PT-2023-36148 · Unknown · Cdi-Uploadserver-Container +7

Name of the Vulnerable Software and Affected Versions: cdi-apiserver-container affected versions not specified cdi-cloner-container affected versions not specified cdi-controller-container affected versions not specified cdi-importer-container affected versions not specified cdi-operator-containe...

Cryptojacking Group TeamTNT Suspected of Using Decoy Miner to Conceal Data Exfiltration

The cryptojacking group known as TeamTNT is suspected to be behind a previously undiscovered strain of malware used to mine Monero cryptocurrency on compromised systems. That's according to Cado Security, which found the sample after Sysdig detailed a sophisticated attack known as SCARLETEEL aime...

Hackers Exploit Containerized Environments to Steal Proprietary Data and Software

A sophisticated attack campaign dubbed SCARLETEEL is targeting containerized environments to perpetrate theft of proprietary data and software. "The attacker exploited a containerized workload and then leveraged it to perform privilege escalation into an AWS account in order to steal proprietary...

Hackers Exploit Containerized Environments to Steal Proprietary Data and Software

A sophisticated attack campaign dubbed SCARLETEEL is targeting containerized environments to perpetrate theft of proprietary data and software. "The attacker exploited a containerized workload and then leveraged it to perform privilege escalation into an AWS account in order to steal proprietary...

Important: Red Hat Security Advisory: Red Hat Single Sign-On 7.6.2 for OpenShift image security and enhancement update

A new image is available for Red Hat Single Sign-On 7.6.2, running on Red Hat OpenShift Container Platform from the release of 3.11 up to the release of 4.12.0. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base...

Moderate: Red Hat Security Advisory: Red Hat support for Spring Boot 2.7.2.SP1 security update

An update is now available for Red Hat OpenShift Application Runtimes. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from th...

CVE-2022-43917

IBM WebSphere Application Server 8.5 and 9.0 traditional container uses weaker than expected cryptographic keys that could allow an attacker to decrypt sensitive information. This affects only the containerized version of WebSphere Application Server traditional. IBM X-Force ID: 241045...

Code injection

IBM WebSphere Application Server 8.5 and 9.0 traditional container uses weaker than expected cryptographic keys that could allow an attacker to decrypt sensitive information. This affects only the containerized version of WebSphere Application Server traditional. IBM X-Force ID: 241045...

CVE-2022-43917 IBM WebSphere Application Server information disclosure

IBM WebSphere Application Server 8.5 and 9.0 traditional container uses weaker than expected cryptographic keys that could allow an attacker to decrypt sensitive information. This affects only the containerized version of WebSphere Application Server traditional. IBM X-Force ID: 241045...

PT-2023-14397 · Ibm · Ibm Websphere Application Server

Name of the Vulnerable Software and Affected Versions: IBM WebSphere Application Server versions 8.5 through 9.0 Description: The issue is related to the use of weaker than expected cryptographic keys in the traditional container of IBM WebSphere Application Server, which could allow an attacker ...

Moderate: Red Hat Security Advisory: Red Hat support for Spring Boot 2.7.2 update

An update is now available for Red Hat OpenShift Application Runtimes. Red Hat support for Spring Boot provides an application platform that reduces the complexity of developing and operating applications monoliths and microservices for OpenShift as a containerized platform. This release of Red H...

Exploit for Code Injection in Vmware Spring_Framework

Spring4Shell-PoC Application This application has been contai...

AZL-33573 CVE-2022-41717 affecting package containerized-data-importer for versions less than 1.55.0-20

An attacker can cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total number of entries in this cache is capped, an attacker sending very large keys can cause the server to allocate...

CVE-2022-38754

A potential vulnerability has been identified in Micro Focus Operations Bridge - Containerized. The vulnerability could be exploited by a malicious authenticated OBM Operations Bridge Manager user to run Java Scripts in the browser context of another OBM user. Please note: The vulnerability is on...

CVE-2022-38754

A potential vulnerability has been identified in Micro Focus Operations Bridge - Containerized. The vulnerability could be exploited by a malicious authenticated OBM Operations Bridge Manager user to run Java Scripts in the browser context of another OBM user. Please note: The vulnerability is on...

Design/Logic Flaw

A potential vulnerability has been identified in Micro Focus Operations Bridge - Containerized. The vulnerability could be exploited by a malicious authenticated OBM Operations Bridge Manager user to run Java Scripts in the browser context of another OBM user. Please note: The vulnerability is on...

Micro Focus Operations Bridge Manager 跨站脚本漏洞

Micro Focus Operations Bridge Manager is a software application from Micro Focus UK. It provides a monitoring function. A security vulnerability exists in Micro Focus Micro Focus Operations Bridge Manager versions prior to 2022.11, Micro Focus Micro Focus Operations Bridge- Containerized versions...

CVE-2022-38754

CVE-2022-38754 affects Micro Focus Operations Bridge Manager and Operations Bridge-Containerized versions prior to 2022.11. The vulnerability is a cross-site scripting issue where a malicious authenticated OBM user could run JavaScript in the browser context of another OBM user. Impact is limited...

CVE-2022-38754 CVE-2022-38754 - Micro Focus Operations Bridge Manager and OpsBridge Containerized - Cross Site Scripting (XSS)

A potential vulnerability has been identified in Micro Focus Operations Bridge - Containerized. The vulnerability could be exploited by a malicious authenticated OBM Operations Bridge Manager user to run Java Scripts in the browser context of another OBM user. Please note: The vulnerability is on...

CVE-2022-38754 CVE-2022-38754 - Micro Focus Operations Bridge Manager and OpsBridge Containerized - Cross Site Scripting (XSS)

A potential vulnerability has been identified in Micro Focus Operations Bridge - Containerized. The vulnerability could be exploited by a malicious authenticated OBM Operations Bridge Manager user to run Java Scripts in the browser context of another OBM user. Please note: The vulnerability is on...