🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-25566 ‼

GSS-NTLMSSP is a mechglue plugin for the GSSAPI library that implements NTLM authentication. Prior to version 1.2.0, a memory leak can be triggered when parsing usernames which can trigger a denial-of-service. The domain portion of a username may be overridden causing an allocated memory area the size of the domain name to be leaked. An attacker can leak memory via the main `gss_accept_sec_context` entry point, potentially causing a denial-of-service. This issue is fixed in version 1.2.0.

📖 Read

via "National Vulnerability Database".

216 views19:36

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-0830 ‼

A vulnerability classified as critical has been found in EasyNAS 1.1.0. Affected is the function system of the file /backup.pl. The manipulation leads to os command injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. It is recommended to upgrade the affected component. VDB-220950 is the identifier assigned to this vulnerability.

📖 Read

via "National Vulnerability Database".

👍1

224 views19:36

🛡 Cybersecurity & Privacy 🛡 - News

🕴 Oakland City Services Struggle to Recover From Ransomware Attack 🕴

Fire emergency, 911 services functioning, along with Oakland financial systems, city says.

📖 Read

via "Dark Reading".

Dark Reading

Oakland City Services Struggle to Recover From Ransomware Attack

Fire emergency, 911 services functioning, along with Oakland financial systems, city says.

230 views20:20

🛡 Cybersecurity & Privacy 🛡 - News

⚠ Apple fixes zero-day spyware implant bug – patch now! ⚠

Everyone update now! Except for those who don't need to! Or who need to but will only get updates later on, though Apple isn't saying yet!

📖 Read

via "Naked Security".

Sophos News

Naked Security – Sophos News

210 views21:25

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-21570 ‼

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

📖 Read

via "National Vulnerability Database".

183 views21:35

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-21699 ‼

Windows Internet Storage Name Service (iSNS) Server Information Disclosure Vulnerability

📖 Read

via "National Vulnerability Database".

152 views21:35

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-21717 ‼

Microsoft SharePoint Server Elevation of Privilege Vulnerability

📖 Read

via "National Vulnerability Database".

136 views21:35

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-21705 ‼

Microsoft SQL Server Remote Code Execution Vulnerability

📖 Read

via "National Vulnerability Database".

126 views21:35

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-21687 ‼

HTTP.sys Information Disclosure Vulnerability

📖 Read

via "National Vulnerability Database".

125 views21:35

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-21568 ‼

Microsoft SQL Server Integration Service (VS extension) Remote Code Execution Vulnerability

📖 Read

via "National Vulnerability Database".

120 views21:35

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-21703 ‼

Azure Data Box Gateway Remote Code Execution Vulnerability

📖 Read

via "National Vulnerability Database".

118 views21:35

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-21704 ‼

Microsoft ODBC Driver for SQL Server Remote Code Execution Vulnerability

📖 Read

via "National Vulnerability Database".

114 views21:35

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-21706 ‼

Microsoft Exchange Server Remote Code Execution Vulnerability

📖 Read

via "National Vulnerability Database".

114 views21:35

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-21701 ‼

Microsoft Protected Extensible Authentication Protocol (PEAP) Denial of Service Vulnerability

📖 Read

via "National Vulnerability Database".

113 views21:35

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-21714 ‼

Microsoft Office Information Disclosure Vulnerability

📖 Read

via "National Vulnerability Database".

111 views21:36

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-21713 ‼

Microsoft SQL Server Remote Code Execution Vulnerability

📖 Read

via "National Vulnerability Database".

116 views21:36

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-21528 ‼

Microsoft SQL Server Remote Code Execution Vulnerability

📖 Read

via "National Vulnerability Database".

116 views21:36

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-21694 ‼

Windows Fax Service Remote Code Execution Vulnerability

📖 Read

via "National Vulnerability Database".

113 views21:36

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-21691 ‼

Microsoft Protected Extensible Authentication Protocol (PEAP) Information Disclosure Vulnerability

📖 Read

via "National Vulnerability Database".

110 views21:36

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-21690 ‼

Microsoft Protected Extensible Authentication Protocol (PEAP) Remote Code Execution Vulnerability

📖 Read

via "National Vulnerability Database".

117 views21:36

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-21721 ‼

Microsoft OneNote Spoofing Vulnerability

📖 Read

via "National Vulnerability Database".

115 views21:36

About

Blog

Apps

Platform