‼ CVE-2022-47715 ‼
📖 Read
via "National Vulnerability Database".
In Last Yard 22.09.8-1, the cookie can be stolen via via unencrypted traffic.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-23131 ‼
📖 Read
via "National Vulnerability Database".
Selfwealth iOS mobile App 3.3.1 is vulnerable to Insecure App Transport Security (ATS) Settings.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-23132 ‼
📖 Read
via "National Vulnerability Database".
Selfwealth iOS mobile App 3.3.1 is vulnerable to Sensitive key disclosure. The application reveals hardcoded API keys.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-0613 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability has been found in TRENDnet TEW-811DRU 1.0.10.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /wireless/security.asp of the component httpd. The manipulation of the argument device_web_ip leads to memory corruption. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-219937 was assigned to this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-22574 ‼
📖 Read
via "National Vulnerability Database".
Dell PowerScale OneFS 9.0.0.x - 9.4.0.x contain an insertion of sensitive information into log file vulnerability in platform API of IPMI module. A low-privileged user with permission to read logs on the cluster could potentially exploit this vulnerability, leading to Information disclosure and denial of service.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-23128 ‼
📖 Read
via "National Vulnerability Database".
Connectwise Control 22.8.10013.8329 is vulnerable to Cross Origin Resource Sharing (CORS).📖 Read
via "National Vulnerability Database".
‼ CVE-2023-23130 ‼
📖 Read
via "National Vulnerability Database".
Connectwise Automate 2022.11 is vulnerable to Cleartext authentication. Authentication is being done via HTTP (cleartext) with SSL disabled.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-23126 ‼
📖 Read
via "National Vulnerability Database".
Connectwise Automate 2022.11 is vulnerable to Clickjacking. The login screen can be iframed and used to manipulate users to perform unintended actions.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-0611 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability, which was classified as critical, has been found in TRENDnet TEW-652BRP 3.04B01. This issue affects some unknown processing of the file get_set.ccp of the component Web Management Interface. The manipulation leads to command injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-219935.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-23692 ‼
📖 Read
via "National Vulnerability Database".
Dell EMC prior to version DDOS 7.9 contain(s) an OS command injection Vulnerability. An authenticated non admin attacker could potentially exploit this vulnerability, leading to the execution of arbitrary OS commands on the application's underlying OS, with the privileges of the vulnerable application.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-24610 ‼
📖 Read
via "National Vulnerability Database".
NOSH 4a5cfdb allows remote authenticated users to execute PHP arbitrary code via the "practice logo" upload feature. The client-side checks can be bypassed. This may allow attackers to steal Protected Health Information because the product is for health charting.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-0612 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability, which was classified as critical, was found in TRENDnet TEW-811DRU 1.0.10.0. Affected is an unknown function of the file /wireless/basic.asp of the component httpd. The manipulation of the argument device_web_ip leads to buffer overflow. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-219936.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-22572 ‼
📖 Read
via "National Vulnerability Database".
Dell PowerScale OneFS 9.1.0.x-9.4.0.x contain an insertion of sensitive information into log file vulnerability in change password api. A low privilege local attacker could potentially exploit this vulnerability, leading to system takeover.📖 Read
via "National Vulnerability Database".
🕴 ManageEngine Study Finds United States Enterprises Hit by Short-Staffed Security Operations Centers 🕴
📖 Read
via "Dark Reading".
Study also reveals enterprises rely on multiple tools to ensure cloud security.📖 Read
via "Dark Reading".
Dark Reading
ManageEngine Study Finds United States Enterprises Hit by Short-Staffed Security Operations Centers
Study also reveals enterprises rely on multiple tools to ensure cloud security.
🕴 KnowBe4 to Offer $10,000 to Black Americans in Cybersecurity Scholarship 🕴
📖 Read
via "Dark Reading".
KnowBe4 partners with the Center for Cyber Safety and Education to support Black Americans in recognition of Black History Month to help further education.📖 Read
via "Dark Reading".
Dark Reading
KnowBe4 to Offer $10,000 to Black Americans in Cybersecurity Scholarship
KnowBe4 partners with the Center for Cyber Safety and Education to support Black Americans in recognition of Black History Month to help further education.
🕴 Application Security Must Be Nonnegotiable 🕴
📖 Read
via "Dark Reading".
Companies need to keep security priorities top of mind during economic downturns so all-important revenue generation doesn't come with a heaping side order of security problems.📖 Read
via "Dark Reading".
Dark Reading
Application Security Must Be Nonnegotiable
Companies need to keep security priorities top of mind during economic downturns so all-important revenue generation doesn't come with a heaping side order of security problems.
🕴 Fortra's Terranova Security 2022 Gone Phishing Tournament Results Reveal Large Organizations at Highest Risk of Compromising Data 🕴
📖 Read
via "Dark Reading".
Findings underscore security awareness training that leverages practical, hands-on exercises is essential to creating a security-aware culture.📖 Read
via "Dark Reading".
Dark Reading
Fortra's Terranova Security 2022 Gone Phishing Tournament Results Reveal Large Organizations at Highest Risk of Compromising Data
Findings underscore security awareness training that leverages practical, hands-on exercises is essential to creating a security-aware culture.
‼ CVE-2022-47003 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability in the Remember Me function of Mura CMS before v10.0.580 allows attackers to bypass authentication via a crafted web request.📖 Read
via "National Vulnerability Database".
🕴 Contrast Security Launches Alliance Program to Change the Way Customers Scale Their Security Solutions 🕴
📖 Read
via "Dark Reading".
The Security Innovation Alliance (SIA) empowers customers to create holistic security programs by leveraging robust end-to-end integration partnerships.📖 Read
via "Dark Reading".
Dark Reading
Contrast Security Launches Alliance Program to Change the Way Customers Scale Their Security Solutions
The Security Innovation Alliance (SIA) empowers customers to create holistic security programs by leveraging robust end-to-end integration partnerships.
🕴 Gem Security Emerges From Stealth With $11M, Unveils Cloud TDIR Platform for Faster Response to Cloud Threats 🕴
📖 Read
via "Dark Reading".
Gem Security provides the world's first holistic approach for Cloud TDIR, bridging the gap between cloud complexity and security operations.📖 Read
via "Dark Reading".
Dark Reading
Gem Security Emerges From Stealth With $11M, Unveils Cloud TDIR Platform for Faster Response to Cloud Threats
Gem Security provides the world's first holistic approach for Cloud TDIR, bridging the gap between cloud complexity and security operations.
🕴 Command-Injection Bug in Cisco Industrial Gear Opens Devices to Complete Takeover 🕴
📖 Read
via "Dark Reading".
Two security holes — one particularly gnarly — could allow hackers the freedom to do as they wish with the popular edge equipment.📖 Read
via "Dark Reading".
Dark Reading
Command-Injection Bug in Cisco Industrial Gear Opens Devices to Complete Takeover
Two security holes — one particularly gnarly — could allow hackers the freedom to do as they wish with the popular edge equipment.