Cloudfox – Automating Situational Awareness For Cloud Penetration Tests

[![](https://blogger.googleusercontent.com/img/a/AVvXsEjnZV68nlgZG7KiqYaVB3-ucQJOspZ0Lytex_Ql7bXxJucf-OYBMvdAEj-kMSQW-Xs__geqyStu4k1cv5TlsEgYrNPFSHK3oOXURLjMAe25we1Gz0tXiMAfN9W6WgspIwGj2Kld8Q0vPP3g-JB ...

Continue Reading
CVE-2022-41672

In Apache Airflow, prior to version 2.4.1, deactivating a user wouldn't prevent an already authenticated user from being able to continue using the UI or API.Read More ...

Continue Reading
Tendermint Core vulnerable to Uncontrolled Resource Consumption

### Description Tendermint Core v0.34.0 introduced a new way of handling evidence of misbehavior. As part of this, [we added a new `Timestamp` field to `Evidence` structs](https://github.com/tendermi ...

Continue Reading

CVSS3 - MEDIUM

CVSS2 - MEDIUM

Tendermint Core vulnerable to Uncontrolled Resource Consumption

### Description Tendermint Core v0.34.0 introduced a new way of handling evidence of misbehavior. As part of this, [we added a new `Timestamp` field to `Evidence` structs](https://github.com/tendermi ...

Continue Reading

CVSS3 - MEDIUM

CVSS2 - MEDIUM

etcd has no minimum password length

### Vulnerability type Access Control ### Workarounds The etcdctl and etcd API do not enforce a specific password length during user creation or user password update operations. [It is the responsibil ...

Continue Reading

CVSS3 - HIGH

CVSS2 - MEDIUM

Hundreds of Microsoft SQL servers found to be backdoored

Researchers at [DCSO CyTec]() recently found a backdoor that specifically targets Microsoft SQL servers. The malware acts as an Extended Stored Procedure, which is a special type of extension used by ...

Continue Reading
etcd has no minimum password length

### Vulnerability type Access Control ### Workarounds The etcdctl and etcd API do not enforce a specific password length during user creation or user password update operations. [It is the responsibil ...

Continue Reading

CVSS3 - HIGH

CVSS2 - MEDIUM

(RHSA-2022:6821) Important: Red Hat JBoss Enterprise Application Platform 7.4.7 Security update

Red Hat JBoss Enterprise Application Platform 7 is a platform for Java applications based on the WildFly application runtime. This release of Red Hat JBoss Enterprise Application Platform 7.4.7 serves ...

Continue Reading

CVSS3 - HIGH

CVSS2 - MEDIUM

Back to Main

Subscribe for the latest news:
Generated by Feedzy