Intel Data Center Manager <= 5.1 Local Privileges Escalation
Posted by Julien Ahrens (RCE Security) on Dec 08 RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: Intel Data Center Manager Vendor URL: https://www.intel.com/content/www/us/en/developer/tools/data-center-manager-console/overview.html...
[CVE-2022-21225] Intel Data Center Manager Console <= 4.1 “getRoomRackData" Authenticated (Guest+) SQL Injection
Posted by Julien Ahrens (RCE Security) on Dec 08 RCE Security Advisory https://www.rcesecurity.com 1. ADVISORY INFORMATION ======================= Product: Intel Data Center Manager Vendor URL: https://www.intel.com/content/www/us/en/developer/tools/data-center-manager-console/overview.html...
DSA-5298 cacti – security update
Two security vulnerabilities have been discovered in Cacti, a web interface for graphing of monitoring systems, which could result in unauthenticated command injection or LDAP...
flatpak-runtime-f37-3720221117153339.3 flatpak-sdk-f37-3720221117153339.3
FEDORA-FLATPAK-2022-cbf2e8ae04 Packages in this update: flatpak-runtime-f37-3720221117153339.3 flatpak-sdk-f37-3720221117153339.3 Update description: Updated flatpak runtime and SDK, including latest Fedora 37 security and bug-fix errata. Read More
CVE-2022-23469
Traefik is an open source HTTP reverse proxy and load balancer. Versions prior to 2.9.6 are subject to a potential vulnerability in Traefik displaying the...
JSON-based SQL injection attacks trigger need to update web application firewalls
Security researchers have developed a generic technique for SQL injection that bypasses multiple web application firewalls (WAFs). At the core of the issue was WAF...
USN-5770-1: GCC vulnerability
Todd Eisenberger discovered that certain versions of GNU Compiler Collection (GCC) could be made to clobber the status flag of RDRAND and RDSEED with specially...
New Ransom Payment Schemes Target Executives, Telemedicine
Ransomware groups are constantly devising new methods for infecting victims and convincing them to pay up, but a couple of strategies tested recently seem especially...
US Sues TikTok Over Child Safety and Data Security Claims
The Indiana court said TikTok promoted age-restricted content regardless of a user's age Read More
USN-5769-1: protobuf vulnerabilities
It was discovered that protobuf did not properly manage memory when serializing large messages. An attacker could possibly use this issue to cause applications using...