1365 matches found
CVE-2022-23937
In Wind River VxWorks 6.9 and 7, a specific crafted packet may lead to an out-of-bounds read during an IKE initial exchange scenario...
CVE-2022-23937
In Wind River VxWorks 6.9 and 7, a specific crafted packet may lead to an out-of-bounds read during an IKE initial exchange scenario...
PT-2022-6693 · Wind River · Vxworks
Name of the Vulnerable Software and Affected Versions: Wind River VxWorks versions 6.9 through 7 Description: The issue is related to an out-of-bounds read during an IKE initial exchange scenario, which can be triggered by a specifically crafted packet. This may allow a remote attacker to cause a...
CVE-2022-27919
Gradle Enterprise before 2022.1 allows remote code execution if the installation process did not specify an initial configuration file. The configuration allows certain anonymous access to administration and an API...
CVE-2022-27919
Gradle Enterprise before 2022.1 allows remote code execution if the installation process did not specify an initial configuration file. The configuration allows certain anonymous access to administration and an API...
Remote code execution
Gradle Enterprise before 2022.1 allows remote code execution if the installation process did not specify an initial configuration file. The configuration allows certain anonymous access to administration and an API...
Magic Hound Exploiting Old Microsoft Exchange ProxyShell Vulnerabilities
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here APT35 aka Magic Hound, an Iranian-backed threat group, has begun using Microsoft Exchange ProxyShell vulnerabilities as an initial attack vector and to execute code through multiple web shells. The group has primarily targeted...
PT-2022-18690 · Gradle · Gradle Enterprise
Name of the Vulnerable Software and Affected Versions: Gradle Enterprise versions prior to 2022.1 Description: The issue allows remote code execution if the installation process did not specify an initial configuration file, enabling certain anonymous access to administration and an API...
New Threat Actor Exotic Lily acting as Initial Access Broker for Conti and Diavol ransomware group
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. Exotic Lily was first discovered exploiting a zero-day vulnerability in Microsoft MSHTML CVE-2021-40444, which piqued the curiosity of researchers as a potentially sophisticated threat actor. Following additional analysis, it...
OESA-2022-1575 postgresql security update
PostgreSQL is an advanced Object-Relational database management system DBMS that supports almost all SQL constructs including transactions, subselects and user-defined types and functions. The postgresql package includes the client programs and libraries that you'll need to access a PostgreSQL DB...
[WP-H3] A malicious early user/attacker can manipulate the Collateral contract's pricePerShare to take an unfair share of future users' deposits
Lines of code Vulnerability details function deposituint256 amount external override nonReentrant returns uint256 ... uint256 shares = 0; if totalSupply == 0 shares = amountToDeposit; else / of shares owed = amount deposited / cost per share, cost per share = total supply / total value. / shares ...
Meet Exotic Lily, access broker for ransomware and other malware peddlers
The Google Threat Analysis Group TAG has shared their observations about a group of cybercriminals called Exotic Lily. This group has specialized itself as an initial access broker, which means they find a vulnerability in an organizations defenses, exploit that vulnerability, and sell the access...
Google Blows Lid Off Conti, Diavol Ransomware Access-Broker Ops
Google’s Threat Analysis Group TAG has provided a rare look inside the operations of a cybercriminal dubbed “Exotic Lily,” that appears to serve as an initial-access broker for both Conti and Diavol ransomware gangs. Researchers’ analysis exposes the business-like approach the group takes to...
Google Uncovers 'Initial Access Broker' Working with Conti Ransomware Gang
Google's Threat Analysis Group TAG took the wraps off a new initial access broker that it said is closely affiliated to a Russian cyber crime gang notorious for its Conti and Diavol ransomware operations. Dubbed Exotic Lily, the financially motivated threat actor has been observed exploiting a...
OpenSSL exposed to Denial-of-service vulnerability causing Infinite Loop
THREAT LEVEL: Amber. For a detailed advisory, download the pdf file here. A security flaw exists in OpenSSL software library that could lead to a denial-of-service DoS condition when parsing certificates. The vulnerability, identified as CVE-2022-0778, arises from parsing a malformed certificate...
Attackers Escape Kubernetes Containers using “cr8escape” Vulnerability in CRI-O
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here. A flaw in CRI-O, an open-source Linux implementation of Kubernetes Container Runtime Interface CRI, was discovered that may allow an attacker to gain remote control of servers and potentially poison the container with attack...
Mustang Panda targets European diplomats using enhanced PlugX backdoor
THREAT LEVEL: Red. For a detailed advisory, download the pdf file here Mustang Panda, a Chinese cyberespionage group, has been targeting European diplomats with a revised version of the PlugX backdoor in an ongoing campaign linked to the ongoing conflict in Ukraine. The group, also known as...
CVE-2022-21194
The following Yokogawa Electric products do not change the passwords of the internal Windows accounts from the initial configuration: CENTUM VP versions from R5.01.00 to R5.04.20 and versions from R6.01.00 to R6.08.0, Exaopc versions from R3.72.00 to R3.79.00...
A man-in-the-middle attacker can inject false responses to the client's first few queries despite the use of SSL certificate verification and encryption.
...
Yokogawa Electric 信任管理问题漏洞
Yokogawa Electric is a server of Yokogawa Electric Yokogawa, a Japanese company. A security vulnerability exists in Yokogawa Electric. The vulnerability stems from Yokogawa Electric not changing the internal Windows account password from the initial configuration. The following products and...