Warning: Hackers Actively Exploiting Zero-Day in Fortra's GoAnywhere MFT

A zero-day vulnerability affecting Fortra's GoAnywhere MFT managed file transfer application is being actively exploited in the wild. Details of the flaw were first publicly shared by security reporter Brian Krebs on Mastodon. No public advisory has been published by Fortra. The vulnerability is ...

New SH1MMER Exploit for Chromebook Unenrolls Managed ChromeOS Devices

A new exploit has been devised to "unenroll" enterprise- or school-managed Chromebooks from administrative control. Enrolling ChromeOS devices makes it possible to enforce device policies as set by the organization via the Google Admin console, including the features that are available to users...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Tivoli System Automation Application Manager (CVE-2022-40750)

Summary IBM WebSphere Application Server is used by IBM Tivoli System Automation Application Manager and is vulnerable to cross-site scripting in the Admin Console. Required fixes for affected WebSphere Application Server has been published in the security bulletin links below. Vulnerability...

Security Bulletin: Vulnerability in IBM WebSphere Application Server (CVE-2022-40750) shipped with IBM Workload Scheduler 9.4

Summary IBM WebSphere Application Server WAS is shipped as a component of IBM Workload Scheduler, which results in IBM Workload Scheduled being impacted by this vulnerability. IBM WebSphere Application Server is vulnerable to cross-site scripting in the Admin Console when using the Application...

U.S. Dept Of Defense: Authentication Bypass Using Default Credentials on █████

An authentication bypass vulnerability was discovered on the admin console of █████████, allowing unauthorized access to the portal and its data using default credentials. The suggested mitigation is to change the credentials. No CVE numbers or affected product versions were mentioned...

Security Bulletin: IBM WebSphere Application Server shipped with Jazz for Service Management (JazzSM) is vulnerable to cross-site scripting in the Admin Console (CVE-2022-40750)

Summary IBM WebSphere Application Server is vulnerable to cross-site scripting in the Admin Console when using the Application Migration Report function. This has been addressed. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and...

Security Bulletin: A security vulnerability has been identified in IBM WebSphere Application Server shipped with IBM Tivoli System Automation Application Manager (CVE-2022-34336)

Summary IBM WebSphere Application Server is used by IBM Tivoli System Automation Application Manager and is vulnerable to cross-site scripting in the Admin Console. Required fixes for affected WebSphere Application Server has been published in the security bulletin links below. Vulnerability...

The vulnerability of the Java Admin Console software tools for backup and data restoration in NetBackup Appliances and NetBackup allows a malicious actor to execute arbitrary commands as the root user.

The vulnerability of the Java Admin Console software tools for backup and recovery operations of NetBackup Appliances and NetBackup relates to the lack of measures taken to neutralize special elements used in operating system commands. Exploiting this vulnerability could allow a malicious actor t...

Security Bulletin: IBM WebSphere Application Server shipped with Jazz for Service Management (JazzSM) is vulnerable to cross-site scripting in the Admin Console (CVE-2022-34336)

Summary IBM WebSphere Application Server is vulnerable to cross-site scripting in the Admin Console. This has been addressed. Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes section Affected Products and Versions Affected Products| Versions ---|--- Jazz for...

Security Bulletin: IBM Tivoli Composite Application Manager for Application Diagnostics Installed WebSphere Application Server traditional is vulnerable to cross-site scripting in the Admin Console (CVE-2022-34336)

Summary The security issue described in CVE-2022-34336 has been identified in the WebSphere Application Server traditional included as part of IBM Tivoli Composite Application Manager for Application Diagnostics Vulnerability Details Refer to the security bulletins listed in the Remediation/Fixes...

GHSA-755V-R4X4-QF7M Stored Cross-Site Scripting (XSS) in Keycloak via groups dropdown

Summary A Stored XSS vulnerability was reported in the Keycloak Security mailing list, affecting all the versions of Keycloak, including the latest release 16.0.1. The vulnerability allows a privileged attacker to execute malicious scripts in the admin console, abusing of the groups' dropdown...

Stored Cross-Site Scripting (XSS) in Keycloak via groups dropdown

Summary A Stored XSS vulnerability was reported in the Keycloak Security mailing list, affecting all the versions of Keycloak, including the latest release 16.0.1. The vulnerability allows a privileged attacker to execute malicious scripts in the admin console, abusing of the groups' dropdown...

Information Disclosure

H2 Database Engine is vulnerable to information disclosure. The vulnerability is caused by the webAdminPassword argument, which allows an administrator to specify the password in plaintext. An attacker can get the password for the H2 web admin console by looking at the running processes...

CVE-2022-45868

The web-based admin console in H2 Database Engine before 2.2.220 can be started via the CLI with the argument -webAdminPassword, which allows the user to specify the password in cleartext for the web admin console. Consequently, a local user or an attacker that has obtained local access through...

CVE-2022-45868

The web-based admin console in H2 Database Engine before 2.2.220 can be started via the CLI with the argument -webAdminPassword, which allows the user to specify the password in cleartext for the web admin console. Consequently, a local user or an attacker that has obtained local access through...

UBUNTU-CVE-2022-45868

DISPUTED The web-based admin console in H2 Database Engine before 2.2.220 can be started via the CLI with the argument -webAdminPassword, which allows the user to specify the password in cleartext for the web admin console. Consequently, a local user or an attacker that has obtained local access...

CVE-2022-45868

The web-based admin console in H2 Database Engine before 2.2.220 can be started via the CLI with the argument -webAdminPassword, which allows the user to specify the password in cleartext for the web admin console. Consequently, a local user or an attacker that has obtained local access through...

Default credentials

DISPUTED The web-based admin console in H2 Database Engine through 2.1.214 can be started via the CLI with the argument -webAdminPassword, which allows the user to specify the password in cleartext for the web admin console. Consequently, a local user or an attacker that has obtained local access...

CVE-2022-45868

The web-based admin console in H2 Database Engine before 2.2.220 can be started via the CLI with the argument -webAdminPassword, which allows the user to specify the password in cleartext for the web admin console. Consequently, a local user or an attacker that has obtained local access through...

CVE-2022-45868

The web-based admin console in H2 Database Engine before 2.2.220 can be started via the CLI with the argument -webAdminPassword, which allows the user to specify the password in cleartext for the web admin console. Consequently, a local user or an attacker that has obtained local access through...