βΌ CVE-2023-23969 βΌ
π Read
via "National Vulnerability Database".
In Django 3.2 before 3.2.17, 4.0 before 4.0.9, and 4.1 before 4.1.6, the parsed values of Accept-Language headers are cached in order to avoid repetitive parsing. This leads to a potential denial-of-service vector via excessive memory usage if the raw value of Accept-Language headers is very large.π Read
via "National Vulnerability Database".
βΌ CVE-2023-22287 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2023-23075 βΌ
π Read
via "National Vulnerability Database".
Cross Site Scripting (XSS) vulnerability in Zoho Asset Explorer 6.9 via the credential name when creating a new Assets Workstation.π Read
via "National Vulnerability Database".
π΄ Greater Incident Complexity, Shift in How Threat Actors Use Stolen Data, Will Drive the Cyber Threat Landscape in 2023, Says Beazley Report π΄
π Read
via "Dark Reading".
Noting 13% year-over-year growth in fraudulent instruction as a cause of loss, report predicts organizations must get smarter about educating employees to spot fraudulent tactics.π Read
via "Dark Reading".
Dark Reading
Greater Incident Complexity, Shift in How Threat Actors Use Stolen Data, Will Drive the Cyber Threat Landscape in 2023, Says Beazleyβ¦
Noting 13% year-over-year growth in fraudulent instruction as a cause of loss, report predicts organizations must get smarter about educating employees to spot fraudulent tactics.
π΄ CISA to Open Supply Chain Risk Management Office π΄
π Read
via "Dark Reading".
A new supply chain risk management office aims to help public and private sectors implement recent CISA policies and guidance.π Read
via "Dark Reading".
Dark Reading
CISA to Open Supply Chain Risk Management Office
A new supply chain risk management office aims to help public and private sectors implement recent CISA policies and guidance.
βΌ CVE-2022-37033 βΌ
π Read
via "National Vulnerability Database".
In dotCMS 5.x-22.06, TempFileAPI allows a user to create a temporary file based on a passed in URL, while attempting to block any SSRF access to local IP addresses or private subnets. In resolving this URL, the TempFileAPI follows any 302 redirects that the remote URL returns. Because there is no re-validation of the redirect URL, the TempFileAPI can be used to return data from those local/private hosts that should not be accessible remotely.π Read
via "National Vulnerability Database".
βΌ CVE-2022-3913 βΌ
π Read
via "National Vulnerability Database".
Rapid7 Nexpose and InsightVM versions 6.6.82 through 6.6.177 fail to validate the certificate of the update server when downloading updates. This failure could allow an attacker in a privileged position on the network to provide their own HTTPS endpoint, or intercept communications to the legitimate endpoint. The attacker would need some pre-existing access to at least one node on the network path between the Rapid7-controlled update server and the Nexpose/InsightVM application, and the ability to either spoof the update server's FQDN or redirect legitimate traffic to the attacker's server in order to exploit this vulnerability. Note that even in this scenario, an attacker could not normally replace an update package with a malicious package, since the update process validates a separate, code-signing certificate, distinct from the HTTPS certificate used for communication. This issue was resolved on February 1, 2023 in update 6.6.178 of Nexpose and InsightVM.π Read
via "National Vulnerability Database".
βΌ CVE-2023-23751 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in Joomla! 4.0.0 through 4.2.4. A missing ACL check allows non super-admin users to access com_actionlogs.π Read
via "National Vulnerability Database".
βΌ CVE-2023-23750 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in Joomla! 4.0.0 through 4.2.6. A missing token check causes a CSRF vulnerability in the handling of post-installation messages.π Read
via "National Vulnerability Database".
βΌ CVE-2022-47872 βΌ
π Read
via "National Vulnerability Database".
maccms10 2021.1000.2000 is vulnerable to Server-side request forgery (SSRF).π Read
via "National Vulnerability Database".
βΌ CVE-2022-3083 βΌ
π Read
via "National Vulnerability Database".
All versions of Landis+Gyr E850 (ZMQ200) are vulnerable to CWE-784: Reliance on Cookies Without Validation and Integrity. The device's web application navigation depends on the value of the session cookie. The web application could become inaccessible for the user if an attacker changes the cookie values.π Read
via "National Vulnerability Database".
