VMware Workstation, VMware Fusion Security Vulnerabilities

FortiNet FortiClient EMS 7.2.2 / 7.0.10 SQL Injection / Remote Code Execution

...

Oracle Identity Manager (Apr 2024 CPU)

The 12.2.1.4.0 versions of Identity Manager installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2024 CPU advisory. Vulnerability in the Oracle Identity Manager product of Oracle Fusion Middleware (component: Third Party (Quartz)). The supported...

Low Photon OS Security Update - PHSA-2024-4.0-0598

Updates of ['kubernetes'] packages of Photon OS have been...

RHEL 7 : tigervnc (RHSA-2024:0006)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:0006 advisory. Virtual Network Computing (VNC) is a remote display system which allows users to view a computing desktop environment not only on the...

RHEL 7 : shim (RHSA-2024:1959)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1959 advisory. The shim package contains a first-stage UEFI boot loader that handles chaining to a trusted full boot loader under secure boot...

FortiNet FortiClient EMS 7.2.2 / 7.0.10 SQL Injection / Remote Code Execution Exploit

A remote SQL injection vulnerability exists in FortiNet FortiClient EMS (Endpoint Management Server) versions 7.2.0 through 7.2.2 and 7.0.1 through 7.0.10. FortiClient EMS serves as an endpoint management solution tailored for enterprises, offering a centralized platform for overseeing enrolled...

Low Photon OS Security Update - PHSA-2024-5.0-0255

Updates of ['kubernetes'] packages of Photon OS have been...

MITRE Corporation Breached by Nation-State Hackers Exploiting Ivanti Flaws

The MITRE Corporation revealed that it was the target of a nation-state cyber attack that exploited two zero-day flaws in Ivanti Connect Secure appliances starting in January 2024. The intrusion led to the compromise of its Networked Experimentation, Research, and Virtualization Environment...

A week in security (April 15 – April 21)

Last week on Malwarebytes Labs: Law enforcement reels in phishing-as-a-service whopper Mental health company Cerebral failed to protect sensitive personal data, must pay $7 million Cannabis investment scam JuicyFields ends in 9 arrests Should you share your location with your partner? Giant Tiger.....

Security Bulletin: IBM Security Verify Governance - Identity Manager has multiple vulnerabilities

Summary Multiple security vulnerabilities have been addressed in updates to IBM Security Verify Governance - Identity Manager software component and IBM Security Verify Governance - Identity Manager virtual appliance component. Vulnerability Details ** CVEID: CVE-2023-26119 DESCRIPTION:...

RHEL 6 / 7 : rh-python35-python-jinja2 (RHSA-2019:1237)

The remote Redhat Enterprise Linux 6 / 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2019:1237 advisory. python-jinja2: Sandbox escape due to information disclosure via str.format (CVE-2016-10745) python-jinja2: str.format_map allows...

RHEL 6 / 7 : php54 (RHSA-2015:1066)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2015:1066 advisory. php: use after free vulnerability in unserialize() (CVE-2014-8142) php: out of bounds read when parsing a crafted .php file...

RHEL 6 / 7 : rh-mysql56-mysql (RHSA-2015:1630)

The remote Redhat Enterprise Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2015:1630 advisory. mysql: unspecified vulnerability related to Server:GIS (CPU July 2015) (CVE-2015-2582) mysql: unspecified vulnerability related to...

RHEL 7 : rabbitmq-server (RHSA-2017:0530)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2017:0530 advisory. RabbitMQ is an implementation of AMQP, the emerging standard for high performance enterprise messaging. The RabbitMQ server is a robust and scalable...

Akira Ransomware Gang Extorts $42 Million; Now Targets Linux Servers

Threat actors behind the Akira ransomware group have extorted approximately $42 million in illicit proceeds after breaching the networks of more than 250 victims as of January 1, 2024. "Since March 2023, Akira ransomware has impacted a wide range of businesses and critical infrastructure entities.....

