βΌ CVE-2022-25997 βΌ
π Read
via "National Vulnerability Database".
This candidate was in a CNA pool that was not assigned to any issues during 2022.π Read
via "National Vulnerability Database".
βΌ CVE-2022-26027 βΌ
π Read
via "National Vulnerability Database".
This candidate was in a CNA pool that was not assigned to any issues during 2022.π Read
via "National Vulnerability Database".
βΌ CVE-2022-25957 βΌ
π Read
via "National Vulnerability Database".
This candidate was in a CNA pool that was not assigned to any issues during 2022.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0089 βΌ
π Read
via "National Vulnerability Database".
The webutils in Proofpoint Enterprise Protection (PPS/POD) contain a vulnerability that allows an authenticated user to execute remote code through 'eval injection'. This affects all versions 8.20.0 and below.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0090 βΌ
π Read
via "National Vulnerability Database".
The webservices in Proofpoint Enterprise Protection (PPS/POD) contain a vulnerability that allows for an anonymous user to execute remote code through 'eval injection'. Exploitation requires network access to the webservices API, but such access is a non-standard configuration. This affects all versions 8.20.0 and below.π Read
via "National Vulnerability Database".
βΌ CVE-2023-24657 βΌ
π Read
via "National Vulnerability Database".
phpipam v1.6 was discovered to contain a reflected cross-site scripting (XSS) vulnerability via the closeClass parameter at /subnet-masks/popup.php.π Read
via "National Vulnerability Database".
βΌ CVE-2023-23638 βΌ
π Read
via "National Vulnerability Database".
A deserialization vulnerability existed when dubbo generic invoke, which could lead to malicious code execution. This issue affects Apache Dubbo 2.7.x version 2.7.21 and prior versions; Apache Dubbo 3.0.x version 3.0.13 and prior versions; Apache Dubbo 3.1.x version 3.1.5 and prior versions.π Read
via "National Vulnerability Database".
βΌ CVE-2023-1267 βΌ
π Read
via "National Vulnerability Database".
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Ulkem Company PtteM Kart.This issue affects PtteM Kart: before 2.1.π Read
via "National Vulnerability Database".
βΌ CVE-2023-1269 βΌ
π Read
via "National Vulnerability Database".
Use of Hard-coded Credentials in GitHub repository alextselegidis/easyappointments prior to 1.5.0.π Read
via "National Vulnerability Database".
π΄ Tech Giants Go Cloud-Native Shopping π΄
π Read
via "Dark Reading".
Ciscoβs acquisition of cloud-native firewall provider Valtix and HPEβs deal to buy SSE provider Axis Security fill gaps in their existing portfolios.π Read
via "Dark Reading".
Dark Reading
Tech Giants Go Cloud-Native Shopping
Ciscoβs acquisition of cloud-native firewall provider Valtix and HPEβs deal to buy SSE provider Axis Security fill gaps in their existing portfolios.
π΄ Rising Public Cloud Adoption Is Accelerating Shadow Data Risks π΄
π Read
via "Dark Reading".
Using a risk-based approach to deal with policy violations and continuous compliance monitoring will help avoid data exposures and fines.π Read
via "Dark Reading".
Dark Reading
Rising Public Cloud Adoption Is Accelerating Shadow Data Risks
Using a risk-based approach to deal with policy violations and continuous compliance monitoring will help avoid data exposures and fines.
βΌ CVE-2023-25395 βΌ
π Read
via "National Vulnerability Database".
TOTOlink A7100RU V7.4cu.2313_B20191024 router has a command injection vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2023-26950 βΌ
π Read
via "National Vulnerability Database".
onekeyadmin v1.3.9 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Title parameter under the Adding Categories module.π Read
via "National Vulnerability Database".
βΌ CVE-2023-1270 βΌ
π Read
via "National Vulnerability Database".
Command Injection in GitHub repository btcpayserver/btcpayserver prior to 1.8.3.π Read
via "National Vulnerability Database".
βΌ CVE-2023-26952 βΌ
π Read
via "National Vulnerability Database".
onekeyadmin v1.3.9 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Add Menu module.π Read
via "National Vulnerability Database".
π΄ Lacework Launches Secured by Women Initiative π΄
π Read
via "Dark Reading".
For International Women's Month, new ongoing initiative is aimed at celebrating women and bringing visibility to those making cybersecurity history.π Read
via "Dark Reading".
Dark Reading
Lacework Launches Secured by Women Initiative
For International Women's Month, new ongoing initiative is aimed at celebrating women and bringing visibility to those making cybersecurity history.
π΄ Surge in Cloud Adoption Means a Greater Data Attack Surface for Healthcare and Financial Services π΄
π Read
via "Dark Reading".
Organizations in both industries are falling short when addressing new challenges to protect data in the cloud, finds Blancco report.π Read
via "Dark Reading".
Dark Reading
Surge in Cloud Adoption Means a Greater Data Attack Surface for Healthcare and Financial Services
Organizations in both industries are falling short when addressing new challenges to protect data in the cloud, finds Blancco report.
βΌ CVE-2023-24773 βΌ
π Read
via "National Vulnerability Database".
Funadmin v3.2.0 was discovered to contain a SQL injection vulnerability via the id parameter at /databases/database/list.π Read
via "National Vulnerability Database".
βΌ CVE-2023-26922 βΌ
π Read
via "National Vulnerability Database".
SQL injection vulnerability found in Varisicte matrix-gui v.2 allows a remote attacker to execute arbitrary code via the shell_exect parameter to the \www\pages\matrix-gui-2.0 endpoint.π Read
via "National Vulnerability Database".
βΌ CVE-2023-26261 βΌ
π Read
via "National Vulnerability Database".
In UBIKA WAAP Gateway/Cloud through 6.10, a blind XPath injection leads to an authentication bypass by stealing the session of another connected user. The fixed versions are WAAP Gateway & Cloud 6.11.0 and 6.5.6-patch15.π Read
via "National Vulnerability Database".
βΌ CVE-2023-27088 βΌ
π Read
via "National Vulnerability Database".
feiqu-opensource Background Vertical authorization vulnerability exists in IndexController.java. demo users with low permission can perform operations within the permission of the admin super administrator and can use this vulnerability to change the blacklist IP address in the system at will.π Read
via "National Vulnerability Database".