β S3 Ep118: Guess your password? No need if itβs stolen already! [Audio + Text] β
π Read
via "Naked Security".
As always: entertaining, informative and educational... and not bogged down with jargon! Listen (or read) now...π Read
via "Naked Security".
Naked Security
S3 Ep118: Guess your password? No need if itβs stolen already! [Audio + Text]
As always: entertaining, informative and educationalβ¦ and not bogged down with jargon! Listen (or read) nowβ¦
β T-Mobile admits to 37,000,000 customer records stolen by βbad actorβ β
π Read
via "Naked Security".
Once more, it's time for Shakespeare's words: Once more unto the breach...π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
π€―1
βΌ CVE-2021-26642 βΌ
π Read
via "National Vulnerability Database".
When uploading an image file to a bulletin board developed with XpressEngine, a vulnerability in which an arbitrary file can be uploaded due to insufficient verification of the file. A remote attacker can use this vulnerability to execute arbitrary code on the server where the bulletin board is running.π Read
via "National Vulnerability Database".
βΌ CVE-2022-38112 βΌ
π Read
via "National Vulnerability Database".
In DPA 2022.4 and older releases, generated heap memory dumps contain sensitive information in cleartext.π Read
via "National Vulnerability Database".
βΌ CVE-2022-27915 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2021-26644 βΌ
π Read
via "National Vulnerability Database".
SQL-Injection vulnerability caused by the lack of verification of input values for the table name of DB used by the Mangboard bulletin board. A remote attacker can use this vulnerability to execute arbitrary code on the server where the bulletin board is running.π Read
via "National Vulnerability Database".
βΌ CVE-2022-38110 βΌ
π Read
via "National Vulnerability Database".
In Database Performance Analyzer (DPA) 2022.4 and older releases, certain URL vectors are susceptible to authenticated reflected cross-site scripting.π Read
via "National Vulnerability Database".
βΌ CVE-2022-27916 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2023-22912 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1. CheckUser TokenManager insecurely uses AES-CTR encryption with a repeated (aka re-used) nonce, allowing an adversary to decrypt.π Read
via "National Vulnerability Database".
βΌ CVE-2022-25631 βΌ
π Read
via "National Vulnerability Database".
Symantec Endpoint Protection, prior to 14.3 RU6 (14.3.9210.6000), may be susceptible to a Elevation of Privilege vulnerability, which is a type of issue whereby an attacker may attempt to compromise the software application to gain elevatedπ Read
via "National Vulnerability Database".
βΌ CVE-2022-27917 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2022-27918 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2023-23489 βΌ
π Read
via "National Vulnerability Database".
The Easy Digital Downloads WordPress Plugin, version < 3.1.0.4, is affected by an unauthenticated SQL injection vulnerability in the 's' parameter of its 'edd_download_search' action.π Read
via "National Vulnerability Database".
βΌ CVE-2022-47747 βΌ
π Read
via "National Vulnerability Database".
kraken <= 0.1.4 has an arbitrary file read vulnerability via the component testfs.π Read
via "National Vulnerability Database".
βΌ CVE-2023-23488 βΌ
π Read
via "National Vulnerability Database".
The Paid Memberships Pro WordPress Plugin, version < 2.9.8, is affected by an unauthenticated SQL injection vulnerability in the 'code' parameter of the '/pmpro/v1/order' REST route.π Read
via "National Vulnerability Database".
βΌ CVE-2022-47732 βΌ
π Read
via "National Vulnerability Database".
In Yeastar N412 and N824 Configuration Panel 42.x and 45.x, an unauthenticated attacker can create backup file and download it, revealing admin hash, allowing, once cracked, to login inside the Configuration Panel, otherwise, replacing the hash in the archive and restoring it on the device which will change admin password granting access to the device.π Read
via "National Vulnerability Database".
βΌ CVE-2023-22964 βΌ
π Read
via "National Vulnerability Database".
Zoho ManageEngine ServiceDesk Plus MSP through 13003 is vulnerable to authentication bypass due to the unsafe LDAP configuration (issue 1 of 2).π Read
via "National Vulnerability Database".
βΌ CVE-2022-43704 βΌ
π Read
via "National Vulnerability Database".
The Sinilink XY-WFT1 WiFi Remote Thermostat, running firmware 1.3.6, allows an attacker to bypass the intended requirement to communicate using MQTT. It is possible to replay Sinilink aka SINILINK521 protocol (udp/1024) commands interfacing directly with the target device. This, in turn, allows for an attack to control the onboard relay without requiring authentication via the mobile application. This might result in an unacceptable temperature within the target device's physical environment.π Read
via "National Vulnerability Database".
βΌ CVE-2023-22910 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in MediaWiki before 1.35.9, 1.36.x through 1.38.x before 1.38.5, and 1.39.x before 1.39.1. There is XSS in Wikibase date formatting via wikibase-time-precision-* fields. This allows JavaScript execution by staff/admin users who do not intentionally have the editsitejs capability.π Read
via "National Vulnerability Database".
βΌ CVE-2022-3918 βΌ
π Read
via "National Vulnerability Database".
A program using FoundationNetworking in swift-corelibs-foundation is potentially vulnerable to CRLF ( ) injection in URLRequest headers. In this vulnerability, a client can insert one or several CRLF sequences into a URLRequest header value. When that request is sent via URLSession to an HTTP server, the server may interpret the content after the CRLF as extra headers, or even a second request. For example, consider a URLRequest to http://example.com/ with the GET method. Suppose we set the URLRequest header "Foo" to the value "Bar Extra-Header: Added GET /other HTTP/1.1". When this request is sent, it will appear to the server as two requests: GET / HTTP/1.1 Foo: Bar Extra-Header: Added GET /other HTTP/1.1 In this manner, the client is able to inject extra headers and craft an entirely new request to a separate path, despite only making one API call in URLSession. If a developer has total control over the request and its headers, this vulnerability may not pose a threat. However, this vulnerability escalates if un-sanitized user input is placed in header values. If so, a malicious user could inject new headers or requests to an intermediary or backend server. Developers should be especially careful to sanitize user input in this case, or upgrade their version of swift-corelibs-foundation to include the patch below.π Read
via "National Vulnerability Database".
βΌ CVE-2021-39089 βΌ
π Read
via "National Vulnerability Database".
IBM Cloud Pak for Security (CP4S) 1.10.0.0 through 1.10.6.0 could allow an authenticated user to obtain sensitive information from a specially crafted HTTP request. IBM X-Force ID: 216387.π Read
via "National Vulnerability Database".