Atlassian Bitbucket RCE (CVE-2022-36804)
The version of Atlassian Bitbucket installed on the remote host is allows remote attackers with read permissions to a public or private Bitbucket repository to execute code by sending a malicious HTTP ...
Continue Reading
February 10, 2023
(RHSA-2023:0692) Moderate: OpenShift API for Data Protection (OADP) 1.0.7 security and bug fix update
OpenShift API for Data Protection (OADP) enables you to back up and restore application resources, persistent volume data, and internal container images to external backup storage. OADP enables both f ...
Continue Reading
February 09, 2023
GitLab < 15.5.7 / 15.6 < 15.6.4 / 15.7 < 15.7.2 (CVE-2022-4037)
The version of GitLab installed on the remote host is prior to 15.5.7, 15.6.4, 15.7.2. It is, therefore, affected by a race condition vulnerability as referenced in the SECURITY-RELEASE-GITLAB-15-7-2- ...
Continue Reading
February 08, 2023
Go SSH library vulnerable to Man-in-the-Middle attacks
The Go SSH library (x/crypto/ssh) by default does not verify host keys, facilitating man-in-the-middle attacks. Default behavior changed in commit e4e2799 to require explicitly registering a hostkey v ...
Continue Reading
February 08, 2023
EulerOS 2.0 SP8 : tomcat (EulerOS-SA-2023-1341)
According to the versions of the tomcat packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - If Apache Tomcat 8.5.0 to 8.5.82, 9.0.0-M1 to ...
Continue Reading
February 08, 2023
Exploit for Out-of-bounds Write in Vmware Cloud Foundation
# Feb2023-CVE-2021-21974-OSINT Analysis of the ransom demands fr...Read More ...
Continue Reading
February 05, 2023
[SECURITY] Fedora 36 Update: mingw-opusfile-0.12-6.fc36
libopusfile provides a high-level API for decoding and seeking within .opus files. It includes: * Support for all files with at least one Opus stream (including multichannel files or Ogg files where O ...
Continue Reading
February 03, 2023
[SECURITY] Fedora 37 Update: mingw-opusfile-0.12-9.fc37
libopusfile provides a high-level API for decoding and seeking within .opus files. It includes: * Support for all files with at least one Opus stream (including multichannel files or Ogg files where O ...
Continue Reading
February 03, 2023
Security Bulletin: IBM MQ is affected by FasterXML jackson-databind vulnerabilities (CVE-2022-42003, CVE-2022-42004)
## Summary Multiple issues were identified with the Jackson library that is used within the IBM MQ Console to provide REST API functionality. ## Vulnerability Details **CVEID: **[CVE-2022-42003]() ** ...
Continue Reading
February 02, 2023
Security Bulletin: IBM WebSphere Application Server Liberty for IBM i is vulnerable to HTTP header injection and affected by denial of services due to multiple vulnerabilities.
## Summary IBM WebSphere Application Server Liberty for IBM i is vulnerable to an HTTP header injection caused by improper validation, and affected by a denial of service in GraphQL Java, a denial of ...
Continue Reading
February 02, 2023