βΌ CVE-2022-30904 βΌ
π Read
via "National Vulnerability Database".
In Bestechnic Bluetooth Mesh SDK (BES2300) V1.0, a buffer overflow vulnerability can be triggered during provisioning, because there is no check for the SegN field of the Transaction Start PDU.π Read
via "National Vulnerability Database".
βΌ CVE-2022-45782 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in dotCMS core 5.3.8.5 through 5.3.8.15 and 21.03 through 22.10.1. A cryptographically insecure random generation algorithm for password-reset token generation leads to account takeover.π Read
via "National Vulnerability Database".
βΌ CVE-2022-31363 βΌ
π Read
via "National Vulnerability Database".
Cypress : https://www.infineon.com/ Cypress Bluetooth Mesh SDK BSA0107_05.01.00-BX8-AMESH-08 is affected by: Buffer Overflow. The impact is: execute arbitrary code (remote). The component is: affected function is pb_transport_handle_frag_. ΓΒΆΓΒΆ In Cypress Bluetooth Mesh SDK, there is an out-of-bound write vulnerability that can be triggered during mesh provisioning. Because there is no check for mismatched SegN and TotalLength in Transaction Start PDU.π Read
via "National Vulnerability Database".
βΌ CVE-2022-31364 βΌ
π Read
via "National Vulnerability Database".
Cypress : https://www.infineon.com/ Cypress Bluetooth Mesh SDK BSA0107_05.01.00-BX8-AMESH-08 is affected by: Buffer Overflow. The impact is: execute arbitrary code (remote). The component is: affected function is lower_transport_layer_on_seg. ΓΒΆΓΒΆ In Cypress Bluetooth Mesh SDK, there is an out-of-bound write vulnerability that can be triggered by sending a series of segmented packets with inconsistent SegN.π Read
via "National Vulnerability Database".
βΌ CVE-2022-45783 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in dotCMS core 4.x through 22.10.2. An authenticated directory traversal vulnerability in the dotCMS API can lead to Remote Code Execution.π Read
via "National Vulnerability Database".
π΄ Nearly All Firms Have Ties With Breached Third Parties π΄
π Read
via "Dark Reading".
The average organization does business with 11 third parties, and 98% of organizations do business with a third party who has suffered a breach, an analysis finds.π Read
via "Dark Reading".
Dark Reading
Nearly All Firms Have Ties With Breached Third Parties
The average organization does business with 11 third parties, and 98% of organizations do business with a third party who has suffered a breach, an analysis finds.
π΄ Why CISOs Should Care About Brand Impersonation Scam Sites π΄
π Read
via "Dark Reading".
Enterprises often don't know whose responsibility it is to monitor for spoofed brand sites and scams that steal customers' trust, money, and personally identifiable information.π Read
via "Dark Reading".
Dark Reading
Why CISOs Should Care About Brand Impersonation Scam Sites
Enterprises often don't know whose responsibility it is to monitor for spoofed brand sites and scams that steal customers' trust, money, and personally identifiable information.
βΌ CVE-2023-25012 βΌ
π Read
via "National Vulnerability Database".
The Linux kernel through 6.1.9 has a Use-After-Free in bigben_remove in drivers/hid/hid-bigbenff.c via a crafted USB device because the LED controllers remain registered for too long.π Read
via "National Vulnerability Database".
βΌ CVE-2022-37034 βΌ
π Read
via "National Vulnerability Database".
In dotCMS 5.x-22.06, it is possible to call the TempResource multiple times, each time requesting the dotCMS server to download a large file. If done repeatedly, this will result in Tomcat request-thread exhaustion and ultimately a denial of any other requests.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0599 βΌ
π Read
via "National Vulnerability Database".
Rapid7 Metasploit Pro versions 4.21.2 and lower suffer from a stored cross site scripting vulnerability, due to a lack of JavaScript request string sanitization. Using this vulnerability, an authenticated attacker can execute arbitrary HTML and script code in the target browser against another Metasploit Pro user using a specially crafted request. Note that in most deployments, all Metasploit Pro users tend to enjoy privileges equivalent to local administrator.π Read
via "National Vulnerability Database".