‼ CVE-2022-23501 ‼
📖 Read
via "National Vulnerability Database".
TYPO3 is an open source PHP based web content management system. In versions prior to 8.7.49, 9.5.38, 10.4.33, 11.5.20, and 12.1.1 TYPO3 is vulnerable to Improper Authentication. Restricting frontend login to specific users, organized in different storage folders (partitions), can be bypassed. A potential attacker might use this ambiguity in usernames to get access to a different account - however, credentials must be known to the adversary. This issue is patched in versions 8.7.49 ELTS, 9.5.38 ELTS, 10.4.33, 11.5.20, 12.1.1.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-23504 ‼
📖 Read
via "National Vulnerability Database".
TYPO3 is an open source PHP based web content management system. Versions prior to 9.5.38, 10.4.33, 11.5.20, and 12.1.1 are subject to Sensitive Information Disclosure. Due to the lack of handling user-submitted YAML placeholder expressions in the site configuration backend module, attackers could expose sensitive internal information, such as system configuration or HTTP request messages of other website visitors. A valid backend user account having administrator privileges is needed to exploit this vulnerability. This issue has been patched in versions 9.5.38 ELTS, 10.4.33, 11.5.20, 12.1.1.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-23503 ‼
📖 Read
via "National Vulnerability Database".
TYPO3 is an open source PHP based web content management system. Versions prior to 8.7.49, 9.5.38, 10.4.33, 11.5.20, and 12.1.1 are vulnerable to Code Injection. Due to the lack of separating user-submitted data from the internal configuration in the Form Designer backend module, it is possible to inject code instructions to be processed and executed via TypoScript as PHP code. The existence of individual TypoScript instructions for a particular form item and a valid backend user account with access to the form module are needed to exploit this vulnerability. This issue is patched in versions 8.7.49 ELTS, 9.5.38 ELTS, 10.4.33, 11.5.20, 12.1.1.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-4437 ‼
📖 Read
via "National Vulnerability Database".
Use after free in Mojo IPC in Google Chrome prior to 108.0.5359.124 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. (Chromium security severity: High)📖 Read
via "National Vulnerability Database".
🗓️ Akamai WAF bypassed via Spring Boot to trigger RCE 🗓️
📖 Read
via "The Daily Swig".
Akamai issued an update to resolve the flaw several months ago📖 Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Akamai WAF bypassed via Spring Boot to trigger RCE
Akamai issued an update to resolve the flaw several months ago
👍1
‼ CVE-2022-4493 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability classified as critical was found in scifio. Affected by this vulnerability is the function downloadAndUnpackResource of the file src/test/java/io/scif/util/DefaultSampleFilesService.java of the component ZIP File Handler. The manipulation leads to path traversal. The attack can be launched remotely. The name of the patch is fcb0dbca0ec72b22fe0c9ddc8abc9cb188a0ff31. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-215803.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-4494 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability, which was classified as critical, has been found in bspkrs MCPMappingViewer. Affected by this issue is the function extractZip of the file src/main/java/bspkrs/mmv/RemoteZipHandler.java of the component ZIP File Handler. The manipulation leads to path traversal. The attack may be launched remotely. The name of the patch is 6e602746c96b4756c271d080dae7d22ad804a1bd. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-215804.📖 Read
via "National Vulnerability Database".
🕴 Cybersecurity Drives Improvements in Business Goals 🕴
📖 Read
via "Dark Reading".
Deloitte's Future of Cyber study highlights the fact that cybersecurity is an essential part of business success and should not be limited to just mitigating IT risks.📖 Read
via "Dark Reading".
🕴 Analysis Shows Attackers Favor PowerShell, File Obfuscation 🕴
📖 Read
via "Dark Reading".
Aiming to give threat hunters a list of popular attack tactics, a cybersecurity team analyzed collections of real-world threat data to find attackers' most popular techniques.📖 Read
via "Dark Reading".
Dark Reading
Analysis Shows Attackers Favor PowerShell, File Obfuscation
Aiming to give threat hunters a list of popular attack tactics, a cybersecurity team analyzed collections of real-world threat data to find attackers' most popular techniques.
👍1
‼ CVE-2022-23514 ‼
📖 Read
via "National Vulnerability Database".
Loofah is a general library for manipulating and transforming HTML/XML documents and fragments, built on top of Nokogiri. Loofah < 2.19.1 contains an inefficient regular expression that is susceptible to excessive backtracking when attempting to sanitize certain SVG attributes. This may lead to a denial of service through CPU resource consumption. This issue is patched in version 2.19.1.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-23512 ‼
📖 Read
via "National Vulnerability Database".
MeterSphere is a one-stop open source continuous testing platform. Versions prior to 2.4.1 are vulnerable to Path Injection in ApiTestCaseService::deleteBodyFiles which takes a user-controlled string id and passes it to ApiTestCaseService, which uses the user-provided value (testId) in new File(BODY_FILE_DIR + "/" + testId), being deleted later by file.delete(). By adding some camouflage parameters to the url, an attacker can target files on the server. The vulnerability has been fixed in v2.4.1.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-23515 ‼
📖 Read
via "National Vulnerability Database".
