Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Merge main to spider/vigilance #21

Merged
merged 3 commits into from
Jul 30, 2022
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension


Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
48 changes: 24 additions & 24 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@

## CyberOwl
![cyberowl](docs/images/logo.png)
> Last Updated 29/07/2022 21:13:44 UTC
> Last Updated 30/07/2022 12:28:01 UTC

A daily updated summary of the most frequent types of security incidents currently being reported from different sources.

Expand Down Expand Up @@ -30,6 +30,29 @@ A daily updated summary of the most frequent types of security incidents current
| [Cisco Releases Security Updates for Multiple Products](https://www.cisa.gov/uscert/ncas/current-activity/2022/07/22/cisco-releases-security-updates-multiple-products) | <p>Cisco has released security updates to address vulnerabilities in multiple products. Some of these vulnerabilities could allow a remote attacker to execute take control of an affected system. For updates addressing lower severity vulnerabilities, see the <a href="https://tools.cisco.com/security/center/publicationListing.x">Cisco Security Advisories page</a>. </p> | Friday, July 22, 2022 |
| [Atlassian Releases Security Advisory for Questions for Confluence App, CVE-2022-26138](https://www.cisa.gov/uscert/ncas/current-activity/2022/07/22/atlassian-releases-security-advisory-questions-confluence-app-cve) | <p>Atlassian has released a security advisory to address a vulnerability (CVE-2022-26138) affecting Questions for Confluence App. An attacker could exploit this vulnerability to obtain sensitive information. Atlassian reports that the vulnerability is likely to be exploited in the wild.</p> | Friday, July 22, 2022 |
---
### IBMCloud [:arrow_heading_up:](#cyberowl)
|Title|Description|Date|
|---|---|---|
| [Western Digital Sweet B denial of service (CVE-2022-23004)](https://exchange.xforce.ibmcloud.com/activity/list?filter=Vulnerabilities) | Visit link for details | Jul 29, 2022 |
| [Western Digital Sweet B denial of service (CVE-2022-23003)](https://exchange.xforce.ibmcloud.com/activity/list?filter=Vulnerabilities) | Visit link for details | Jul 29, 2022 |
| [Western Digital Sweet B denial of service (CVE-2022-23002)](https://exchange.xforce.ibmcloud.com/activity/list?filter=Vulnerabilities) | Visit link for details | Jul 29, 2022 |
| [Western Digital Sweet B denial of service (CVE-2022-23001)](https://exchange.xforce.ibmcloud.com/activity/list?filter=Vulnerabilities) | Visit link for details | Jul 29, 2022 |
| [Schneider Electric SpaceLogic C-Bus Home Controller command execution](https://exchange.xforce.ibmcloud.com/activity/list?filter=Vulnerabilities) | Visit link for details | Jul 29, 2022 |
| [Carel pCOWeb HVAC BACnet Gateway directory traversal](https://exchange.xforce.ibmcloud.com/activity/list?filter=Vulnerabilities) | Visit link for details | Jul 29, 2022 |
| [Geonetwork XML external entity injection](https://exchange.xforce.ibmcloud.com/activity/list?filter=Vulnerabilities) | Visit link for details | Jul 29, 2022 |
---
### ZeroDayInitiative [:arrow_heading_up:](#cyberowl)
|Title|Description|Date|
|---|---|---|
| [Autodesk Desktop App Link Following Local Privilege Escalation Vulnerability](https://www.zerodayinitiative.com/advisories/ZDI-22-1035/) | Visit link for details | July 29, 2022 |
