(RHSA-2022:6024) Moderate: New container image for Red Hat Ceph Storage 5.2 Security update
Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and ...
Continue Reading
August 09, 2022
(RHSA-2022:5997) Moderate: Red Hat Ceph Storage Security, Bug Fix, and Enhancement Update
Red Hat Ceph Storage is a scalable, open, software-defined storage platform that combines the most stable version of the Ceph storage system with a Ceph management platform, deployment utilities, and ...
Continue Reading
August 09, 2022
(RHSA-2022:5879) Important: OpenShift Container Platform 4.9.45 bug fix and security update
Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container im ...
Continue Reading
August 09, 2022
A Deep Dive into VMDR 2.0 with Qualys TruRisk
_The old way of ranking vulnerabilities doesnt work anymore. Instead, enterprise security teams need to rate the true risks to their business. In this blog, we examine each of the risk scores delive ...
Continue Reading
August 08, 2022
ManageEngine ADAudit Plus Path Traversal / XML Injection Exploit
This Metasploit module exploits CVE-2022-28219, which is a pair of vulnerabilities in ManageEngine ADAudit Plus versions before build 7060. They include a path traversal in the /cewolf endpoint along ...
Continue Reading
August 08, 2022
ManageEngine ADAudit Plus Path Traversal / XML Injection
Post ContentRead More ...
Continue Reading
August 08, 2022
Security update for trivy (moderate)
An update that fixes one vulnerability is now available. Description: This update for trivy fixes the following issues: trivy was updated to version 0.30.4: * fix: remove the first arg when r ...
Continue Reading
August 06, 2022
Metasploit Weekly Wrap-Up
## Log4Shell in MobileIron Core  Thanks to [jbaines-r7]() we have yet another Log4Shell [exploit]( ...
Continue Reading
August 05, 2022
CVE-2022-32965
OMICARD EDM has a hard-coded machine key. An unauthenticated remote attacker can use the machine key to send serialized payload to the server to execute arbitrary code, manipulate system data and dis ...
Continue Reading
August 04, 2022
CVE-2022-32964
OMICARD EDMs API function has insufficient validation for user input. An unauthenticated remote attacker can inject arbitrary SQL commands to access, modify, delete database or disrupt service.Read ...
Continue Reading
August 04, 2022
