93 matches found
EUVD-2020-25273
Malware in sbrugna...
EUVD-2021-9153
Malicious code in bioql PyPI...
EUVD-2022-28074
Malicious code in bioql PyPI...
EUVD-2022-28075
Malicious code in bioql PyPI...
EUVD-2023-25037
Malicious code in bioql PyPI...
EUVD-2021-9168
Malicious code in bioql PyPI...
CVE-2022-22951
VMware Carbon Black App Control 8.5.x prior to 8.5.14, 8.6.x prior to 8.6.6, 8.7.x prior to 8.7.4 and 8.8.x prior to 8.8.2 contains an OS command injection vulnerability. An authenticated, high privileged malicious actor with network access to the VMware App Control administration interface may b...
CVE-2021-21998
VMware Carbon Black App Control 8.0, 8.1, 8.5 prior to 8.5.8, and 8.6 prior to 8.6.2 has an authentication bypass. A malicious actor with network access to the VMware Carbon Black App Control management server might be able to obtain administrative access to the product without the need to...
CVE-2021-21982
VMware Carbon Black Cloud Workload appliance 1.0.0 and 1.01 has an authentication bypass vulnerability that may allow a malicious actor with network access to the administrative interface of the VMware Carbon Black Cloud Workload appliance to obtain a valid authentication token. Successful...
VMware Carbon Black App Control SEoL (<= 8.1.x)
According to its version, VMware Carbon Black App Control is less than or equal to 8.1.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security...
VMware Carbon Black App Control SEoL (8.5.x)
According to its version, VMware Carbon Black App Control is 8.5.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities...
VMware Carbon Black App Control SEoL (8.9.x)
According to its version, VMware Carbon Black App Control is 8.9.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities...
VMware Carbon Black App Control SEoL (8.6.x)
According to its version, VMware Carbon Black App Control is 8.6.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities...
VMware Carbon Black App Control SEoL (8.7.x)
According to its version, VMware Carbon Black App Control is 8.7.x. It is, therefore, no longer maintained by its vendor or provider. Lack of support implies that no new security patches for the product will be released by the vendor. As a result, it may contain security vulnerabilities...
Actors, Threats and Vulnerabilities 20 February to 26 February 2023
For a detailed threat digest, download the pdf file here Summary For a detailed threat digest, download the pdf file here HiveForce Labs has identified five active threat actors over the past week. The Earth Kitsune APT and Lazarus Group are North Korean-based cybercrime groups that focus on...
VMware Carbon Black App Control 8.7 < 8.7.8 / 8.8 < 8.8.6 / 8.9 < 8.9.4 Injection (VMSA-2023-0004)
VMware Carbon Black App Control management server is affected by an injection vulnerability. A malicious actor with privileged access to the App Control administration console may be able to use specially crafted input allowing access to the underlying server operating system. Note that Nessus ha...
CVE-2023-20858
VMware Carbon Black App Control 8.7.x prior to 8.7.8, 8.8.x prior to 8.8.6, and 8.9.x.prior to 8.9.4 contain an injection vulnerability. A malicious actor with privileged access to the App Control administration console may be able to use specially crafted input allowing access to the underlying...
VMware Carbon Black App Control 8.5.x < 8.5.14 / 8.6.x < 8.6.6 / 8.7 < 8.7.4 / 8.8 < 8.8.2 Multiple Vulnerabilities (VMSA-2022-0008)
Multiple vulnerabilities exist in the VMware Carbon Black App Control management server, as follows: - VMware Carbon Black App Control 8.5.x prior to 8.5.14, 8.6.x prior to 8.6.6, 8.7.x prior to 8.7.4 and 8.8.x prior to 8.8.2 contains an OS command injection vulnerability. An authenticated, high...
The vulnerability of the administration interface of the server for managing VMware Carbon Black App Control allows a perpetrator to execute arbitrary code.
The vulnerability of the administration interface of the VMware Carbon Black App Control server relates to the unlimited loading of dangerous files. Exploiting this vulnerability allows a remote attacker to execute arbitrary code by loading a specially crafted file...
Unrestricted file upload
VMware Carbon Black App Control 8.5.x prior to 8.5.14, 8.6.x prior to 8.6.6, 8.7.x prior to 8.7.4 and 8.8.x prior to 8.8.2 contains a file upload vulnerability. A malicious actor with administrative access to the VMware App Control administration interface may be able to execute code on the Windo...