(RHSA-2023:2097) Important: Satellite 6.13 Release
Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized too ...
Continue Reading
May 03, 2023
Security Bulletin: Security vulnerabilities are addressed with IBM Cloud Pak for Business Automation iFixes for April 2023
## Summary In addition to many updates of operating system level packages, the following security vulnerability is addressed with IBM Cloud Pak for Business Automation 21.0.3-IF020 and 22.0.2-IF004. # ...
Continue Reading
May 01, 2023
APT28 Targets Ukrainian Government Entities with Fake “Windows Update” Emails
[]() The Computer Emergency Response Team of Ukraine (CERT-UA) has ...
Continue Reading
May 01, 2023
CVE-2023-27487
Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.26.0, 1.25.3, 1.24.4, 1.23.6, and 1.22.9, the client may bypass JSON Web Token (JWT) checks a ...
Continue Reading
May 01, 2023
CVE-2023-27488
Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.26.0, 1.25.3, 1.24.4, 1.23.6, and 1.22.9, escalation of privileges is possible when `failure_ ...
Continue Reading
May 01, 2023
CVE-2023-27487
A flaw was found in envoy. The header x-envoy-original-path should be an internal header, but Envoy does not remove this header from the request at the beginning of request processing when it is sent ...
Continue Reading
May 01, 2023
CVE-2023-27487
Envoy is an open source edge and service proxy designed for cloud-native applications. Prior to versions 1.26.0, 1.25.3, 1.24.4, 1.23.6, and 1.22.9, the client may bypass JSON Web Token (JWT) checks a ...
Continue Reading
May 01, 2023
VMware Workspace ONE Access VMSA-2022-0011 exploit chain
This module combines two vulnerabilities in order achieve remote code execution in the context of the `horizon` user. The first vulnerability CVE-2022-22956 is an authentication bypass in OAuth2TokenR ...
Continue Reading
May 01, 2023
VMware Workspace ONE Remote Code Execution Exploit
This Metasploit module combines two vulnerabilities in order achieve remote code execution in the context of the horizon user. The first vulnerability, CVE-2022-22956, is an authentication bypass in O ...
Continue Reading
May 01, 2023
