Linux kernel vulnerability CVE-2022-27666 Security Advisory Security Advisory Description A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/ ...
More info:
https://support.f5.com/csp/article/K53648360?utm_source=f5support&utm_medium=RSS
Multiple elfutils vulnerabilities Security Advisory Security Advisory Description CVE-2018-16062 dwarf_getaranges in dwarf_getaranges.c in libdw in elfutils before 2018-08-18 allows remote ...
More info:
https://support.f5.com/csp/article/K21426934?utm_source=f5support&utm_medium=RSS
Glib vulnerabilities CVE-2018-10767, CVE-2019-12450, and CVE-2019-19126 Security Advisory Security Advisory Description CVE-2018-10767 There is a stack-based buffer over-read in calling GLib in ...
More info:
https://support.f5.com/csp/article/K18407453?utm_source=f5support&utm_medium=RSS
Cognito Software Moneyworks vulnerability CVE-2017-9615 Security Advisory Security Advisory Description Password exposure in Cognito Software Moneyworks 8.0.3 and earlier allows attackers to gain ...
More info:
https://support.f5.com/csp/article/K19356280?utm_source=f5support&utm_medium=RSS
A version of this article was published on the VMware News & Stories There has been a fundamental restructuring of cybercrime cartels thanks to a booming dark web economy of scale. Powerful cybercriminal groups now operate like multinational corporations and are relied upon by traditional crime syndicates to carry out illegal activities such as extortion … ContinuedThe post Modern Bank Heists 5.0: The Escalation from Dwell to Destruction appeared first on VMware Security Blog.
More info:
https://blogs.vmware.com/security/2022/04/modern-bank-heists-5-0-the-escalation-from-dwell-to-destruction.html?utm_source=rss&utm_medium=rss&utm_campaign=modern-bank-heists-5-0-the-escalation-from-dwell-to-destruction
Qt vulnerabilities CVE-2018-19869, CVE-2018-19870, CVE-2018-19871, and CVE-2018-19873 Security Advisory Security Advisory Description CVE-2018-19869 An issue was discovered in Qt before 5.11.3. A ...
More info:
https://support.f5.com/csp/article/K08037765?utm_source=f5support&utm_medium=RSS
Multiple Ruby vulnerabilities Security Advisory Security Advisory Description CVE-2018-1000073 RubyGems version Ruby 2.2 series: 2.2.9 and earlier, Ruby 2.3 series: 2.3.6 and earlier, Ruby 2.4 ...
More info:
https://support.f5.com/csp/article/K84262603?utm_source=f5support&utm_medium=RSS
389-ds-base vulnerability CVE-2021-4091 Security Advisory Security Advisory Description A double-free was found in the way 389-ds-base handles virtual attributes context in persistent searches. An ...
More info:
https://support.f5.com/csp/article/K15244523?utm_source=f5support&utm_medium=RSS
Project: Drupal coreDate: 2022-April-20Security risk: Moderately critical 12∕25 AC:Basic/A:User/CI:Some/II:Some/E:Theoretical/TD:UncommonVulnerability: Improper input validationDescription: Drupal cores form API has a vulnerability where certain contributed or custom modules forms may be vulnerable to improper input validation. This could allow an attacker to inject disallowed values or overwrite data. Affected forms are uncommon, but in certain cases an attacker could alter critical or
More info:
https://www.drupal.org/sa-core-2022-008
Project: Drupal coreDate: 2022-April-20Security risk: Moderately critical 13∕25 AC:Basic/A:User/CI:Some/II:Some/E:Theoretical/TD:DefaultVulnerability: Access bypassDescription: Drupal 9.3 implemented a generic entity access API for entity revisions. However, this API was not completely integrated with existing permissions, resulting in some possible access bypass for users who have access to use revisions of content generally, but who do not have access to individual items of node and
More info:
https://www.drupal.org/sa-core-2022-009
