Cookie Consent by Free Privacy Policy Generator ๐Ÿ“Œ CVE-2022-31098

๐Ÿ  Team IT Security News

TSecurity.de ist eine Online-Plattform, die sich auf die Bereitstellung von Informationen,alle 15 Minuten neuste Nachrichten, Bildungsressourcen und Dienstleistungen rund um das Thema IT-Sicherheit spezialisiert hat.
Ob es sich um aktuelle Nachrichten, Fachartikel, Blogbeitrรคge, Webinare, Tutorials, oder Tipps & Tricks handelt, TSecurity.de bietet seinen Nutzern einen umfassenden รœberblick รผber die wichtigsten Aspekte der IT-Sicherheit in einer sich stรคndig verรคndernden digitalen Welt.

16.12.2023 - TIP: Wer den Cookie Consent Banner akzeptiert, kann z.B. von Englisch nach Deutsch รผbersetzen, erst Englisch auswรคhlen dann wieder Deutsch!

Google Android Playstore Download Button fรผr Team IT Security



๐Ÿ“š CVE-2022-31098


๐Ÿ’ก Newskategorie: Sicherheitslรผcken
๐Ÿ”— Quelle: web.nvd.nist.gov

Weave GitOps is a simple open source developer platform for people who want cloud native applications, without needing Kubernetes expertise. A vulnerability in the logging of Weave GitOps could allow an authenticated remote attacker to view sensitive cluster configurations, aka KubeConfg, of registered Kubernetes clusters, including the service account tokens in plain text from Weave GitOps's pod logs on the management cluster. An unauthorized remote attacker can also view these sensitive configurations from external log storage if enabled by the management cluster. This vulnerability is due to the client factory dumping cluster configurations and their service account tokens when the cluster manager tries to connect to an API server of a registered cluster, and a connection error occurs. An attacker could exploit this vulnerability by either accessing logs of a pod of Weave GitOps, or from external log storage and obtaining all cluster configurations of registered clusters. A successful exploit could allow the attacker to use those cluster configurations to manage the registered Kubernetes clusters. This vulnerability has been fixed by commit 567356f471353fb5c676c77f5abc2a04631d50ca. Users should upgrade to Weave GitOps core version v0.8.1-rc.6 or newer. There is no known workaround for this vulnerability. ...



๐Ÿ“Œ Bugtraq: Advisory - Sourcetree - CVE-2017-14592 CVE-2017-14593 CVE-2017-14592 CVE-2017-17831


๐Ÿ“ˆ 4.71 Punkte

๐Ÿ“Œ Bugtraq: CVE-2016-9277,CVE-2016-9966,CVE-2016-9967: Possible Privilege Escalation in telecom


๐Ÿ“ˆ 3.53 Punkte

๐Ÿ“Œ Bugtraq: CVE-2016-9277,CVE-2016-9966,CVE-2016-9967: Possible Privilege Escalation in telecom


๐Ÿ“ˆ 3.53 Punkte

๐Ÿ“Œ Multiple Security Updates Affecting TCP/IP:โ€ฏ CVE-2021-24074, CVE-2021-24094, and CVE-2021-24086


๐Ÿ“ˆ 3.53 Punkte

๐Ÿ“Œ Multiple Security Updates Affecting TCP/IP:โ€ฏ CVE-2021-24074, CVE-2021-24094, and CVE-2021-24086


๐Ÿ“ˆ 3.53 Punkte

๐Ÿ“Œ Microsoft patches three exploited zero-days (CVE-2023-21715, CVE-2023-23376, CVE-2023-21823)


๐Ÿ“ˆ 3.53 Punkte

๐Ÿ“Œ Multiple Security Updates Affecting TCP/IP:โ€ฏ CVE-2021-24074, CVE-2021-24094, and CVE-2021-24086


๐Ÿ“ˆ 3.53 Punkte

๐Ÿ“Œ Bugtraq: CVE-2015-7944, CVE-2015-7945 - Ganeti Security Advisory (DoS, Unauthenticated Info Leak)


๐Ÿ“ˆ 2.35 Punkte

๐Ÿ“Œ Bugtraq: Qualys Security Advisory - Roaming through the OpenSSH client: CVE-2016-0777 and CVE-2016-0778


๐Ÿ“ˆ 2.35 Punkte

๐Ÿ“Œ [papers] - Roaming Through the OpenSSH Client: CVE-2016-0777 and CVE-2016-0778


๐Ÿ“ˆ 2.35 Punkte

๐Ÿ“Œ Bugtraq: [CVE-2016-0602, CVE-2016-0603] Executable installers are vulnerable^WEVIL (case 24): Oracle Java 6/7/8 SE and VirtualBox


๐Ÿ“ˆ 2.35 Punkte

๐Ÿ“Œ Bugtraq: Re: [FD] [CVE-2016-0602, CVE-2016-0603] Executable installers are vulnerable^WEVIL (case 24): Oracle Java 6/7/8 SE and VirtualBox


