➠ CVE-2022-38108 | SolarWinds Orion Platform/Platform prior 2022.4 RC1 Web Console deserialization
A vulnerability, which was classified as critical, was found in SolarWinds Orion Platform and Platform. Affected is an unknown function of the component Web Console. The manipulation leads to deserialization. This vulnerability is traded as CVE-2022-38108. It is possible to launch the attack remotely. There is no exploit available. It is recommended to upgrade the affected component....
Zur Startseite
➤ Ähnliche Beiträge für 'CVE-2022-38108 | SolarWinds Orion Platform/Platform prior 2022.4 RC1 Web Console deserialization'
JavaScript Console Methods: Beyond console.log()
vom 1407.39 Punkte
As a JavaScript developer, you are likely familiar with the console.log() method. This method is used to output messages to the browser console, which is an essential tool for debugging and troubleshooting your code. However, console.log() is just one of many console
AA20-352A: Advanced Persistent Threat Compromise of Government Agencies, Critical Infrastructure, and Private Sector Organizations
vom 1343.84 Punkte
Original release date: December 17, 2020<br/><h3>Summary</h3><p class="tip-intro" style="font-size: 15px;"><em>This Alert uses the MITRE Adversarial Tactics, Techniques, and Common Knowledge (ATT&CK®) version 8 framework.
The April 2022 Security Update Review
vom 696.29 Punkte
Another Patch Tuesday is upon, and Adobe and Microsoft have released a bevy of new security updates. Take a break from your regularly scheduled activities and join us as we review the details of their latest security offerings.Adobe Patches for April 2022For April, Ad
The August 2022 Security Update Review
vom 670.86 Punkte
It’s the second Tuesday of the month, and the last second Tuesday before Black Hat and DEFCON, which means Microsoft and Adobe have released their latest security fixes. Take a break from packing (if you’re headed to hacker summer camp) or your nor
Solarflare - SolarWinds Orion Account Audit / Password Dumping Utility
vom 658.69 Punkte
Credential Dumping Tool for SolarWinds Orion Blog post: https://malicious.link/post/2020/solarflare-release-password-dumper-for-solarwinds-orion/Credit to @asolino, @gentilkiwi, and @skelsec for helping me figuring out DPAPI. ============================
Finding Deserialization Bugs in the SolarWinds Platform
vom 656 Punkte
It’s been a while since I have written a blog post, please accept my sincerest apologies. This is because a lot of fun stuff that I’ve recently done is going to be presented during conferences.Please treat this post as a small introduction to my
2022 Top Routinely Exploited Vulnerabilities
vom 620.28 Punkte
SUMMARY
The following cybersecurity agencies coauthored this joint Cybersecurity Advisory (CSA):
United States: The Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), and Federal Bureau of Investigation (FBI)
Australia:
USN-3415-1: tcpdump vulnerabilities
vom 594.18 Punkte
Ubuntu Security Notice USN-3415-1
13th September, 2017
tcpdump vulnerabilities
A security issue affects these releases of Ubuntu and its
derivatives:
Ubuntu 17.04
Ubuntu 16.04 LTS
Ubuntu 14.04 LTS
Summary
Several security issues were fixe
USN-3415-2: tcpdump vulnerabilities
vom 594.18 Punkte
Ubuntu Security Notice USN-3415-2
13th September, 2017
tcpdump vulnerabilities
A security issue affects these releases of Ubuntu and its
derivatives:
Ubuntu 12.04 LTS
Summary
Several security issues were fixed in tcpdump
Software description
tcpdump
Solorigate: SolarWinds Orion Compromise Overview
vom 571.55 Punkte
On 13th December 2020, it came to light SolarWinds IT systems were compromised by hackers between March 2020 and June 2020. SolarWinds provides software to help organisations manage their IT networking infrastructure. The attackers exploited their SolarWinds IT access to covertly insert a vulnerability, coined 'Solorigate' or 'Sunburst', within the SolarWinds Orion platform software builds. The fol
Improving Cumulative Layout Shift at Telegraph Media Group
vom 560.34 Punkte
Chris is a principal software engineer at The Telegraph.
The visual stability challenge #
Layout shifts can be very disruptive. At Telegraph Media Group (TMG) visual stability
is particularly important because readers predominantly use our applicat
CVE-2022-38108: RCE in SolarWinds Network Performance Monitor
vom 548.8 Punkte
In this excerpt of a Trend Micro Vulnerability Research Service vulnerability report, Justin Hong and Lucas Miller of the Trend Micro Research Team detail a recently patched remote code execution vulnerability in the SolarWinds Network Performance Mon