| [Autodesk Desktop App Link Following Local Privilege Escalation Vulnerability](https://www.zerodayinitiative.com/advisories/ZDI-22-1034/) | Visit link for details | July 29, 2022 |
| [Trend Micro Apex One Security Agent Link Following Local Privilege Escalation Vulnerability](https://www.zerodayinitiative.com/advisories/ZDI-22-1033/) | Visit link for details | July 28, 2022 |
| [EnterpriseDT CompleteFTP Server HttpFile Directory Traversal Arbitrary File Deletion Vulnerability](https://www.zerodayinitiative.com/advisories/ZDI-22-1032/) | Visit link for details | July 28, 2022 |
| [OPC Labs QuickOPC Connectivity Explorer Deserialization of Untrusted Data Remote Code Execution Vulnerability](https://www.zerodayinitiative.com/advisories/ZDI-22-1031/) | Visit link for details | July 28, 2022 |
| [(Pwn2Own) Unified Automation OPC UA C++ Improper Update of Reference Count Denial-of-Service Vulnerability](https://www.zerodayinitiative.com/advisories/ZDI-22-1030/) | Visit link for details | July 28, 2022 |
| [(Pwn2Own) Unified Automation OPC UA C++ Infinite Loop Denial-of-Service Vulnerability](https://www.zerodayinitiative.com/advisories/ZDI-22-1029/) | Visit link for details | July 28, 2022 |
| [Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability](https://www.zerodayinitiative.com/advisories/ZDI-22-1028/) | Visit link for details | July 28, 2022 |
---
### CERT-FR [:arrow_heading_up:](#cyberowl)
|Title|Description|Date|
|---|---|---|
Expand All @@ -44,17 +67,6 @@ A daily updated summary of the most frequent types of security incidents current
| [Multiples vuln�rabilit�s dans le noyau Linux de Debian](https://www.cert.ssi.gouv.fr/avis/CERTFR-2022-AVI-687/) | De multiples vuln�rabilit�s ont �t� d�couvertes dans le noyau Linux de Debian. Elles permettent � un attaquant de provoquer un d�ni de service � distance, une atteinte � la confidentialit� des donn�es et une �l�vation de privil�ges. | 29 juillet 2022 |
| [Multiples vuln�rabilit�s dans Samba](https://www.cert.ssi.gouv.fr/avis/CERTFR-2022-AVI-686/) | De multiples vuln�rabilit�s ont �t� d�couvertes dans Samba. Certaines d'entre elles permettent � un attaquant de provoquer un d�ni de service � distance, un contournement de la politique de s�curit� et une atteinte � l'int�grit� des donn�es. | 27 juillet 2022 |
---
### IBMCloud [:arrow_heading_up:](#cyberowl)
|Title|Description|Date|
|---|---|---|
| [Unified Automation OPC UA C++ server denial of service (CVE-2022-37012)](https://exchange.xforce.ibmcloud.com/activity/list?filter=Vulnerabilities) | Visit link for details | Jul 28, 2022 |
| [Synology Media Server buffer overflow (CVE-2022-22683)](https://exchange.xforce.ibmcloud.com/activity/list?filter=Vulnerabilities) | Visit link for details | Jul 28, 2022 |
| [Synology WebDAV Server directory traversal (CVE-2022-22685)](https://exchange.xforce.ibmcloud.com/activity/list?filter=Vulnerabilities) | Visit link for details | Jul 28, 2022 |
| [Synology Audio Station directory traversal (CVE-2022-27611)](https://exchange.xforce.ibmcloud.com/activity/list?filter=Vulnerabilities) | Visit link for details | Jul 28, 2022 |
| [Synology Audio Station buffer overflow (CVE-2022-27612)](https://exchange.xforce.ibmcloud.com/activity/list?filter=Vulnerabilities) | Visit link for details | Jul 28, 2022 |
| [Synology CardDAV Server SQL injection (CVE-2022-27613)](https://exchange.xforce.ibmcloud.com/activity/list?filter=Vulnerabilities) | Visit link for details | Jul 28, 2022 |
| [Synology Media Server information disclosure (CVE-2022-27614)](https://exchange.xforce.ibmcloud.com/activity/list?filter=Vulnerabilities) | Visit link for details | Jul 28, 2022 |
