VMware Workspace ONE Access Template Injection / Command Execution

Post ContentRead More ...

Continue Reading

May 30, 2022

VMware Workspace ONE Access CVE-2022-22954

This module exploits CVE-2022-22954, an unauthenticated server-side template injection (SSTI) in VMware Workspace ONE Access, to execute shell commands as the "horizon" user.Read More ...

Continue Reading

May 30, 2022

Widespread Exploitation of VMware Workspace ONE Access CVE-2022-22954

![Widespread Exploitation of VMware Workspace ONE Access CVE-2022-22954](https://blog.rapid7.com/content/images/2022/04/vmware-one-etr.jpg) On April 6, 2022, VMware published [VMSA-2022-0011](), which ...

Continue Reading

May 30, 2022

Attacker Breach ‘Dozens’ of GitHub Repos Using Stolen OAuth Tokens

GitHub revealed details tied to last week’s incident where hackers, using stolen OAuth tokens, downloaded data from private repositories. “We do not believe the attacker obtained these tokens via a ...

Continue Reading

May 30, 2022

RST Threat feed. IOC: oauth-services.live

Found **oauth-services[.]live** in [RST Threat Feed](https://rs...Read More ...

Continue Reading

May 30, 2022

RST Threat feed. IOC: ssl-oauth.com

Found **ssl-oauth[.]com** in [RST Threat Feed](https://rstcloud...Read More ...

Continue Reading

May 30, 2022

JVN#15317878: Spring Security OAuth (spring-security-oauth2) vulnerable to denial-of-service (DoS)

Spring Security OAuth (spring-security-oauth2) provided by VMware, Inc. contains a denial-of-service vulnerability due to uncontrolled resource consumption ([CWE-400]()). Note that Spring Security OAu ...

Continue Reading

May 30, 2022

High-Severity Bug Reported in Google’s OAuth Client Library for Java

[![Google's OAuth Client Library for Java](https://thehackernews.com/new-images/img/b/R29vZ2xl/AVvXsEjALy9QMXTUv6ySyu_gytORGXUFbFnfcP5yvZm5Q_Kh3izl6dVLvh3ErdT7eMropcP3J1HII1l5Ugb9f29fbOB2ExRE5EcKbo68O ...

Continue Reading

May 30, 2022

1 83,359 83,360 83,361 83,362 83,363 83,597

Back to Main
Subscribe for the latest news: