mailcow before 2022-05d allows a remote authenticated user to inject OS commands and escalate privileges to domain admin via the --debug option in conjunction with the ---PIPEMESS option in Sync Jobs. (CVSS:9.0) (Last Update:2022-06-02)
http://dlvr.it/SRWvfv
Thursday, June 2, 2022
Subscribe to:
Post Comments (Atom)
Critical OAuth Vulnerability in Expo Framework Allows Account Hijacking
A critical security vulnerability has been disclosed in the Open Authorization (OAuth) implementation of the application development framewo...

-
Laravel 9.1.8, when processing attacker-controlled data for deserialization, allows Remote Code Execution via an unserialize pop chain in __...
-
Cybersecurity quarterly benchmarks: Q1, 2022 Cybersecurity Dive http://dlvr.it/SPdcjS
-
NCUA cyber breach rule would give credit unions longer reporting window than banks Banking Dive http://dlvr.it/SVVF51
No comments:
Post a Comment