The default privileges for the running service Normand Remisol Advance Launcher in Beckman Coulter Remisol Advance v2.0.12.1 and prior allows non-privileged users to overwrite and manipulate executables and libraries. This allows attackers to access sensitive data.
Yearly Archives: 2022
wavpack-5.5.0-2.fc35
FEDORA-2022-c9c086b06f
Packages in this update:
wavpack-5.5.0-2.fc35
Update description:
Security fix for CVE-2022-2476
wavpack-5.5.0-2.fc36
FEDORA-2022-ca2f721916
Packages in this update:
wavpack-5.5.0-2.fc36
Update description:
Security fix for CVE-2022-2476
weechat-3.6-2.el7
FEDORA-EPEL-2022-e8cd6275b1
Packages in this update:
weechat-3.6-2.el7
Update description:
Brings EPEL 7 in line with other releases, addressing security issues fixed in recent versions
python3.6-3.6.15-13.fc37
FEDORA-2022-958fd7a32e
Packages in this update:
python3.6-3.6.15-13.fc37
Update description:
Prevent denial of service (DoS) by very large integers.
python3.6-3.6.15-12.fc36
FEDORA-2022-d4570fc1a6
Packages in this update:
python3.6-3.6.15-12.fc36
Update description:
Prevent denial of service (DoS) by very large integers.
python3.6-3.6.15-6.fc35
FEDORA-2022-b8b34e62ab
Packages in this update:
python3.6-3.6.15-6.fc35
Update description:
Prevent denial of service (DoS) by very large integers.
Guilty verdict in the Uber breach case makes personal liability real for CISOs
Yesterday, a federal jury handed down a guilty verdict to Joe Sullivan, the former CSO on charges of “obstruction of the proceedings of the Federal Trade Commission and misprision of felony in connection with the attempted cover-up of a 2016 hack at Uber” according to a notice published by the Department of Justice (DOJ).
US Attorney Stephanie Hinds, upon learning of the verdict, admonished companies that are storing data as to their responsibility to also “protect that data and to alert customers and appropriate authorities when such data is stolen by hackers. Sullivan affirmatively worked to hide the data breach from the Federal Trade Commission (FTC) and took steps to prevent the hackers from being caught. We will not tolerate the concealment of important information from the public by corporate executives more interested in protecting their reputation and that of their employers than in protecting users. Where such conduct violates the federal law, it will be prosecuted.”
dbus-1.14.4-1.fc37
FEDORA-2022-b0c2f2ab74
Packages in this update:
dbus-1.14.4-1.fc37
Update description:
Update to 1.14.4
Fix CVE-2022-42010, CVE-2022-42011 and CVE-2022-42012
CVE-2022-2637
Incorrect Privilege Assignment vulnerability in Hitachi Storage Plug-in for VMware vCenter allows remote authenticated users to cause privilege escalation. This issue affects: Hitachi Storage Plug-in for VMware vCenter 04.8.0.