Security
Headlines
HeadlinesLatestCVEs

Tag

#redis

RHBA-2022:8582: Red Hat Bug Fix Advisory: OpenShift Container Platform 4.9.52 packages update

Red Hat OpenShift Container Platform release 4.9.52 is now available with updates to packages and images that fix several bugs.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-34176: jenkins-plugin/junit: Stored XSS vulnerability in JUnit Plugin * CVE-2022-36881: jenkins-plugin: Man-in-the-Middle (MitM) in org.jenkins-ci.plugins:git-client

Red Hat Security Data
Open in Source
#xss#vulnerability#web#linux#red_hat#redis#nodejs#js#git#java#kubernetes#aws#ibm#rpm
Backdoor.Win32.Serman.a MVID-2022-0659 Unauthenticated Open Proxy

Backdoor.Win32.Serman.a malware suffers from an unauthenticated open proxy vulnerability.

Backdoor.Win32.Oblivion.01.a MVID-2022-0658 Insecure Transit

Backdoor.Win32.Oblivion.01.a malware suffers from an insecure transit vulnerability due to sending passwords in the clear over the wire.

Trojan.Win32.Platinum.gen MVID-2022-0657 Code Execution

Trojan.Win32.Platinum.gen malware suffers from a code execution vulnerability.

CVE-2022-4093: Fix sqli ->escape after ->escapeforlike · Dolibarr/dolibarr@7c1eac9

SQL injection attacks can result in unauthorized access to sensitive data, such as passwords, credit card details, or personal user information. Many high-profile data breaches in recent years have been the result of SQL injection attacks, leading to reputational damage and regulatory fines. In some cases, an attacker can obtain a persistent backdoor into an organization's systems, leading to a long-term compromise that can go unnoticed for an extended period. This affect 16.0.1 and 16.0.2 only. 16.0.0 or lower, and 16.0.3 or higher are not affected

CVE-2022-44634: S2W – Import Shopify to WooCommerce

Auth. (admin+) Arbitrary File Read vulnerability in S2W – Import Shopify to WooCommerce plugin <= 1.1.12 on WordPress.

CVE-2022-43492: Comments – wpDiscuz

Auth. (subscriber+) Insecure Direct Object References (IDOR) vulnerability in Comments – wpDiscuz plugin 7.4.2 on WordPress.

CVE-2022-44725: Unified Architecture - OPC Foundation

OPC Foundation Local Discovery Server (LDS) through 1.04.403.478 uses a hard-coded file path to a configuration file. This allows a normal user to create a malicious file that is loaded by LDS (running as a high-privilege user).

Red Hat Security Advisory 2022-8506-01

Red Hat Security Advisory 2022-8506-01 - Red Hat Satellite is a systems management tool for Linux-based infrastructure. It allows for provisioning, remote management, and monitoring of multiple Linux deployments with a single centralized tool. Issues addressed include code execution, cross site scripting, denial of service, remote SQL injection, and traversal vulnerabilities.

Red Hat Security Advisory 2022-8250-01

Red Hat Security Advisory 2022-8250-01 - The Grafana plugin for Performance Co-Pilot includes datasources for scalable time series from pmseries and Redis, live PCP metrics and bpftrace scripts from pmdabpftrace, as well as several dashboards.