Oracle WebCenter Portal (April 2024 CPU)

The 12.2.1.4.0 versions of WebCenter Portal installed on the remote host are affected by a vulnerability as referenced in the April 2024 CPU advisory. Vulnerability in the Oracle WebCenter Portal product of Oracle Fusion Middleware (component: Content integration). The supported version that...

Oracle Coherence (April 2024 CPU)

The 12.2.1.4.0 and 14.1.1.0.0 versions of Coherence installed on the remote host are affected by a vulnerability as referenced in the April 2024 CPU advisory: Vulnerability in the Oracle Coherence product of Oracle Fusion Middleware (component: Third Party (Apache Mina SSHD)). Supported...

Moderate Photon OS Security Update - PHSA-2024-4.0-0595

Updates of ['python3-pycryptodomex', 'python3-pycryptodome'] packages of Photon OS have been...

Oracle Access Manager (Apr 2024 CPU)

The 12.2.1.4.0 versions of Access Manager installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2024 CPU advisory. Vulnerability in the Oracle Access Manager product of Oracle Fusion Middleware (component: Webserver Plugin (Apache Xerces-C++)). The...

Moderate Photon OS Security Update - PHSA-2024-4.0-0596

Updates of ['linux-aws'] packages of Photon OS have been...

Security Bulletin: IBM Observability with Instana for Synthetic PoP is affected by Multiple Security Vulnerabilities

Summary Multiple vulnerabilities were addressed in IBM Observability with Instana for Synthetic PoP build 271 Vulnerability Details ** CVEID: CVE-2024-22259 DESCRIPTION: **VMware Tanzu Spring Framework could allow a remote attacker to conduct phishing attacks, caused by an open redirect...

Recover from Ransomware in 5 Minutes—We will Teach You How!

Super Low RPO with Continuous Data Protection: Dial Back to Just Seconds Before an Attack Zerto, a Hewlett Packard Enterprise company, can help you detect and recover from ransomware in near real-time. This solution leverages continuous data protection (CDP) to ensure all workloads have the lowest....

Important Photon OS Security Update - PHSA-2024-4.0-0593

Updates of ['squid'] packages of Photon OS have been...

RHEL 7 : firefox (RHSA-2024:1910)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2024:1910 advisory. Mozilla Firefox is an open-source web browser, designed for standards compliance, performance, and portability. This update upgrades...

Important Photon OS Security Update - PHSA-2024-4.0-0594

Updates of ['glibc'] packages of Photon OS have been...

Oracle HTTP Server (April 2024 CPU)

The versions of HTTP Server installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2024 CPU advisory: Vulnerability in the Oracle HTTP Server product of Oracle Fusion Middleware (component: Plugins (BSAFE Crypto-J)). Supported versions that are...

Important Photon OS Security Update - PHSA-2024-5.0-0250

Updates of ['glibc'] packages of Photon OS have been...

Important Photon OS Security Update - PHSA-2024-3.0-0750

Updates of ['glibc'] packages of Photon OS have been...

Important Photon OS Security Update - PHSA-2024-3.0-0751

Updates of ['squid'] packages of Photon OS have been...

Moderate Photon OS Security Update - PHSA-2024-5.0-0251

Updates of ['python3-pycryptodomex', 'python3-pycryptodome'] packages of Photon OS have been...

Amazon Linux 2 : krb5 (ALAS-2024-2512)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2024-2512 advisory. Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/rpc/pmap_rmt.c. (CVE-2024-26458) Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in...

RHEL 7 : rhc-worker-script (RHSA-2024:1874)

The remote Redhat Enterprise Linux 7 host has a package installed that is affected by a vulnerability as referenced in the RHSA-2024:1874 advisory. The rhc-worker-script packages provide Remote Host Configuration (rhc) worker for executing an interpreted programming language script on hosts...

