βΌ CVE-2023-1131 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been found in SourceCodester Computer Parts Sales and Inventory System 1.0 and classified as problematic. This vulnerability affects unknown code of the file customer.php. The manipulation of the argument FIRST_NAME/LAST_NAME/PHONE_NUMBER leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-222106 is the identifier assigned to this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2023-24131 βΌ
π Read
via "National Vulnerability Database".
Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey1_5g parameter at /goform/WifiBasicSet.π Read
via "National Vulnerability Database".
βΌ CVE-2022-48309 βΌ
π Read
via "National Vulnerability Database".
A CSRF vulnerability allows malicious websites to retrieve logs and technical support archives in Sophos Connect versions older than 2.2.90.π Read
via "National Vulnerability Database".
βΌ CVE-2022-48310 βΌ
π Read
via "National Vulnerability Database".
An information disclosure vulnerability allows sensitive key material to be included in technical support archives in Sophos Connect versions older than 2.2.90.π Read
via "National Vulnerability Database".
βΌ CVE-2022-3162 βΌ
π Read
via "National Vulnerability Database".
Users authorized to list or watch one type of namespaced custom resource cluster-wide can read custom resources of a different type in the same API group without authorization. Clusters are impacted by this vulnerability if all of the following are true: 1. There are 2+ CustomResourceDefinitions sharing the same API group 2. Users have cluster-wide list or watch authorization on one of those custom resources. 3. The same users are not authorized to read another custom resource in the same API group.π Read
via "National Vulnerability Database".
βΌ CVE-2023-24130 βΌ
π Read
via "National Vulnerability Database".
Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey parameter at /goform/WifiBasicSet.π Read
via "National Vulnerability Database".
βΌ CVE-2023-23004 βΌ
π Read
via "National Vulnerability Database".
In the Linux kernel before 5.19, drivers/gpu/drm/arm/malidp_planes.c misinterprets the get_sg_table return value (expects it to be NULL in the error case, whereas it is actually an error pointer).π Read
via "National Vulnerability Database".
βΌ CVE-2023-1097 βΌ
π Read
via "National Vulnerability Database".
Baicells EG7035-M11 devices with firmware through BCE-ODU-1.0.8 are vulnerable to improper code exploitation via HTTP GET command injections. Commands are executed using pre-login execution and executed with root permissions. The following methods have been tested and validated by a 3rd party analyst and have been confirmed exploitable special thanks to Lionel Musonza for the discovery.π Read
via "National Vulnerability Database".
βΌ CVE-2023-24132 βΌ
π Read
via "National Vulnerability Database".
Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey3_5g parameter at /goform/WifiBasicSet.π Read
via "National Vulnerability Database".
βΌ CVE-2023-23002 βΌ
π Read
via "National Vulnerability Database".
In the Linux kernel before 5.16.3, drivers/bluetooth/hci_qca.c misinterprets the devm_gpiod_get_index_optional return value (expects it to be NULL in the error case, whereas it is actually an error pointer).π Read
via "National Vulnerability Database".
π΄ Dish Blames Ransomware Attack for Disruptions of Internal Systems, Call Center Services π΄
π Read
via "Dark Reading".
The cyberattackers might have potentially accessed customer information, the service provider warns.π Read
via "Dark Reading".
Dark Reading
Dish Blames Ransomware Attack for Disruptions of Internal Systems, Call Center Services
The cyberattackers might have potentially accessed customer information, the service provider warns.
π΄ Forescout Addresses Modern SecOps Challenges With Launch of Forescout XDR π΄
π Read
via "Dark Reading".
New eXtended Detection and Response Solution is 450X more efficient than typical SOCs at converting telemetry and logs into actionable alerts.π Read
via "Dark Reading".
Dark Reading
Forescout Addresses Modern SecOps Challenges With Launch of Forescout XDR
New eXtended Detection and Response Solution is 450X more efficient than typical SOCs at converting telemetry and logs into actionable alerts.
π΄ Fastly Launches Managed Security Service to Protect Enterprises From Rising Web Application Attacks π΄
π Read
via "Dark Reading".
π Read
via "Dark Reading".
Dark Reading
Fastly Launches Managed Security Service to Protect Enterprises From Rising Web Application Attacks
SAN FRANCISCO β March 1, 2023 β Fastly, Inc. (NYSE: FSLY), the worldβs fastest global edge cloud platform, today launched Fastly Managed Security Service, a premier 24/7 threat detection and response service dedicated to helping organizations significantlyβ¦
π΄ Visibility Is as Vital as Zero Trust for Low-Code/No-Code Security π΄
π Read
via "Dark Reading".
By authenticating and authorizing every application, and by maintaining data lineage for auditing, enterprises can reduce the chances of data exfiltration.π Read
via "Dark Reading".
Dark Reading
Visibility Is as Vital as Zero Trust for Low-Code/No-Code Security
By authenticating and authorizing every application, and by maintaining data lineage for auditing, enterprises can reduce the chances of data exfiltration.
π΄ DoControl's 2023 SaaS Security Threat Landscape Report Finds Enterprises and Mid-Market Organizations Have Exposed Public SaaS Assets π΄
π Read
via "Dark Reading".
Volume of SaaS assets and events magnifies risks associated with manual management and remediation.π Read
via "Dark Reading".
Dark Reading
DoControl's 2023 SaaS Security Threat Landscape Report Finds Enterprises and Mid-Market Organizations Have Exposed Public SaaSβ¦
Volume of SaaS assets and events magnifies risks associated with manual management and remediation.
π΄ Octillo Launches Women's Cybersecurity Scholarship in Partnership With the Center for Cyber Safety and Education π΄
π Read
via "Dark Reading".
π Read
via "Dark Reading".
Dark Reading
Octillo Launches Women's Cybersecurity Scholarship in Partnership With the Center for Cyber Safety and Education
NEW YORK: March 1, 2023 β Octillo, a women-owned cybersecurity, data privacy, and technology-focused law firm, is pleased to announce the launch of their 2023 Octillo Womenβs Cybersecurity Scholarship program, administered by the Center for Cyber Safety andβ¦
βΌ CVE-2023-24127 βΌ
π Read
via "National Vulnerability Database".
Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey1 parameter at /goform/WifiBasicSet.π Read
via "National Vulnerability Database".
βΌ CVE-2020-5026 βΌ
π Read
via "National Vulnerability Database".
IBM Financial Transaction Manager for Digital Payments for Multi-Platform 3.2.0 through 3.2.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 193662.π Read
via "National Vulnerability Database".
βΌ CVE-2023-24117 βΌ
π Read
via "National Vulnerability Database".
Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepauth_5g parameter at /goform/WifiBasicSet.π Read
via "National Vulnerability Database".
βΌ CVE-2023-24126 βΌ
π Read
via "National Vulnerability Database".
Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wepkey4_5g parameter at /goform/WifiBasicSet.π Read
via "National Vulnerability Database".
βΌ CVE-2023-24120 βΌ
π Read
via "National Vulnerability Database".
Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a stack overflow via the wrlEn_5g parameter at /goform/WifiBasicSet.π Read
via "National Vulnerability Database".