CVE-2022-37026

A Client Authentication Bypass was found in Erlang/OTP. This issue occurs in certain client-certification situations for SSL, TLS, and DTLS...

FAQ: Transitioning to the highly anticipated new revision of ISO 27001

For a group like Coalfire Certification that lives and breathes these standards daily, it has been an exciting few months monitoring the progress of this publication and its review through the various ISO working groups...

CVE-2022-39058

RAVA certification validation system has a path traversal vulnerability. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and access arbitrary system files...

CVE-2022-39058

RAVA certification validation system has a path traversal vulnerability. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and access arbitrary system files...

Path traversal

RAVA certification validation system has a path traversal vulnerability. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and access arbitrary system files...

CVE-2022-39058 Changing Information Technology Inc. RAVA certificate validation system - Path Traversal

RAVA certification validation system has a path traversal vulnerability. An unauthenticated remote attacker can exploit this vulnerability to bypass authentication and access arbitrary system files...

CVE-2022-39058

CVE-2022-39058 concerns the RAVA certificate validation system from Changing Information Technology Inc. The issue is a path traversal vulnerability allowing an unauthenticated remote attacker to bypass authentication and access arbitrary system files. Multiple sources corroborate the vulnerabili...

CVE-2022-41747

An improper certification validation vulnerability in Trend Micro Apex One agents could allow a local attacker to load a DLL file with system service privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in...

Input validation

An improper certification validation vulnerability in Trend Micro Apex One agents could allow a local attacker to load a DLL file with system service privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in...

CVE-2022-41747

The CVE-2022-41747 entry concerns Trend Micro Apex One agents with an improper certification validation vulnerability. A local attacker who already has low-privilege code execution could abuse the certification validation flaw to load a DLL file with system service privileges on affected Apex One...

CVE-2022-41747

An improper certification validation vulnerability in Trend Micro Apex One agents could allow a local attacker to load a DLL file with system service privileges on affected installations. Please note: an attacker must first obtain the ability to execute low-privileged code on the target system in...

PT-2022-26053 · Trend Micro · Trend Micro Apex One

Name of the Vulnerable Software and Affected Versions: Trend Micro Apex One affected versions not specified Description: The issue is related to an improper certification validation vulnerability in Trend Micro Apex One agents. This could allow a local attacker to load a DLL file with system...

certification-nortel.com Cross Site Scripting vulnerability OBB-2965830

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

UBUNTU-CVE-2022-0644

Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none...

Design/Logic Flaw

It was found that the CVE-2021-27918, CVE-2021-31525 and CVE-2021-33196 have been incorrectly mentioned as fixed in RHSA for Serverless 1.16.0 and Serverless client kn 1.16.0. These have been fixed with Serverless 1.17.0...

The top benefits of getting CompTIA Network+ certification

By Owais Sultan The Computer Technology Industry Association is known as CompTIA. Over 2,000 member groups and 3,000 business partners make… This is a post from HackRead.com Read the original post: The top benefits of getting CompTIA Network+ certification...

EulerOS Virtualization 2.10.1 : openssl (EulerOS-SA-2022-2060)

According to the versions of the openssl packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of...

Improper Certification Verification

github.com/argoproj/argo-cd is using improper certificate validation. Insufficient handling of certificate verification on OIDC provider connections validates malicious OpenID Connect OIDC provider as a trusted one...

CVE-2022-35374

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none...

CVE-2022-35360

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none...