---
### MA-CERT [:arrow_heading_up:](#cyberowl)
|Title|Description|Date|
|---|---|---|
Expand All @@ -70,15 +82,3 @@ A daily updated summary of the most frequent types of security incidents current
| [37362107/22 - Vuln�rabilit�s dans Cisco Small Business](https://www.dgssi.gov.ma/fr/content/3736210722-vulnerabilites-dans-cisco-small-business.html) | Plusieurs vuln�rabilit�s ont �t� corrig�es dans les versions susmentionn�es de Cisco Small Business. L�exploitation de ces failles pourrait permettre � un attaquant distant et authentifi� d'ex�cuter du code arbitraire sur un appareil... | 21 juillet 2022 |
| [37352107/22 - Vuln�rabilit�s critique dans Cisco Nexus Dashboard](https://www.dgssi.gov.ma/fr/content/3735210722-vulnerabilites-critique-dans-cisco-nexus-dashboard.html) | Plusieurs vuln�rabilit�s Critiques ont �t� corrig�es dans Cisco Nexus Dashboard. L�exploitation de ces failles permet � un attaquant d�ex�cuter des commandes et d'effectuer des actions avec les privil�ges de l'administrateur ou... | 21 juillet 2022 |
| [37342007/22 - "Oracle Critical Patch Update" du Mois Juillet 2022](https://www.dgssi.gov.ma/fr/content/3734200722-oracle-critical-patch-update-du-mois-juillet-2022.html) | Oracle a publi� des correctifs de s�curit� pour traiter plusieurs vuln�rabilit�s dans le cadre de sa mise � jour � Oracle Critical Patch Update � du mois Juillet 2022. L'exploitation de certaines de ces vuln�rabilit�s pourrait... | 20 juillet 2022 |
---
### ZeroDayInitiative [:arrow_heading_up:](#cyberowl)
|Title|Description|Date|
|---|---|---|
| [Autodesk Desktop App Link Following Local Privilege Escalation Vulnerability](https://www.zerodayinitiative.com/advisories/ZDI-22-1035/) | Visit link for details | July 29, 2022 |
| [Autodesk Desktop App Link Following Local Privilege Escalation Vulnerability](https://www.zerodayinitiative.com/advisories/ZDI-22-1034/) | Visit link for details | July 29, 2022 |
| [Trend Micro Apex One Security Agent Link Following Local Privilege Escalation Vulnerability](https://www.zerodayinitiative.com/advisories/ZDI-22-1033/) | Visit link for details | July 28, 2022 |
| [EnterpriseDT CompleteFTP Server HttpFile Directory Traversal Arbitrary File Deletion Vulnerability](https://www.zerodayinitiative.com/advisories/ZDI-22-1032/) | Visit link for details | July 28, 2022 |
| [OPC Labs QuickOPC Connectivity Explorer Deserialization of Untrusted Data Remote Code Execution Vulnerability](https://www.zerodayinitiative.com/advisories/ZDI-22-1031/) | Visit link for details | July 28, 2022 |
| [(Pwn2Own) Unified Automation OPC UA C++ Improper Update of Reference Count Denial-of-Service Vulnerability](https://www.zerodayinitiative.com/advisories/ZDI-22-1030/) | Visit link for details | July 28, 2022 |
| [(Pwn2Own) Unified Automation OPC UA C++ Infinite Loop Denial-of-Service Vulnerability](https://www.zerodayinitiative.com/advisories/ZDI-22-1029/) | Visit link for details | July 28, 2022 |
| [Adobe Acrobat Reader DC Font Parsing Out-Of-Bounds Read Remote Code Execution Vulnerability](https://www.zerodayinitiative.com/advisories/ZDI-22-1028/) | Visit link for details | July 28, 2022 |
2 changes: 1 addition & 1 deletion requirements.txt
Original file line number Diff line number Diff line change
@@ -1,7 +1,7 @@
GitPython==3.1.27
python-dotenv==0.20.0
Scrapy==2.6.2
selenium==4.3.0
selenium==3.141.0
msedge-selenium-tools==3.141.4
coverage==6.4.2
flake8==4.0.1
Expand Down