Security CERT Global

• Weekly Threat Report 21st January 2022
• CVE-2022-21933
• CVE-2022-0326
• Microsoft detecta un malware dirigido a organizaciones ucranianas
• Microsoft detects malware targeting Ukrainian organisations
• Vulnerabilidad XXE en productos Endress+Hauser
• Vulnerabilidad XXE en productos Endress+Hauser
• F5 udsender rettelser
• JVN: GROWIにおけるユーザ制御の鍵による認証回避の脆弱性
• CVE-2022-22990 (my_cloud_os)
• CVE-2022-0226 (live_helper_chat)
• CVE-2021-34858 (teamviewer)
• CVE-2022-21678 (discourse)
• CVE-2021-42551 (netbiblio)
• CVE-2022-23218 (glibc)
• CVE-2022-22056 (le-yan_dental_management_system)
• CVE-2022-22055 (le-yan_dental_management_system)
• CVE-2022-0178 (snipe-it)
• CVE-2021-46255 (eyoucms)
• CVE-2022-22988 (edgerover)
• CVE-2022-22888
• CVE-2022-22890
• Oracle Security Update
• Dell Security Update
• Red Hat Security Update
• McAfee Security Update
• Trend Micro Security Update
• VMware Security Update
• SUSE Security Update
• Ubuntu Security Update
• Cisco Security Update
• Huawei Security Update
• ESB-2022.0295 - [Appliance] BIG-IP: Denial of service - Remote/unauthenticated
• ESB-2022.0278 - [UNIX/Linux][SUSE] python-numpy: Denial of service - Existing account
• ESB-2022.0284 - [Appliance] BIG-IP: Denial of service - Remote/unauthenticated
• ESB-2022.0281 - [Appliance] BIG-IP AFM: Denial of service - Remote/unauthenticated
• ESB-2022.0285 - [Appliance] BIG-IP TMM and DNS profile: Denial of service - Remote/unauthenticated
• ESB-2022.0292 - [SUSE] webkit2gtk3: Multiple vulnerabilities
• ESB-2022.0282 - [Appliance] BIG-IP TMM: Denial of service - Remote/unauthenticated
• ESB-2022.0277 - python-Django and python-Django1: Multiple vulnerabilities
• ESB-2022.0296 - [Appliance] BIG-IP DNS, GTM and LTM: Reduced security - Unknown/unspecified
• ESB-2022.0286 - [Appliance] BIG-IP Configuration utility: Cross-site scripting - Existing account
• ESB-2022.0279 - [UNIX/Linux][SUSE] virglrenderer: Reduced security - Existing account
• ESB-2022.0287 - [Win][Appliance][Mac] BIG-IP Edge Client: Multiple vulnerabilities
• ESB-2022.0280 - permissions: Reduced security - Unknown/unspecified
• ESB-2022.0294 - [Appliance] BIG-IP Advanced WAF and ASM: Reduced security - Unknown/unspecified
• ESB-2022.0293 - [Appliance] BIG-IP Virtual server with FastL4: Denial of service - Remote/unauthenticated
• ESB-2022.0283 - [Appliance] BIG-IP AFM: Denial of service - Remote/unauthenticated
• ESB-2022.0291 - [SUSE] busybox: Multiple vulnerabilities
• ESB-2022.0288 - [SUSE] kubevirt,: Denial of service - Remote/unauthenticated