RSS Feed

Security Advisories

6 Articles in this category

Print
Share
Dark
Light

Security Advisories

6 Articles in this category

Share
Dark
Light

Edge Filer Security Vulnerability

Vulnerability Description A vulnerability has been identified in the CTERA Edge Filer administrative interface that allows authenticated users to escalate their privileges. This vulnerability has been assessed by CTERA to hav...

Samba Vulnerability CVE-2021-44142

Vulnerability Description CVE-2021-44142 is a privilege escalation vulnerability that allows remote attackers to execute arbitrary code on affected installations of Samba. Access as a user that has write access to a file's e...

Security Vulnerability CVE-2021-4034 (Polkit (Pwnkit))

Vulnerability Description A memory corruption vulnerability has been found in polkit’s pkexec, a SUID-root program that is installed by default on every major Linux distribution. This easily exploited vulnerability allows an...

Security Vulnerability CVE-2021-44228 (Log4Shell)

The information in this article is correct as of December 16th 2021. Apache Log4j2 2.0-beta9 through 2.12.1 and 2.13.0 through 2.15.0 JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled L...

Security Vulnerability CVE-2022-0847 (Dirty Pipe ) and CVE-2022-0001 (Spectre-BHI )

Vulnerability Description The Dirty Pipe vulnerability in the Linux kernel has been around since version 5.8 and is tracked as CVE-2022-0847. This flaw discovered by Max Kellermann, abuses how the Kernel manages pages in pip...

Security Vulnerability CVE-2022-22965 and CVE-2022-22963 (Spring4Shell Zero-Day Vulnerability)

Vulnerability Description A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WA...