‼ CVE-2022-27537 ‼
📖 Read
via "National Vulnerability Database".
Potential vulnerabilities have been identified in the system BIOS of certain HP PC products, which might allow arbitrary code execution, escalation of privilege, denial of service, and information disclosure. HP is releasing BIOS updates to mitigate these potential vulnerabilities.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-34398 ‼
📖 Read
via "National Vulnerability Database".
Dell BIOS contains a Time-of-check Time-of-use vulnerability. A local authenticated malicious user could\u00a0potentially exploit this vulnerability by using a specifically timed DMA transaction during an SMI to gain arbitrary code execution on the system.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-23453 ‼
📖 Read
via "National Vulnerability Database".
Potential security vulnerabilities have been identified in HP Support Assistant. These vulnerabilities include privilege escalation, compromise of integrity, allowed communication with untrusted clients, and unauthorized modification of files.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-45099 ‼
📖 Read
via "National Vulnerability Database".
Dell PowerScale OneFS, versions 8.2.x-9.4.x, contain a weak encoding for a NDMP password. A malicious and privileged local attacker could potentially exploit this vulnerability, leading to a full system compromise📖 Read
via "National Vulnerability Database".
‼ CVE-2020-14395 ‼
📖 Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-3439 ‼
📖 Read
via "National Vulnerability Database".
HP has identified a potential vulnerability in BIOS firmware of some Workstation products. Firmware updates are being released to mitigate these potential vulnerabilities.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-34403 ‼
📖 Read
via "National Vulnerability Database".
Dell BIOS contains a Stack based buffer overflow vulnerability. A local authenticated attacker could potentially exploit this vulnerability by using an SMI to send larger than expected input to a parameter to gain arbitrary code execution in SMRAM.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-45100 ‼
📖 Read
via "National Vulnerability Database".
Dell PowerScale OneFS, versions 8.2.x-9.3.x, contains an Improper Certificate Validation vulnerability. An remote unauthenticated attacker could potentially exploit this vulnerability, leading to a full compromise of the system.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-0608 ‼
📖 Read
via "National Vulnerability Database".
Cross-site Scripting (XSS) - DOM in GitHub repository microweber/microweber prior to 1.3.2.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-24977 ‼
📖 Read
via "National Vulnerability Database".
Out-of-bounds Read vulnerability in Apache Software Foundation Apache InLong.This issue affects Apache InLong: from 1.1.0 through 1.5.0. Users are advised to upgrade to Apache InLong's latest version or cherry-pick https://github.com/apache/inlong/pull/7214 https://github.com/apache/inlong/pull/7214 to solve it.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-3808 ‼
📖 Read
via "National Vulnerability Database".
Potential security vulnerabilities have been identified in the BIOS (UEFI Firmware) for certain HP PC products, which might allow arbitrary code execution. HP is releasing firmware updates to mitigate these potential vulnerabilities.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-46756 ‼
📖 Read
via "National Vulnerability Database".
Dell VxRail, versions prior to 7.0.410, contain a Container Escape Vulnerability. A local high-privileged attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the container's underlying OS. Exploitation may lead to a system take over by an attacker.📖 Read
via "National Vulnerability Database".
❤1
‼ CVE-2021-3809 ‼
📖 Read
via "National Vulnerability Database".
Potential security vulnerabilities have been identified in the BIOS (UEFI Firmware) for certain HP PC products, which might allow arbitrary code execution. HP is releasing firmware updates to mitigate these potential vulnerabilities.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-45098 ‼
📖 Read
via "National Vulnerability Database".
Dell PowerScale OneFS, 9.0.0.x-9.4.0.x, contain a cleartext storage of sensitive information vulnerability in S3 component. An authenticated local attacker could potentially exploit this vulnerability, leading to information disclosure.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-45102 ‼
📖 Read
via "National Vulnerability Database".
Dell EMC Data Protection Central, versions 19.1 through 19.7, contains a Host Header Injection vulnerability. A remote unauthenticated attacker may potentially exploit this vulnerability by injecting arbitrary \u2018Host\u2019 header values to poison a web cache or trigger redirections.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-32482 ‼
📖 Read
via "National Vulnerability Database".
Dell BIOS contains an improper input validation vulnerability. A local authenticated malicious user with admin privileges may potentially exploit this vulnerability in order to modify a UEFI variable.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-46679 ‼
📖 Read
via "National Vulnerability Database".
Dell PowerScale OneFS 8.2.x, 9.0.0.x - 9.4.0.x, contain an insufficient resource pool vulnerability. A remote unauthenticated attacker could potentially exploit this vulnerability, leading to denial of service.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-27538 ‼
📖 Read
via "National Vulnerability Database".
A potential Time-of-Check to Time-of-Use (TOCTOU) vulnerability has been identified in the BIOS for certain HP PC products which may allow arbitrary code execution, denial of service, and information disclosure. HP is releasing BIOS updates to mitigate the potential vulnerability.📖 Read
via "National Vulnerability Database".
📢 US extradites French ShinyHunters hacker, faces 123 years in prison 📢
📖 Read
via "ITPro".
The hacker is believed to be a member of the hacking group known for its spree of data breaches across 2020 and 2021📖 Read
via "ITPro".
ITPro
US extradites French ShinyHunters hacker, faces 123 years in prison
The hacker is believed to be a member of the hacking group known for its spree of data breaches across 2020 and 2021
📢 The IT Pro Podcast: The problem with APIs 📢
📖 Read
via "ITPro".
With API attacks on the rise, knowing your attack surface is crucial📖 Read
via "ITPro".
ITPro
The IT Pro Podcast: The problem with APIs
With API attacks on the rise, knowing your attack surface is crucial
📢 Podcast transcript: The problem with APIs 📢
📖 Read
via "ITPro".
Read the full transcript for this episode of the IT Pro Podcast📖 Read
via "ITPro".
ITPro
Podcast transcript: The problem with APIs
Read the full transcript for this episode of the IT Pro Podcast