Month: agosto 2022

GSON vulnerability CVE-2022-25647 Security Advisory Security Advisory Description The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the ... More info: https://support.f5.com/csp/article/K00994461?utm_source=f5support&utm_medium=RSS

by Michael Hawkins. The Mustache template library included with Moodle has been upgraded to the latest version, which includes a fix for a serious security issue.Severity/Risk:SeriousVersions affected:4.0 to 4.0.2, 3.11 to 3.11.8, 3.9 to 3.9.15 and earlier unsupported versionsVersions fixed:4.0.3, 3.11.9 and 3.9.16Reported by:Lars BonczekCVE identifier:CVE-2022-0323Changes (master):http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-75388Tracker issue:MDL-75388 More info: https://moodle.org/mod/forum/discuss.php?d=437684&parent=1761481

by Michael Hawkins. Enabling and disabling installed H5P libraries did not include the necessary token to prevent a CSRF risk.Severity/Risk:MinorVersions affected:4.0 to 4.0.2 and 3.11 to 3.11.8Versions fixed:4.0.3 and 3.11.9Reported by:Paul HoldenCVE identifier:CVE-2022-2986Changes (master):http://git.moodle.org/gw?p=moodle.git&a=search&h=HEAD&st=commit&s=MDL-75326Tracker issue:MDL-75326 CSRF risk in enabling/disabling installed H5P libraries More info: https://moodle.org/mod/forum/discuss.php?d=437685&parent=1761482

Glib vulnerability CVE-2019-14822 Security Advisory Security Advisory Description A flaw was discovered in ibus in versions before 1.5.22 that allows any unprivileged user to monitor and send ... More info: https://support.f5.com/csp/article/K70949911?utm_source=f5support&utm_medium=RSS

AV-Comparatives recently released the latest results of the Business Security Test. Out of the 18 leading cyber security vendors tested, VMware Carbon Black was the only vendor to stop 100% of Malware attacks, and that was with zero false positives. Our platform sees more and stops more attacks, and when it says something is bad or … ContinuedThe post VMware Carbon Black Achieves 100% Malware Protection and Zero False Positives in AV-Comparatives Test appeared first on VMware Security More info: https://blogs.vmware.com/security/2022/08/vmware-carbon-black-achieves-100-malware-protection-and-zero-false-positives-in-av-comparatives-test.html?utm_source=rss&utm_medium=rss&utm_campaign=vmware-carbon-black-achieves-100-malware-protection-and-zero-false-positives-in-av-comparatives-test

Poppler vulnerability CVE-2017-18267 Security Advisory Security Advisory Description The FoFiType1C::cvtGlyph function in fofi/FoFiType1C.cc in Poppler through 0.64.0 allows remote attackers to ... More info: https://support.f5.com/csp/article/K72376285?utm_source=f5support&utm_medium=RSS

Poppler vulnerability CVE-2018-10768 Security Advisory Security Advisory Description There is a NULL pointer dereference in the AnnotPath::getCoordsLength function in Annot.h in an Ubuntu package ... More info: https://support.f5.com/csp/article/K22854723?utm_source=f5support&utm_medium=RSS

Poppler vulnerability CVE-2018-13988 Security Advisory Security Advisory Description Poppler through 0.62 contains an out of bounds read vulnerability due to an incorrect memory access that is not ... More info: https://support.f5.com/csp/article/K37683194?utm_source=f5support&utm_medium=RSS

Zero trust, ransomware, and cloud smart networking security, oh my! There’s plenty to be explored this year at VMware Explore. With the event just one week away, the countdown is on. Don’t miss your chance to sign up for the premier multi-cloud event of the year. This year, 15 lucky attendees will win a Sonos … ContinuedThe post Win a Sonos Speaker at VMware Explore 2022 appeared first on VMware Security Blog. More info: https://blogs.vmware.com/security/2022/08/win-a-sonos-speaker-at-vmware-explore-2022.html?utm_source=rss&utm_medium=rss&utm_campaign=win-a-sonos-speaker-at-vmware-explore-2022

Apache Xalan Java Library vulnerability CVE-2022-34169 Security Advisory Security Advisory Description The Apache Xalan Java XSLT library is vulnerable to an integer truncation issue when ... More info: https://support.f5.com/csp/article/K42795243?utm_source=f5support&utm_medium=RSS