Security Bulletin: IBM Spectrum Symphony with spring-security-config is vulnerable to Incorrect Permission Assignment for Critical Resource

Summary IBM Spectrum Symphony with spring-security-config is vulnerable to Incorrect Permission Assignment for Critical Resource Vulnerability Details ** CVEID: CVE-2023-34042 DESCRIPTION: **VMware Tanzu Spring Security could allow a local authenticated attacker to bypass security restrictions,...

Security Bulletin: IBM Spectrum Conductor with spring-security-config is vulnerable to Incorrect Permission Assignment for Critical Resource

Summary IBM Spectrum Conductor with spring-security-config is vulnerable to Incorrect Permission Assignment for Critical Resource Vulnerability Details ** CVEID: CVE-2023-34042 DESCRIPTION: **VMware Tanzu Spring Security could allow a local authenticated attacker to bypass security restrictions,...

Oracle Patch Update, April 2024 Security Update Review

Oracle released its second quarterly edition of Critical Patch Update, which contains patches for 441 security vulnerabilities. Some of the vulnerabilities addressed in this update impact more than one product. These patches address vulnerabilities in various product families, including...

Critical Atlassian Flaw Exploited to Deploy Linux Variant of Cerber Ransomware

Threat actors are exploiting unpatched Atlassian servers to deploy a Linux variant of Cerber (aka C3RB3R) ransomware. The attacks leverage CVE-2023-22518 (CVSS score: 9.1), a critical security vulnerability impacting the Atlassian Confluence Data Center and Server that allows an unauthenticated...

RHEL 7 : java-1.8.0-openjdk (RHSA-2024:1817)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:1817 advisory. The java-1.8.0-openjdk packages provide the OpenJDK 8 Java Runtime Environment and the OpenJDK 8 Java Software Development Kit. Security...

Oracle WebLogic Server (April 2024 CPU)

The 12.2.1.4.0 and 14.1.1.0.0 versions of WebLogic Server installed on the remote host are affected by multiple vulnerabilities as referenced in the April 2024 CPU advisory: Vulnerability in the Oracle WebLogic Server product of Oracle Fusion Middleware (component: Samples (handlebars)). ...

Important Photon OS Security Update - PHSA-2024-5.0-0249

Updates of ['squid'] packages of Photon OS have been...

Important Photon OS Security Update - PHSA-2024-5.0-0248

Updates of ['linux-secure', 'linux', 'linux-rt'] packages of Photon OS have been...

Amazon Linux 2023 : krb5-devel, krb5-libs, krb5-pkinit (ALAS2023-2024-586)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2024-586 advisory. Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/rpc/pmap_rmt.c. (CVE-2024-26458) Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in...

Moderate Photon OS Security Update - PHSA-2024-3.0-0749

Updates of ['libvirt', 'linux'] packages of Photon OS have been...

Critical Photon OS Security Update - PHSA-2024-4.0-0592

Updates of ['linux-secure', 'suricata', 'ruby', 'wireshark', 'linux-aws', 'linux', 'openssl', 'libvirt', 'linux-rt'] packages of Photon OS have been...

CVE-2024-21118

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Core). Supported versions that are affected are 8.5.6 and 8.5.7. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Outside In...

CVE-2024-21119

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Core). Supported versions that are affected are 8.5.6 and 8.5.7. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Outside In...

CVE-2024-21118

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Core). Supported versions that are affected are 8.5.6 and 8.5.7. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Outside In...

CVE-2024-21120

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Core). Supported versions that are affected are 8.5.6 and 8.5.7. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Outside In...

CVE-2024-21119

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Core). Supported versions that are affected are 8.5.6 and 8.5.7. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Outside In...

CVE-2024-21120

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Core). Supported versions that are affected are 8.5.6 and 8.5.7. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Outside In...

CVE-2024-21117

Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component: Outside In Core). Supported versions that are affected are 8.5.6 and 8.5.7. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle Outside In...