CVE-2022-35216
OMICARD EDMs mail image relay function has a path traversal vulnerability. An unauthenticated remote attacker can exploit this vulnerability to by-pass authentication and access arbitrary system fi ...
Continue Reading
August 04, 2022
CVE-2022-29217
PyJWT is a Python implementation of RFC 7519. PyJWT supports multiple different JWT signing algorithms. With JWT, an attacker submitting the JWT token can choose the used signing algorithm. The PyJWT ...
Continue Reading
August 04, 2022
Security Bulletin: Vulnerability in Apache Tomcat affects IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem products
## Summary A vulnerability in Apache Tomcat affects the product's management GUI, potentially allowing an attacker to cause a denial of service. The Command Line Interface is unaffected. ## Vulnerabi ...
Continue Reading
August 04, 2022
Security Bulletin: Vulnerabilities in IBM Java and Apache Tomcat affect IBM SAN Volume Controller, IBM Storwize, IBM Spectrum Virtualize and IBM FlashSystem V9000 products
## Summary Multiple vulnerabilities in IBM® Runtime Environment Java Technology Edition and Apache Tomcat affect the product's management GUI. The Command Line Interface is unaffected. ## Vulnerab ...
Continue Reading
August 04, 2022
ruby:2.5 security update
ruby [2.5.9-110] - Fix FTBFS due to an incompatible load directive. - Fix a fiddle import test on an optimized glibc on Power 9. - Fix by adding length limit option for methods that parses date strin ...
Continue Reading
August 03, 2022
Woody RAT: A new feature-rich malware spotted in the wild
_This blog post was authored by Ankur Saini and Hossein Jazi_ The Malwarebytes Threat Intelligence team has identified a new Remote Access Trojan we are calling Woody Rat that has been in the wild fo ...
Continue Reading
August 03, 2022
CVE-2022-32212
A vulnerability was found in NodeJS, where the IsAllowedHost check can be easily bypassed because IsIPAddress does not properly check if an IP address is invalid or not. When an invalid IPv4 address ...
Continue Reading
August 03, 2022
(RHSA-2022:5779) Moderate: ruby:2.5 security update
Ruby is an extensible, interpreted, object-oriented, scripting language. It has features to process text files and to perform system management tasks. Security Fix(es): * ruby: Regular expression den ...
Continue Reading
August 01, 2022
ALSA-2022:5717: grafana security update (Important)
Grafana is an open source, feature rich metrics dashboard and graph editor for Graphite, InfluxDB & OpenTSDB. Security Fix(es): * grafana: OAuth account takeover (CVE-2022-31107) For more details ...
Continue Reading
July 29, 2022
