cloud Image Pulls
Honeypot activity exposed two credentials that the threat actor is using to host and distribute malicious container images, security vendor says.
🕴 Cyberattacks Are Now Increasingly Hands-On, Break Out More Quickly 🕴
📖 Read
via "Dark Reading".
Interactive intrusion campaigns jumped nearly 50%, while the breakout time between initial access and lateral movement shrank to less than 90 minutes, putting pressure on defenders to react quickly.📖 Read
via "Dark Reading".
Dark Reading
Cyberattacks Are Now Increasingly Hands-On, Break Out More Quickly
Interactive intrusion campaigns jumped nearly 50%, while the breakout time between initial access and lateral movement shrank to less than 90 minutes, putting pressure on defenders to react quickly.
🕴 To Ease the Cybersecurity Worker Shortage, Broaden the Candidate Pipeline 🕴
📖 Read
via "Dark Reading".
With enough passion, intelligence, and effort, anyone can be a successful cybersecurity professional, regardless of education or background.📖 Read
via "Dark Reading".
Dark Reading
To Ease the Cybersecurity Worker Shortage, Broaden the Candidate Pipeline
With enough passion, intelligence, and effort, anyone can be a successful cybersecurity professional, regardless of education or background.
‼ CVE-2022-37661 ‼
📖 Read
via "National Vulnerability Database".
SmartRG SR506n 2.5.15 and SR510n 2.6.13 routers are vulnerable to Remote Code Execution (RCE) via the ping host feature.📖 Read
via "National Vulnerability Database".
🛠 Faraday 4.1.0 🛠
📖 Read
via "Packet Storm Security".
Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.📖 Read
via "Packet Storm Security".
Packetstormsecurity
Faraday 4.1.0 ≈ Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
👍2
‼ CVE-2022-3202 ‼
📖 Read
via "National Vulnerability Database".
A NULL pointer dereference flaw in diFree in fs/jfs/inode.c in Journaled File System (JFS)in the Linux kernel. This could allow a local attacker to crash the system or leak kernel internal information.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-22520 ‼
📖 Read
via "National Vulnerability Database".
A remote, unauthenticated attacker can enumerate valid users by sending specific requests to the webservice of MB connect line mymbCONNECT24, mbCONNECT24 and Helmholz myREX24 and myREX24.virtual in all versions through v2.11.2.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-38796 ‼
📖 Read
via "National Vulnerability Database".
A Host Header Injection vulnerability in Feehi CMS 2.1.1 may allow an attacker to spoof a particular header. This can be exploited by abusing password reset emails.📖 Read
via "National Vulnerability Database".
🕴 SparklingGoblin Updates Linux Version of SideWalk Backdoor in Ongoing Cyber Campaign 🕴
📖 Read
via "Dark Reading".
Researchers link the APT to an attack on a Hong Kong university, which compromised multiple key servers using advanced Linux malware.📖 Read
via "Dark Reading".
Dark Reading
SparklingGoblin Updates Linux Version of SideWalk Backdoor in Ongoing Cyber Campaign
Researchers link the APT to an attack on a Hong Kong university, which compromised multiple key servers using advanced Linux malware.
🕴 Should Hacking Have A Code Of Conduct? 🕴
📖 Read
via "Dark Reading".
For white hats who play by the rules, here are five ethical tenets to consider.📖 Read
via "Dark Reading".
Dark Reading
Attacks/Breaches recent news | page 1 of 869 | Dark Reading
Breaking news, news analysis, and expert commentary on cyberattacks and data breaches, as well as tools, technologies, and practices for threat defense
‼ CVE-2022-20364 ‼
📖 Read
via "National Vulnerability Database".
In sysmmu_unmap of TBD, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-233606615References: N/A📖 Read
via "National Vulnerability Database".
‼ CVE-2022-3212 ‼
📖 Read
via "National Vulnerability Database".
<bytes::Bytes as axum_core::extract::FromRequest>::from_request would not, by default, set a limit for the size of the request body. That meant if a malicious peer would send a very large (or infinite) body your server might run out of memory and crash. This also applies to these extractors which used Bytes::from_request internally: axum::extract::Form axum::extract::Json String📖 Read
via "National Vulnerability Database".
‼ CVE-2022-0029 ‼
📖 Read
via "National Vulnerability Database".
An improper link resolution vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local attacker to read files on the system with elevated privileges when generating a tech support file.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-20231 ‼
📖 Read
via "National Vulnerability Database".
In smc_intc_request_fiq of arm_gic.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-211485702References: N/A📖 Read
via "National Vulnerability Database".
‼ CVE-2021-38924 ‼
📖 Read
via "National Vulnerability Database".
IBM Maximo Asset Management 7.6.1.1 and 7.6.1.2 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 210163.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-31143 ‼
📖 Read
via "National Vulnerability Database".
GLPI stands for Gestionnaire Libre de Parc Informatique and is a Free Asset and IT Management Software package, that provides ITIL Service Desk features, licenses tracking and software auditing. It was found that in affected versions there is an exposure of private information defined in setup of GLPI (like smtp or cas hosts). Note that passwords are not exposed. Users are advised to upgrade to version 10.0.3. There are no known workarounds for this issue.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-36113 ‼
📖 Read
via "National Vulnerability Database".
Cargo is a package manager for the rust programming language. After a package is downloaded, Cargo extracts its source code in the ~/.cargo folder on disk, making it available to the Rust projects it builds. To record when an extraction is successful, Cargo writes "ok" to the .cargo-ok file at the root of the extracted source code once it extracted all the files. It was discovered that Cargo allowed packages to contain a .cargo-ok symbolic link, which Cargo would extract. Then, when Cargo attempted to write "ok" into .cargo-ok, it would actually replace the first two bytes of the file the symlink pointed to with ok. This would allow an attacker to corrupt one file on the machine using Cargo to extract the package. Note that by design Cargo allows code execution at build time, due to build scripts and procedural macros. The vulnerabilities in this advisory allow performing a subset of the possible damage in a harder to track down way. Your dependencies must still be trusted if you want to be protected from attacks, as it's possible to perform the same attacks with build scripts and procedural macros. The vulnerability is present in all versions of Cargo. Rust 1.64, to be released on September 22nd, will include a fix for it. Since the vulnerability is just a more limited way to accomplish what a malicious build scripts or procedural macros can do, we decided not to publish Rust point releases backporting the security fix. Patch files are available for Rust 1.63.0 are available in the wg-security-response repository for people building their own toolchain. Mitigations We recommend users of alternate registries to exercise care in which package they download, by only including trusted dependencies in their projects. Please note that even with these vulnerabilities fixed, by design Cargo allows arbitrary code execution at build time thanks to build scripts and procedural macros: a malicious dependency will be able to cause damage regardless of these vulnerabilities. crates.io implemented server-side checks to reject these kinds of packages years ago, and there are no packages on crates.io exploiting these vulnerabilities. crates.io users still need to exercise care in choosing their dependencies though, as remote code execution is allowed by design there as well.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-1972 ‼
📖 Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2022-2078. Reason: This candidate is a reservation duplicate of CVE-2022-2078. Notes: All CVE users should reference CVE-2022-2078 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.📖 Read
via "National Vulnerability Database".