di Michael Hawkins. Insufficient capability checks could allow users with the moodle/site:uploadusers capability to delete users, without having the necessary moodle/user:delete capability.Severity/Risk:MinorVersions affected:3.11 to 3.11.5, 3.10 to 3.10.9, 3.9 to 3.9.12 and earlier unsupported versionsVersions fixed:3.11.6, 3.10.10 and 3.9.13Reported by:Chris PrattWorkaround:Remove the moodle/site:uploadusers capability from users who do not also have the moodle/user:delete capability, until
More info:
https://moodle.org/mod/forum/discuss.php?d=432948&parent=1742074
di Michael Hawkins. The PHPMailer library included with Moodle has been upgraded to the latest version, which includes security fixes.Severity/Risk:MinorVersions affected:3.11 to 3.11.5, 3.10 to 3.10.9, 3.9 to 3.9.12 and earlier unsupported versionsVersions fixed:3.11.6, 3.10.10 and 3.9.13Reported by:Sara Arjona (@sarjona)CVE identifier:N/AChanges (master):http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-71703Tracker issue:MDL-71703 Upgrade PHPMailer to
More info:
https://moodle.org/mod/forum/discuss.php?d=432950&parent=1742077
RSA Conference 2022 is returning to San Francisco (June 6-9) as a live event but will also offer a digital option as well. VMware is excited to be a marquee sponsor at RSA 2022 as top cybersecurity leaders and a dedicated community of peers come together to exchange the biggest ideas that will move our … ContinuedThe post VMware at RSA 2022 – Helping to Transform Security appeared first on VMware Security Blog.
More info:
https://blogs.vmware.com/security/2022/05/vmware-at-rsa-2022-helping-to-transform-security.html?utm_source=rss&utm_medium=rss&utm_campaign=vmware-at-rsa-2022-helping-to-transform-security
Apache HTTP Server vulnerability CVE-2022-22720 Security Advisory Security Advisory Description Apache HTTP Server 2.4.52 and earlier fails to close inbound connection when errors are encountered ...
More info:
https://support.f5.com/csp/article/K67090077?utm_source=f5support&utm_medium=RSS
Greetings from VMware Security Response Center!! We’re excited to share that VMware will be part of the 2022 Pwn2Own Contest on May 18th-20th 2022 in Vancouver, Canada. Unlike last year/recent years, where we participated from our home offices, we get the opportunity to return in-person to validate any demonstrations of a VMescape. We will have … ContinuedThe post VMware and Pwn2Own Vancouver 2022 appeared first on VMware Security Blog.
More info:
https://blogs.vmware.com/security/2022/05/vmware-and-pwn2own-vancouver-2022.html?utm_source=rss&utm_medium=rss&utm_campaign=vmware-and-pwn2own-vancouver-2022
RSA Conference 2022 is returning to San Francisco (June 6-9) as a live event but will also offer a digital option as well. VMware is excited to be a marque sponsor at RSA 2022 as top cybersecurity leaders and a dedicated community of peers come together to exchange the biggest ideas that will move our … ContinuedThe post VMware at RSA 2022 – Helping to Transform Security appeared first on VMware Security Blog.
More info:
https://blogs.vmware.com/security/2022/05/vmware-at-rsa-2022-helping-to-transform-security.html?utm_source=rss&utm_medium=rss&utm_campaign=vmware-at-rsa-2022-helping-to-transform-security
MySQL vulnerability CVE-2022-21436 Security Advisory Security Advisory Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that ...
More info:
https://support.f5.com/csp/article/K61254009?utm_source=f5support&utm_medium=RSS
MySQL Server Optimizer vulnerability CVE-2022-21437 Security Advisory Security Advisory Description Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer).
More info:
https://support.f5.com/csp/article/K13044333?utm_source=f5support&utm_medium=RSS
Java vulnerability CVE-2022-21449 Security Advisory Security Advisory Description Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: ...
More info:
https://support.f5.com/csp/article/K45356577?utm_source=f5support&utm_medium=RSS
Linux kernel vulnerability CVE-2020-25671 Security Advisory Security Advisory Description A vulnerability was found in Linux Kernel, where a refcount leak in llcp_sock_connect() causing use-after- ...
More info:
https://support.f5.com/csp/article/K04454621?utm_source=f5support&utm_medium=RSS
