libtiff-4.4.0-1.fc35
https://gitlab.com/libtiff/libtiff/-/blob/master/ChangeLog
Fixed CVEs:
CVE-2022-1354
CVE-2022-1355
CVE-2022-1622
CVE-2022-1623
containerd-1.6.6-1.fc35
golang-github-containerd-cni-1.1.6-1.fc35
golang-github-containernetworking-cni-1.1.1-1.fc35
golang-x-sys-0-23.20220604gitbc2c85a.fc35
golang-x-sys: Bump to commit bc2c85ada10aa9b6aa9607e9ac9ad0761b95cf1d
golang-github-containernetworking-cni: Update to 1.1.1.
golang-github-containerd-cni: Update to 1.1.6. Fixes rhbz#2092632.
containerd: Update to 1.6.6. Mitigates GHSA-5ffw-gxpp-mxpf / CVE-2022-31030.
containerd-1.6.6-1.fc36
golang-github-containerd-cni-1.1.6-1.fc36
golang-github-containernetworking-cni-1.1.1-1.fc36
golang-x-sys-0-23.20220604gitbc2c85a.fc36
golang-x-sys: Bump to commit bc2c85ada10aa9b6aa9607e9ac9ad0761b95cf1d
golang-github-containernetworking-cni: Update to 1.1.1.
golang-github-containerd-cni: Update to 1.1.6. Fixes rhbz#2092632.
containerd: Update to 1.6.6. Mitigates GHSA-5ffw-gxpp-mxpf / CVE-2022-31030.
FortiGuard Labs is aware of a new vulnerability in Confluence Server and Data Center (CVE-2022-26134) which was reportedly exploited as a zero-day in the wild. Rated critical, successful exploitation of the vulnerability allows an unauthenticated remote attacker to execute arbitrary code on the compromised server. The vulnerability affects all supported versions of unpatched Confluence Server and Data Center.Why is this Significant?This is significant because Confluence Server and Data Center (CVE-2022-26134) was reportedly exploited as a 0-day in the wild. The vulnerability is an OGNL injection vulnerability that allows an unauthenticated remote attacker to execute arbitrary code on the compromised server.Confluence is a widely-used team workspace and collaboration tool developed by Atlassian. It is used to help teams collaborate and share knowledge via a content management system and is used by many large scale enterprise and organizations worldwide. This vulnerability does not have a CVSS score at the moment, but the ease of exploitation via an unauthenticated session and combined with remote code execution is a cause for concern.What versions of Confluence Server and Data Center are Affected by CVE-2022-26134?The advisory released by Atlassian states that the following versions are affected:All supported versions of Confluence Server and Data CenterConfluence Server and Data Center versions after 1.3.0What Malware was Deployed to the Compromised Server?It was reported that China Chopper has been deployed on to compromised servers. China Chopper is a tiny webshell that provides a remote attacker backdoor access to a compromised system.Has the Vendor Released an Advisory for CVE-2022-26134?Yes. See the Appendix for a link to “Confluence Security Advisory 2022-06-02”.Has the Vendor Released a Patch?Yes, Atlassian has released a patch on June 3rd, 2022.What is the Status of Coverage?FortiGuard Labs provides the following AV coverage against the China Chopper webshell that was reportedly deployed on known compromised Confluence servers:Java/Websh.D!trAll known network IOC’s associated with attacks leveraging CVE-2022-26134 are blocked by the FortiGuard WebFiltering Client.FortiGuard Labs is currently investigating for additional coverage against CVE-2022-26134. This Threat Signal will be updated when additional information becomes available.Any Suggested Mitigation?The advisory includes mitigation information. See the Appendix for a link to “Confluence Security Advisory 2022-06-02”.
Multiple security issues were discovered in Thunderbird, which could
result in denial of service or the execution of arbitrary code.
Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Jun 03
SEC Consult Vulnerability Lab Security Advisory < 20220602-0 >
=======================================================================
title: Multiple Memory Corruption Vulnerabilities
product: dbus-broker
vulnerable version: dbus-broker-29
fixed version: dbus-broker-31
CVE number: CVE-2022-31212, CVE-2022-31213
impact: medium
homepage:…
Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Jun 03
SEC Consult Vulnerability Lab Security Advisory < 20220601-1 >
=======================================================================
title: Authenticated Command Injection
product: Poly Studio X30, Studio X50, Studio X70, G7500
vulnerable version: 3.4.0-292042, 3.5.0-344025, 3.6.0
fixed version: 3.7.0 or higher
CVE number: CVE-2022-26481
impact: critical
homepage:…
Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Jun 03
SEC Consult Vulnerability Lab Security Advisory < 20220601-0 >
=======================================================================
title: Multiple Critical Vulnerabilities
product: Poly EagleEye Director II
vulnerable version: 2.2.1.1 (Jul 1, 2021)
fixed version: 2.2.2.1 or higher
CVE number: CVE-2022-26479, CVE-2022-26482
impact: critical
homepage:…
Posted by SEC Consult Vulnerability Lab, Research via Fulldisclosure on Jun 03
SEC Consult Vulnerability Lab Security Advisory < 20220531-0 >
=======================================================================
title: Backdoor account
product: Korenix JetPort 5601V3
vulnerable version: Firmware version 1.0
fixed version: None
CVE number: CVE-2020-12501
impact: High
homepage: https://www.korenix.com/
found: 2020-04-06…
Posted by Q C on Jun 03
[update 2022/05/30] Two CVEs have been assigned to these vulnerabilities.
CVE-2021-36613: Mikrotik RouterOs before stable 6.48.2 suffers from a
memory corruption vulnerability in the ptp process. An authenticated remote
attacker can cause a Denial of Service (NULL pointer dereference).
CVE-2021-36614: Mikrotik RouterOs before stable 6.48.2 suffers from a
memory corruption vulnerability in the tr069-client process. An
authenticated remote…
