(RHSA-2023:1454) Moderate: Red Hat OpenShift GitOps security update
Security Fix(es): * ArgoCD: Authenticated but unauthorized users may enumerate Application names via the API (CVE-2022-41354) For more details about the security issue(s), including the impact, a CVSS ...
Continue Reading
March 23, 2023
CVE-2022-22512
Hard-coded credentials in Web-UI of multiple VARTA Storage products in multiple versions allows an unauthorized attacker to gain administrative access to the Web-UI via network.Read More ...
Continue Reading
March 23, 2023
(RHSA-2023:1428) Important: Migration Toolkit for Containers (MTC) 1.7.8 security and bug fix update
The Migration Toolkit for Containers (MTC) enables you to migrate Kubernetes resources, persistent volume data, and internal container images between OpenShift Container Platform clusters, using the M ...
Continue Reading
March 23, 2023
Amazon Linux 2023 : xmlrpc-c, xmlrpc-c-apps, xmlrpc-c-c++ (ALAS2023-2023-068)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-068 advisory. - xmltok_impl.c in Expat (aka libexpat) before 2.4.5 lacks certain validation of encoding, such as chec ...
Continue Reading
March 22, 2023
IBM Aspera Faspex < 4.4.2 Patch Level 2 Multiple Vulnerabilities
According to its self-reported version, the instance of IBM Aspera Faspex running on the remote web server is prior to 4.4.2 Patch Level 2. It is, therefore, affected by multiple vulnerabilities, incl ...
Continue Reading
March 20, 2023
Bitbucket Environment Variable Remote Command Injection Exploit
For various versions of Bitbucket, there is an authenticated command injection vulnerability that can be exploited by injecting environment variables into a user name. This module achieves remote code ...
Continue Reading
March 16, 2023
Wordfence Intelligence Weekly WordPress Vulnerability Report (Mar 6, 2023 to Mar 12, 2023)
Last week, there were 60 vulnerabilities disclosed in 40 WordPress Plugins and 1 WordPress theme that have been added to the Wordfence Intelligence Vulnerability Database, and there were 16 Vulnerabil ...
Continue Reading
March 16, 2023
Bitbucket Environment Variable Remote Command Injection
Post ContentRead More ...
Continue Reading
March 16, 2023
KB5023754: Windows Server 2008 Security Update (March 2023)
The remote Windows host is missing security update 5023754. It is, therefore, affected by multiple vulnerabilities - Internet Control Message Protocol (ICMP) Remote Code Execution Vulnerability (CVE ...
Continue Reading
March 15, 2023
KB5023705: Windows 2022 / Azure Stack HCI 22H2 Security Update (March 2023)
The remote Windows host is missing security update 5023705. It is, therefore, affected by multiple vulnerabilities - An out-of-bounds write vulnerability exists in TPM2.0's Module Library allowing w ...
Continue Reading
March 15, 2023
