Azure File Sync Agent v18.1 Release – June 2024 (KB5023058)

Security Update for Azure File Sync agent version 18.1.0.0. For more details, see the associated Microsoft Knowledge Base article...

Security Bulletin: Vulnerable netty classes from couchdb affecting IBM Knowledge Catalog for IBM Cloud Pak for Data

Summary There are vulnerabilities in netty classes from couchdb clouseau jar file included in IBM Knowledge Catalog. Vulnerability Details CVEID:CVE-2019-20444 DESCRIPTION: Netty is vulnerable to HTTP request smuggling, caused by a flaw in the HttpObjectDecoder.java. By sending a specially-crafte...

How to Override Volume storageClass During Export

Purpose This article documents how to configure a Veeam Kasten for Kubernetes export parameter to specify the storageClass that is created and used during exports. Solution The ExporterStorageClassName parameter can be used for namespaces that have PersistentVolumeClaims PVCs using a single...

How to ‘Transform’ Multiple Resources with Regex

Purpose Veeam Kasten makes use of the 'Transforms' feature to migrate applications between different clusters, between different storage backends, and many other use cases. Transforms enable modifications to Kubernetes resources on restore. The ability to move an application across clusters is an...

Information Disclosure in TYPO3 CMS

Failing to properly check user permission on file storages, editors could gain knowledge of protected storages and its folders as well as using them in a file collection being rendered in the frontend. A valid backend user account is needed to exploit this vulnerability...

Exposed and vulnerable: Recent attacks highlight critical need to protect internet-exposed OT devices

Since late 2023, Microsoft has observed an increase in reports of attacks focusing on internet-exposed, poorly secured operational technology OT devices. Internet-exposed OT equipment in water and wastewater systems WWS in the US were targeted in multiple attacks over the past months by different...

CVE-2024-4358

In Progress Telerik Report Server, version 2024 Q1 10.0.24.305 or earlier, on IIS, an unauthenticated attacker can gain access to Telerik Report Server restricted functionality via an authentication bypass vulnerability. Recent assessments: remmons-r7 at June 03, 2024 6:57pm UTC reported: So far,...

CVE-2024-35229

ZKsync Era is a layer 2 rollup that uses zero-knowledge proofs to scale Ethereum. Prior to version 1.3.10, there is a very specific pattern fa,b; checkifaexecutedlast in Yul that exposes a bug in evaluation order of Yul function arguments. This vulnerability has been fixed in version 1.3.10. As a...

CVE-2024-35229 ZKsync Era evaluation order of Yul function arguments

ZKsync Era is a layer 2 rollup that uses zero-knowledge proofs to scale Ethereum. Prior to version 1.3.10, there is a very specific pattern fa,b; checkifaexecutedlast in Yul that exposes a bug in evaluation order of Yul function arguments. This vulnerability has been fixed in version 1.3.10. As a...

CVE-2024-35229

CVE-2024-35229 concerns ZKSync Era (Matter Labs) prior to v1.3.10. A bug in the evaluation order of Yul function arguments is triggered by the pattern f(a(),b()); check_if_a_executed_last(), exposing a vulnerability in how arguments are evaluated. The issue has been fixed in v1.3.10. Affected dep...

CVE-2024-35229 ZKsync Era evaluation order of Yul function arguments

ZKsync Era is a layer 2 rollup that uses zero-knowledge proofs to scale Ethereum. Prior to version 1.3.10, there is a very specific pattern fa,b; checkifaexecutedlast in Yul that exposes a bug in evaluation order of Yul function arguments. This vulnerability has been fixed in version 1.3.10. As a...

Experts Find Flaw in Replicate AI Service Exposing Customers' Models and Data

Cybersecurity researchers have discovered a critical security flaw in an artificial intelligence AI-as-a-service provider Replicate that could have allowed threat actors to gain access to proprietary AI models and sensitive information. "Exploitation of this vulnerability would have allowed...

2024-05 Cumulative Update for Windows 10 Version 1809 for x86-based Systems (KB5039705)

A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article...

CVE-2024-4622

CVE-2024-4622 affects alpitronic Hypercharger EV charging devices. When credentials are left at defaults, an attacker can gain administrator access to the device via the web interface. The vulnerability is network-exposed with low attack complexity and can impact availability (HIGH) and confident...

KYKMS 安全漏洞

KYKMS is a knowledge base management system. KYKMS suffers from a cross-site scripting vulnerability that can be exploited by remote attackers to inject malicious script or HTML code, which can be used to obtain sensitive information or hijack user sessions when malicious data is viewed...

Hypercharger EV Charger 安全漏洞

The Hypercharger EV Charger is a class of high power electric vehicle EV chargers from Hypercharger. A security vulnerability exists in the Hypercharger EV Charger that stems from the use of default credentials, which allows an attacker to access the device as an administrator using public...

2024-05 Cumulative Update for Windows 11 for x64-based Systems (KB5037770)

Install this update to resolve issues in Windows. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article for more information. After you install this item, you may have to restart your computer...

2024-05 Cumulative security Hotpatch for Azure Stack HCI, version 21H2 and Windows Server 2022 Datacenter: Azure Edition for x64-based Systems (KB5037848)

Install this update to resolve issues in Windows. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article for more information...

2024-05 Cumulative Update for Windows 11 for ARM64-based Systems (KB5037770)

Install this update to resolve issues in Windows. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article for more information. After you install this item, you may have to restart your computer...

2024-05 Cumulative Update for Windows Server 2016 for x64-based Systems (KB5037763)

A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article...