BIND vulnerability CVE-2022-0396 Security Advisory Security Advisory Description BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported Preview Edition.
More info:
https://support.f5.com/csp/article/K56105136?utm_source=f5support&utm_medium=RSS
mod_session vulnerability CVE-2021-26691 Security Advisory Security Advisory Description In Apache HTTP Server versions 2.4.0 to 2.4.46 a specially crafted SessionHeader sent by an origin server ...
More info:
https://support.f5.com/csp/article/K32305110?utm_source=f5support&utm_medium=RSS
As a United States Marine one of the sayings burned into the fabric of my soul is “Stay positive Marine”. In boot camp this was “stay positive recruit” and you would hear it repeatedly. On a mildly irritating day to have someone suddenly yell “stay positive” lands like an insult almost. Now magnify it by … ContinuedThe post Stay Positive appeared first on VMware Security Blog.
More info:
https://blogs.vmware.com/security/2022/04/stay-positive.html?utm_source=rss&utm_medium=rss&utm_campaign=stay-positive
mod_auth_digest vulnerability CVE-2020-35452 Security Advisory Security Advisory Description Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow ...
More info:
https://support.f5.com/csp/article/K27129140?utm_source=f5support&utm_medium=RSS
RubyGems vulnerability CVE-2017-0903 Security Advisory Security Advisory Description RubyGems versions between 2.0.0 and 2.6.13 are vulnerable to a possible remote code execution vulnerability.
More info:
https://support.f5.com/csp/article/K91125274?utm_source=f5support&utm_medium=RSS
This article was authored by Stephane List, Abby Costin, and Ram Akuka Container Security Challenges Vulnerability management has never been more important than it is with cloud-native technologies and containers. While cloud native technology offers agility and innovation, attackers take advantage of some of the risks that come with container adoption. These challenges with container … ContinuedThe post Why Vulnerability Management is Key to Your Container Security Strategy appeared
More info:
https://blogs.vmware.com/security/2022/04/why-vulnerability-management-is-key-to-your-container-security-strategy.html?utm_source=rss&utm_medium=rss&utm_campaign=why-vulnerability-management-is-key-to-your-container-security-strategy
Intel processor vulnerability CVE-2021-33150 Security Advisory Security Advisory Description Hardware allows activation of test or debug logic at runtime for some Intel(R) Trace Hub instances ...
More info:
https://support.f5.com/csp/article/K59395527?utm_source=f5support&utm_medium=RSS
NGINX LDAP Reference Implementation security exposure Security Advisory Security Advisory Description NGINX LDAP reference implementation configuration can be modified by sending crafted HTTP ...
More info:
https://support.f5.com/csp/article/K11455641?utm_source=f5support&utm_medium=RSS
The cybersecurity battle continues on a global level. Tom Kellermann, head of cybersecurity at VMware, shares his insights on the latest security threats, cyber crime cartels, defensive best practices and more on the Virtually Speaking podcast. Listen to this compelling discussion on recent global cyber threat activities and how all organizations need to be proactive … ContinuedThe post Podcast: Discussing the latest security threats and threat actors – Tom Kellermann (Virtually
More info:
https://blogs.vmware.com/security/2022/04/cybersecurity-podcast-tom-kellermann-global-threats.html?utm_source=rss&utm_medium=rss&utm_campaign=cybersecurity-podcast-tom-kellermann-global-threats
Initial Publication Date: 2022/04/12 15:30 PST AWS is aware of the issues described in CVE-2022-25165 and CVE-2022-25166 relating to the AWS-provided Desktop VPN Client for Windows. These issues affect only client versions 2.0.0 and below; they have been addressed in version 3.0.0 and above. Note that these issues require existing code execution privileges and file access on the system running Desktop VPN Client for Windows. We recommend that customers upgrade to the latest version immediately
More info:
https://aws.amazon.com/security/security-bulletins/AWS-2022-005/
