ποΈ VMWare patches RCE exploit in NSX Manager ποΈ
π Read
via "The Daily Swig".
Bug fixed despite product reaching end of lifeπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
VMWare patches RCE exploit in NSX Manager
End-of-life product is βback from the deadβ as vendor makes exception for critical bug
β Updates to Appleβs zero-day update story β iPhone and iPad users read this! β
π Read
via "Naked Security".
Turns out that Tuesday's zero-day for iOS 16 is Friday's zero-day for iOS 15...π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
βΌ CVE-2022-3322 βΌ
π Read
via "National Vulnerability Database".
Lock Warp switch is a feature of Zero Trust platform which, when enabled, prevents users of enrolled devices from disabling WARP client. Due to insufficient policy verification by WARP iOS client, this feature could be bypassed by using the "Disable WARP" quick action.π Read
via "National Vulnerability Database".
βΌ CVE-2022-3320 βΌ
π Read
via "National Vulnerability Database".
It was possible to bypass policies configured for Zero Trust Secure Web Gateway by using warp-cli 'set-custom-endpoint' subcommand. Using this command with an unreachable endpoint caused the WARP Client to disconnect and allowed bypassing administrative restrictions on a Zero Trust enrolled endpoint.π Read
via "National Vulnerability Database".
βΌ CVE-2022-3321 βΌ
π Read
via "National Vulnerability Database".
It was possible to bypass Lock WARP switch feature https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/warp-settings/#lock-warp-switch on the WARP iOS mobile client by enabling both "Disable for cellular networks" and "Disable for Wi-Fi networks" switches at once in the application settings. Such configuration caused the WARP client to disconnect and allowed the user to bypass restrictions and policies enforced by the Zero Trust platform.π Read
via "National Vulnerability Database".
βΌ CVE-2022-3512 βΌ
π Read
via "National Vulnerability Database".
Using warp-cli command "add-trusted-ssid", a user was able to disconnect WARP client and bypass the "Lock WARP switch" feature resulting in Zero Trust policies not being enforced on an affected endpoint.π Read
via "National Vulnerability Database".
βΌ CVE-2022-3337 βΌ
π Read
via "National Vulnerability Database".
It was possible for a user to delete a VPN profile from WARP mobile client on iOS platform despite the Lock WARP switch https://developers.cloudflare.com/cloudflare-one/connections/connect-devices/warp/warp-settings/#lock-warp-switch feature being enabled on Zero Trust Platform. This led to bypassing policies and restrictions enforced for enrolled devices by the Zero Trust platform.π Read
via "National Vulnerability Database".
π Zed Attack Proxy 2.12.0 Cross Platform Package π
π Read
via "Packet Storm Security".
The Zed Attack Proxy (ZAP) is an easy to use integrated penetration testing tool for finding vulnerabilities in web applications. It is designed to be used by people with a wide range of security experience and as such is ideal for developers and functional testers who are new to penetration testing. ZAP provides automated scanners as well as a set of tools that allow you to find security vulnerabilities manually. This is the cross platform package.π Read
via "Packet Storm Security".
Packetstormsecurity
Zed Attack Proxy 2.12.0 Cross Platform Package β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
βΌ CVE-2022-3741 βΌ
π Read
via "National Vulnerability Database".
Impact varies for each individual vulnerability in the application. For generation of accounts, it may be possible, depending on the amount of system resources available, to create a DoS event in the server. These accounts still need to be activated; however, it is possible to identify the output Status Code to separate accounts that are generated and waiting for email verification. \n\nFor the sign in directories, it is possible to brute force login attempts to either login portal, which could lead to account compromise.π Read
via "National Vulnerability Database".
ποΈ Upcoming βcriticalβ OpenSSL update prompts feverish speculation ποΈ
π Read
via "The Daily Swig".
Is the new Heartbleed or just a bleeding distraction?π Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Upcoming βcriticalβ OpenSSL update prompts feverish speculation
Is it the new Heartbleed or just a bleeding distraction?
π1
βΌ CVE-2021-38737 βΌ
π Read
via "National Vulnerability Database".
SEMCMS v 1.1 is vulnerable to SQL Injection via Ant_Pro.php.π Read
via "National Vulnerability Database".
βΌ CVE-2022-3018 βΌ
π Read
via "National Vulnerability Database".
An information disclosure vulnerability in GitLab CE/EE affecting all versions starting from 9.3 before 15.2.5, all versions starting from 15.3 before 15.3.4, all versions starting from 15.4 before 15.4.1 allows a project maintainer to access the DataDog integration API key from webhook logs.π Read
via "National Vulnerability Database".
βΌ CVE-2021-35388 βΌ
π Read
via "National Vulnerability Database".
Hospital Management System v 4.0 is vulnerable to Cross Site Scripting (XSS) via /hospital/hms/admin/patient-search.php.π Read
via "National Vulnerability Database".
βΌ CVE-2021-37781 βΌ
π Read
via "National Vulnerability Database".
Employee Record Management System v 1.2 is vulnerable to Cross Site Scripting (XSS) via editempprofile.php.π Read
via "National Vulnerability Database".
βΌ CVE-2022-43276 βΌ
π Read
via "National Vulnerability Database".
Canteen Management System v1.0 was discovered to contain a SQL injection vulnerability via the productId parameter at /php_action/fetchSelectedfood.php.π Read
via "National Vulnerability Database".
βΌ CVE-2021-37782 βΌ
π Read
via "National Vulnerability Database".
Employee Record Management System v 1.2 is vulnerable to SQL Injection via editempprofile.php.π Read
via "National Vulnerability Database".
βΌ CVE-2022-2882 βΌ
π Read
via "National Vulnerability Database".
An issue has been discovered in GitLab CE/EE affecting all versions starting from 12.6 before 15.2.5, all versions starting from 15.3 before 15.3.4, all versions starting from 15.4 before 15.4.1. A malicious maintainer could exfiltrate a GitHub integration's access token by modifying the integration URL such that authenticated requests are sent to an attacker controlled server.π Read
via "National Vulnerability Database".
βΌ CVE-2021-38736 βΌ
π Read
via "National Vulnerability Database".
SEMCMS Shop V 1.1 is vulnerable to SQL Injection via Ant_Global.php.π Read
via "National Vulnerability Database".
βΌ CVE-2021-35387 βΌ
π Read
via "National Vulnerability Database".
Hospital Management System v 4.0 is vulnerable to SQL Injection via file:hospital/hms/admin/view-patient.php.π Read
via "National Vulnerability Database".
βΌ CVE-2021-38734 βΌ
π Read
via "National Vulnerability Database".
SEMCMS SHOP v 1.1 is vulnerable to SQL Injection via Ant_Menu.php.π Read
via "National Vulnerability Database".
βΌ CVE-2022-43275 βΌ
π Read
via "National Vulnerability Database".
Canteen Management System v1.0 was discovered to contain an arbitrary file upload vulnerability via /youthappam/php_action/editProductImage.php. This vulnerability allows attackers to execute arbitrary code via a crafted PHP file.π Read
via "National Vulnerability Database".