A vulnerability was found in KB Login Authentication Script 1.1 and classified as critical. Affected by this issue is some unknown functionality. The manipulation of the argument username/password with the input ‘or”=’ leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.
Daily Archives: July 13, 2022
CVE-2017-20126
A vulnerability was found in KB Affiliate Referral Script 1.0. It has been classified as critical. This affects an unknown part of the file /index.php. The manipulation of the argument username/password with the input ‘or”=’ leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used.
Microsoft Patches Windows Zero-Day as Attackers Exploit it in the Wild
CISA has added the bug to its Known Exploited Vulnerabilities (KEV) list
golang-1.18.4-1.fc37
FEDORA-2022-bf188fb91a
Packages in this update:
golang-1.18.4-1.fc37
Update description:
Automatic update for golang-1.18.4-1.fc37.
Changelog
* Wed Jul 13 2022 Alejandro Sáez <asm@redhat.com> – 1.18.4-1
– Update to 1.18.4
* Sun Jun 19 2022 Robert-André Mauchin <zebob.m@gmail.com> – 1.18.3-2
– Rebuilt for CVE-2022-1996, CVE-2022-24675, CVE-2022-28327, CVE-2022-27191,
CVE-2022-29526, CVE-2022-30629
Critical Industries Failing at IIoT/OT Security
93% of companies admit failure when implementing IIoT/OT security projects
Top 10 Malware June 2022
The Top 10 malware lineup for June 2022 remained consistent with May besides the return of GravityRAT, Mirai, and QakBot.
Ransomware Activity Resurges in Q2
Ransomware activity rose by 21% compared to Q1 2022, according to a new report
osbuild-composer-57-1.fc35
FEDORA-2022-99d17387ea
Packages in this update:
osbuild-composer-57-1.fc35
Update description:
Update osbuild-composer to the latest version
golang-1.18.4-1.fc36
FEDORA-2022-f6d84fa837
Packages in this update:
golang-1.18.4-1.fc36
Update description:
go1.18.4 includes security fixes to the compress/gzip, encoding/gob, encoding/xml, go/parser, io/fs, net/http, and path/filepath packages, as well as bug fixes to the compiler, the go command, the linker, the runtime, and the runtime/metrics package.
xorg-x11-server-Xwayland-21.1.4-2.fc35
FEDORA-2022-8e787b2a5c
Packages in this update:
xorg-x11-server-Xwayland-21.1.4-2.fc35
Update description:
Security fix for CVE-2022-2319/ZDI-CAN-16062, CVE-2022-2320/ZDI-CAN-16070