Loofah is a general library for manipulating and transforming HTML/XML documents and fragments, built on top of Nokogiri. Loofah >= 2.1.0, < 2.19.1 is vulnerable to cross-site scripting via the image/svg+xml media type in data URIs. This issue is patched in version 2.19.1.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-23516 ‼
📖 Read
via "National Vulnerability Database".
Loofah is a general library for manipulating and transforming HTML/XML documents and fragments, built on top of Nokogiri. Loofah >= 2.2.0, < 2.19.1 uses recursion for sanitizing CDATA sections, making it susceptible to stack exhaustion and raising a SystemStackError exception. This may lead to a denial of service through CPU resource consumption. This issue is patched in version 2.19.1. Users who are unable to upgrade may be able to mitigate this vulnerability by limiting the length of the strings that are sanitized.📖 Read
via "National Vulnerability Database".
🕴 How Our Behavioral Bad Habits Are a Community Trait and Security Problem 🕴
📖 Read
via "Dark Reading".
Learn to think three moves ahead of hackers so you're playing chess, not checkers. Instead of reacting to opponents' moves, be strategic, and disrupt expected patterns of vulnerability.📖 Read
via "Dark Reading".
Dark Reading
How Our Behavioral Bad Habits Are a Community Trait and Security Problem
Learn to think three moves ahead of hackers so you're playing chess, not checkers. Instead of reacting to opponents' moves, be strategic, and disrupt expected patterns of vulnerability.
🕴 Royal Ransomware Puts Novel Spin on Encryption Tactics 🕴
📖 Read
via "Dark Reading".
An emerging cybercriminal group linked with Conti has expanded its partial encryption strategy and demonstrates other evasive maneuvers, as it takes aim at healthcare and other sectors.📖 Read
via "Dark Reading".
Dark Reading
Royal Ransomware Puts Novel Spin on Encryption Tactics
An emerging cybercriminal group linked with Conti has expanded its partial encryption strategy and demonstrates other evasive maneuvers, as it takes aim at healthcare and other sectors.
🛠 Global Socket 1.4.39 🛠
📖 Read
via "Packet Storm Security".
Global Socket is a tool for moving data from here to there, securely, fast, and through NAT and firewalls. It uses the Global Socket Relay Network to connect TCP pipes, has end-to-end encryption (using OpenSSL's SRP / RFC-5054), AES-256 and key exchange using 4096-bit Prime, requires no PKI, has Perfect Forward Secrecy, and TOR support.📖 Read
via "Packet Storm Security".
Packetstormsecurity
Global Socket 1.4.39 ≈ Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
🕴 Automated Cybercampaign Creates Masses of Bogus Software Building Blocks 🕴
📖 Read
via "Dark Reading".
The proliferation of automated cyberattacks against npm, NuGet, and PyPI underscores the growing sophistication of threat actors and the threats to open source software supply chains.📖 Read
via "Dark Reading".
Dark Reading
Automated Cyber Campaign Creates Masses of Bogus Software Building Blocks
The proliferation of automated cyberattacks against npm, NuGet, and PyPI underscores the growing sophistication of threat actors and the threats to open source software supply chains.
🕴 Proofpoint Nabs Illusive, Signaling a Sunset for Deception Tech 🕴
📖 Read
via "Dark Reading".
Former pure-play deception startup Illusive attracts Proofpoint with its repositioned platform focusing on identity threat detection and response (ITDR).📖 Read
via "Dark Reading".
Dark Reading
Proofpoint Nabs Illusive, Signaling a Sunset for Deception Tech
Former pure-play deception startup Illusive attracts Proofpoint with its repositioned platform focusing on identity threat detection and response (ITDR).
‼ CVE-2022-31358 ‼
📖 Read
via "National Vulnerability Database".
A reflected cross-site scripting (XSS) vulnerability in Proxmox Virtual Environment prior to v7.2-3 allows remote attackers to execute arbitrary web scripts or HTML via non-existent endpoints under path /api2/html/.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-4495 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability, which was classified as problematic, has been found in collective.dms.basecontent 1.7. This issue affects the function renderCell of the file src/collective/dms/basecontent/browser/column.py. The manipulation leads to cross site scripting. The attack may be initiated remotely. Upgrading to version 1.10 is able to address this issue. The name of the patch is 6c4d616fcc771822a14ebae5e23f3f6d96d134bd. It is recommended to upgrade the affected component. The identifier VDB-215813 was assigned to this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-44832 ‼
📖 Read
via "National Vulnerability Database".
D-Link DIR-3040 device with firmware 120B03 was discovered to contain a command injection vulnerability via the SetTriggerLEDBlink function.📖 Read
via "National Vulnerability Database".