๐Ÿ“ˆ 2.35 Punkte

๐Ÿ“Œ Bugtraq: CVE-2015-0061 and CVE-2015-0063 (MS16-009/MS16-011)


๐Ÿ“ˆ 2.35 Punkte

๐Ÿ“Œ Bugtraq: [CVE-2016-1014, CVE-2016-4247] Executable installers are vulnerable^WEVIL (case 35): Adobe's Flash Player (un)installers


๐Ÿ“ˆ 2.35 Punkte

๐Ÿ“Œ Bugtraq: MySQL / MariaDB / PerconaDB - Root Privilege Escalation Exploit ( CVE-2016-6664 / CVE-2016-5617 )


๐Ÿ“ˆ 2.35 Punkte

๐Ÿ“Œ Bugtraq: PHPMailer < 5.2.20 Remote Code Execution PoC 0day Exploit (CVE-2016-10045) (Bypass of the CVE-2016-1033 patch)


๐Ÿ“ˆ 2.35 Punkte

๐Ÿ“Œ Bugtraq: CVE-2015-7944, CVE-2015-7945 - Ganeti Security Advisory (DoS, Unauthenticated Info Leak)


๐Ÿ“ˆ 2.35 Punkte

๐Ÿ“Œ Bugtraq: Qualys Security Advisory - Roaming through the OpenSSH client: CVE-2016-0777 and CVE-2016-0778


๐Ÿ“ˆ 2.35 Punkte

๐Ÿ“Œ [papers] - Roaming Through the OpenSSH Client: CVE-2016-0777 and CVE-2016-0778


๐Ÿ“ˆ 2.35 Punkte

๐Ÿ“Œ Bugtraq: [CVE-2016-0602, CVE-2016-0603] Executable installers are vulnerable^WEVIL (case 24): Oracle Java 6/7/8 SE and VirtualBox


๐Ÿ“ˆ 2.35 Punkte

๐Ÿ“Œ Bugtraq: Re: [FD] [CVE-2016-0602, CVE-2016-0603] Executable installers are vulnerable^WEVIL (case 24): Oracle Java 6/7/8 SE and VirtualBox


๐Ÿ“ˆ 2.35 Punkte

๐Ÿ“Œ Bugtraq: CVE-2015-0061 and CVE-2015-0063 (MS16-009/MS16-011)


๐Ÿ“ˆ 2.35 Punkte

๐Ÿ“Œ Bugtraq: [CVE-2016-1014, CVE-2016-4247] Executable installers are vulnerable^WEVIL (case 35): Adobe's Flash Player (un)installers


๐Ÿ“ˆ 2.35 Punkte

๐Ÿ“Œ Bugtraq: MySQL / MariaDB / PerconaDB - Root Privilege Escalation Exploit ( CVE-2016-6664 / CVE-2016-5617 )


๐Ÿ“ˆ 2.35 Punkte

๐Ÿ“Œ Bugtraq: PHPMailer < 5.2.20 Remote Code Execution PoC 0day Exploit (CVE-2016-10045) (Bypass of the CVE-2016-1033 patch)


๐Ÿ“ˆ 2.35 Punkte

๐Ÿ“Œ Bugtraq: Multiple Vulnerabilities in ASUS Routers [CVE-2017-5891 and CVE-2017-5892]


๐Ÿ“ˆ 2.35 Punkte

๐Ÿ“Œ Is CVE-2017-0199 the new CVE-2012-0158?


๐Ÿ“ˆ 2.35 Punkte

๐Ÿ“Œ Bugtraq: Datto Windows Agent 1.0.5.0 Remote Command Execution [CVE-2017-16673][CVE-2017-16674]


๐Ÿ“ˆ 2.35 Punkte

๐Ÿ“Œ Bugtraq: Advisory - Bamboo - CVE-2017-14589 CVE-2017-14590


๐Ÿ“ˆ 2.35 Punkte

๐Ÿ“Œ Bugtraq: Multiple vulnerabilities in TP-Link products(CVE-2017-15613 to CVE-2017-15637)


๐Ÿ“ˆ 2.35 Punkte

๐Ÿ“Œ Bugtraq: [CVE-2018-3667, CVE-2018-3668] Escalation of priviilege via executable installer of Intel Processor Diagnostic Tool


๐Ÿ“ˆ 2.35 Punkte

๐Ÿ“Œ Mozilla Firefox CVE-2007-2175 memory corruption [CVE-2007-2176]


๐Ÿ“ˆ 2.35 Punkte

๐Ÿ“Œ Loading up a pair of Qt bugs: Detailing CVE-2019-1636 and CVE-2019-6739


๐Ÿ“ˆ 2.35 Punkte

๐Ÿ“Œ flatpak: CVE-2019-8308: vulnerability similar to runc CVE-2019-5736 involving /proc/self/exe


๐Ÿ“ˆ 2.35 Punkte











matomo