etcd versions 3.2.x before 3.2.26 and 3.3.x before 3.3.11 are vulnerable to an improper authentication issue when role-based access control (RBAC) is used and client-cert-auth is enabled. If an etcd c ...
Continue ReadingMay 30, 2022
_This blog post was authored by Ankur Saini, Roberto Santos and Hossein Jazi._ UAC-0056 also known as SaintBear, UNC2589 and TA471 is a [cyber espionage actor]() that has been active since early 2021 ...
Continue ReadingMay 30, 2022
grpc-swift is the Swift language implementation of gRPC, a remote procedure call (RPC) framework. Prior to version 1.7.2, a grpc-swift server is vulnerable to a denial of service attack via a reachabl ...
Continue ReadingMay 30, 2022
Virtuozzo Hybrid Server 7.5 Update 3 introduces new features and provides stability and usability bug fixes. It also introduces a new kernel 3.10.0-1160.53.1.vz7.185.3. **Vulnerability id:** PSBM-1332 ...
Continue ReadingMay 30, 2022
etcd versions 3.2.x before 3.2.26 and 3.3.x before 3.3.11 are vulnerable to an improper authentication issue when role-based access control (RBAC) is used and client-cert-auth is enabled. If an etcd c ...
Continue ReadingMay 30, 2022
OSS-Fuzz report: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=44431 ``` Crash type: Invalid-free Crash state: NIOHTTP2.NIOHTTP2Handler. NIOHTTP2.NIOHTTP2Handler.channelRead NIOCore.ChannelHan ...
Continue ReadingMay 30, 2022
This is the largest vulnerability we have seen in years. 1. **You may still be vulnerable even if your project is not based on Java.** Many tech stacks are vulnerable because so many tools use the L ...
Continue ReadingMay 30, 2022
Back to Main