βΌ CVE-2021-23952 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2021-23951 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2021-23942 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2021-23943 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2023-24081 βΌ
π Read
via "National Vulnerability Database".
Multiple stored cross-site scripting (XSS) vulnerabilities in Redrock Software TutorTrac before v4.2.170210 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the reason and location fields of the visits listing page.π Read
via "National Vulnerability Database".
βΌ CVE-2021-23950 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2021-23938 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2022-38779 βΌ
π Read
via "National Vulnerability Database".
An open redirect issue was discovered in Kibana that could lead to a user being redirected to an arbitrary website if they use a maliciously crafted Kibana URL.π Read
via "National Vulnerability Database".
π΄ How to Stop Attackers That Target Healthcare Imaging Data π΄
π Read
via "Dark Reading".
Attribute-based encryption could help keep sensitive metadata off of the Dark Web.π Read
via "Dark Reading".
Dark Reading
How to Stop Attackers That Target Healthcare Imaging Data
Attribute-based encryption could help keep sensitive metadata off of the Dark Web.
βΌ CVE-2023-24108 βΌ
π Read
via "National Vulnerability Database".
MvcTools 6d48cd6830fc1df1d8c9d61caa1805fd6a1b7737 was discovered to contain a code execution backdoor via the request package (requirements.txt). This vulnerability allows attackers to access sensitive user information and execute arbitrary code.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0947 βΌ
π Read
via "National Vulnerability Database".
Path Traversal in GitHub repository flatpressblog/flatpress prior to 1.3.π Read
via "National Vulnerability Database".
βΌ CVE-2022-2883 βΌ
π Read
via "National Vulnerability Database".
In affected versions of Octopus Deploy it is possible to upload a zipbomb file as a task which results in Denial of Serviceπ Read
via "National Vulnerability Database".
βΌ CVE-2023-24107 βΌ
π Read
via "National Vulnerability Database".
hour_of_code_python_2015 commit 520929797b9ca43bb818b2e8f963fb2025459fa3 was discovered to contain a code execution backdoor via the request package (requirements.txt). This vulnerability allows attackers to access sensitive user information and execute arbitrary code.π Read
via "National Vulnerability Database".
ποΈ Cisco ClamAV anti-malware scanner vulnerable to serious security flaw ποΈ
π Read
via "The Daily Swig".
Patch released for bug that poses a critical risk to vulnerable technologiesπ Read
via "The Daily Swig".
The Daily Swig | Cybersecurity news and views
Cisco ClamAV anti-malware scanner vulnerable to serious security flaw
Patch released for bug that poses a critical risk to vulnerable technologies
π2π₯1
π΄ Exploit Code Released for Critical Fortinet RCE Bug π΄
π Read
via "Dark Reading".
Organizations are urged to update to the latest versions of FortiNAC to patch a flaw that allows unauthenticated attackers to write arbitrary files on the system.π Read
via "Dark Reading".
Dark Reading
Exploit Code Released for Critical Fortinet RCE Bug
Organizations are urged to update to the latest versions of FortiNAC to patch a flaw that allows unauthenticated attackers to write arbitrary files on the system.
π΄ Trend Micro Acquires SOC Technology Expert Anlyz π΄
π Read
via "Dark Reading".
Technology tuck-in enhances industry's broadest XDR security platform.π Read
via "Dark Reading".
Dark Reading
Trend Micro Acquires SOC Technology Expert Anlyz
Technology tuck-in enhances industry's broadest XDR security platform.
π Zeek 5.0.7 π
π Read
via "Packet Storm Security".
Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.π Read
via "Packet Storm Security".
Packetstormsecurity
Zeek 5.0.7 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π1
βΌ CVE-2022-41217 βΌ
π Read
via "National Vulnerability Database".
Cloudflow contains a unauthenticated file upload vulnerability, which makes it possible for an attacker to upload malicious files to the CLOUDFLOW PROOFSCOPE built-in storage.π Read
via "National Vulnerability Database".
βΌ CVE-2022-41216 βΌ
π Read
via "National Vulnerability Database".
Local File Inclusion vulnerability within Cloudflow allows attackers to retrieve confidential information from the system.π Read
via "National Vulnerability Database".
π΄ Xcitium Brings 'Zero Dwell' Capability to Legacy EDR Platforms π΄
π Read
via "Dark Reading".
π Read
via "Dark Reading".
Dark Reading
Xcitium Brings 'Zero Dwell' Capability to Legacy EDR Platforms
BLOOMFIELD, N.J., Feb. 21, 2023 (GLOBE NEWSWIRE) -- Xcitium, a security platform provider focused on preventing damage caused by Malware, today announced availability of its advanced endpoint security solution, ZeroDwell Containment, for customers with orβ¦
βΌ CVE-2023-23063 βΌ
π Read
via "National Vulnerability Database".
Cellinx NVT v1.0.6.002b is vulnerable to local file disclosure.π Read
via "National Vulnerability Database".