EUVD-2022-50286

Malicious code in bioql PyPI...

EUVD-2022-50287

Malicious code in bioql PyPI...

CVE-2022-47526

Fox-IT DataDiode aka Fox DataDiode 3.4.3 suffers from a path traversal vulnerability with resultant arbitrary writing of files. A remote attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the downstream node user. Exploitation of this issue does not...

CVE-2022-47525

Fox-IT DataDiode aka Fox DataDiode 3.4.3 suffers from a Divide-by-Zero vulnerability in the packet parser. A remote attacker could leverage this vulnerability to cause a denial-of-service. Exploitation of this issue does not require user interaction...

CVE-2022-47525

Fox-IT DataDiode aka Fox DataDiode 3.4.3 suffers from a Divide-by-Zero vulnerability in the packet parser. A remote attacker could leverage this vulnerability to cause a denial-of-service. Exploitation of this issue does not require user interaction...

CVE-2022-47526

Fox-IT DataDiode aka Fox DataDiode 3.4.3 suffers from a path traversal vulnerability with resultant arbitrary writing of files. A remote attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the downstream node user. Exploitation of this issue does not...

CVE-2022-47526

Fox-IT DataDiode aka Fox DataDiode 3.4.3 suffers from a path traversal vulnerability with resultant arbitrary writing of files. A remote attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the downstream node user. Exploitation of this issue does not...

Design/Logic Flaw

Fox-IT DataDiode aka Fox DataDiode 3.4.3 suffers from a Divide-by-Zero vulnerability in the packet parser. A remote attacker could leverage this vulnerability to cause a denial-of-service. Exploitation of this issue does not require user interaction...

Path traversal

Fox-IT DataDiode aka Fox DataDiode 3.4.3 suffers from a path traversal vulnerability with resultant arbitrary writing of files. A remote attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the downstream node user. Exploitation of this issue does not...

Fox-IT DataDiode 路径遍历漏洞

Fox-IT DataDiode Fox DataDiode is an IT security product from Fox-IT. It guarantees unidirectional data transfer in real time over fast 1-10Gbps data connections. A security vulnerability exists in Fox-IT DataDiode Fox DataDiode version 3.4.3. An attacker can exploit the vulnerability to execute...

CVE-2022-47526

Fox-IT DataDiode aka Fox DataDiode 3.4.3 suffers from a path traversal vulnerability with resultant arbitrary writing of files. A remote attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the downstream node user. Exploitation of this issue does not...

Fox-IT DataDiode 数字错误漏洞

Fox-IT DataDiode Fox DataDiode is an IT security product from Fox-IT. It guarantees unidirectional data transfer in real time over fast 1-10Gbps data connections. A security vulnerability exists in Fox-IT DataDiode Fox DataDiode version 3.4.3. An attacker could exploit this vulnerability to cause...

CVE-2022-47526

Fox-IT DataDiode aka Fox DataDiode 3.4.3 suffers from a path traversal vulnerability with resultant arbitrary writing of files. A remote attacker could leverage this vulnerability to achieve arbitrary code execution in the context of the downstream node user. Exploitation of this issue does not...

CVE-2022-47526

Fox-IT DataDiode (Fox DataDiode) v3.4.3 exposes a path-traversal vulnerability allowing arbitrary file writes and remote code execution in the downstream node user context. Exploitation requires no user interaction and can be achieved over the network with no privileges. Several connected sources...

CVE-2022-47525

Fox-IT DataDiode aka Fox DataDiode 3.4.3 suffers from a Divide-by-Zero vulnerability in the packet parser. A remote attacker could leverage this vulnerability to cause a denial-of-service. Exploitation of this issue does not require user interaction...

CVE-2022-47525

Fox-IT DataDiode (aka Fox DataDiode) 3.4.3 is affected by a Divide-by-Zero vulnerability in the packet parser. A remote attacker could cause a denial-of-service without user interaction. Exploitation details are not provided in the supplied documents beyond the remote, unauthenticated nature of t...

CISA Issues Warning on Active Exploitation of ZK Java Web Framework Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency CISA has added a high-severity flaw affecting the ZK Framework to its Known Exploited Vulnerabilities KEV catalog based on evidence of active exploitation. Tracked as CVE-2022-36537 CVSS score: 7.5, the issue impacts ZK Framework versions...

A week in security (December 11 – December 17)

Last week we explained what fast flux is and how it's being abused, we showed you all kinds of Bitcoin-related scams, presented a video recording of a tech support scammer trying to sell free software, and pointed out some free software to keep an eye on your Internet traffic. We also informed yo...

Safety warning: the domestic more than 3 0 0 Station juniper network equipment by back door influence-vulnerability warning-the black bar safety net

In 2 0 1 5 year 1 2 on 1 8 November,Juniper's official website released a security Bulletin,noted that in their Netscrren firewall ScreenOS software found unauthorized code,which relates to the 2 security questions,one is in the VPN authentication code is placed in the back door,allowing an...

Free theme hidden back door, spread WordPress and other renowned CMS system-vulnerability warning-the black bar safety net

Recently the United States security researchers broke the news, for the CMS site of the thousands of plugins and themes are implanted called CryptoPHP Backdoor, which may lead to a lot ofWeb serveris an attacker for himself. Hidden in the CMS free plug-in the midst of the This new-found back door...