VMware Workspace ONE Access Template Injection / Command Execution

Post ContentRead More ...

Continue Reading

30 мая, 2022

VMware Workspace ONE Access CVE-2022-22954

This module exploits CVE-2022-22954, an unauthenticated server-side template injection (SSTI) in VMware Workspace ONE Access, to execute shell commands as the "horizon" user.Read More ...

Continue Reading

30 мая, 2022

Widespread Exploitation of VMware Workspace ONE Access CVE-2022-22954

![Widespread Exploitation of VMware Workspace ONE Access CVE-2022-22954](https://blog.rapid7.com/content/images/2022/04/vmware-one-etr.jpg) On April 6, 2022, VMware published [VMSA-2022-0011](), which ...

Continue Reading

30 мая, 2022

Attacker Breach ‘Dozens’ of GitHub Repos Using Stolen OAuth Tokens

GitHub revealed details tied to last week’s incident where hackers, using stolen OAuth tokens, downloaded data from private repositories. “We do not believe the attacker obtained these tokens via a ...

Continue Reading

30 мая, 2022

RST Threat feed. IOC: oauth-services.live

Found **oauth-services[.]live** in [RST Threat Feed](https://rs...Read More ...

Continue Reading

30 мая, 2022

RST Threat feed. IOC: ssl-oauth.com

Found **ssl-oauth[.]com** in [RST Threat Feed](https://rstcloud...Read More ...

Continue Reading

30 мая, 2022

JVN#15317878: Spring Security OAuth (spring-security-oauth2) vulnerable to denial-of-service (DoS)

Spring Security OAuth (spring-security-oauth2) provided by VMware, Inc. contains a denial-of-service vulnerability due to uncontrolled resource consumption ([CWE-400]()). Note that Spring Security OAu ...

Continue Reading

30 мая, 2022

High-Severity Bug Reported in Google’s OAuth Client Library for Java

[![Google's OAuth Client Library for Java](https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEjALy9QMXTUv6ySyu_gytORGXUFbFnfcP5yvZm5Q_Kh3izl6dVLvh3ErdT7eMropcP3J1HII1l5Ugb9f29fbOB2ExRE5EcKbo68O ...

Continue Reading

30 мая, 2022

1 74 736 74 737 74 738 74 739 74 740 74 974

Back to Main
Subscribe for the latest news: