🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-24876 ‼

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

📖 Read

via "National Vulnerability Database".

128 views18:30

‼ CVE-2023-24913 ‼

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

📖 Read

via "National Vulnerability Database".

124 views18:30

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-24882 ‼

Microsoft OneDrive for Android Information Disclosure Vulnerability

📖 Read

via "National Vulnerability Database".

123 views18:30

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-24922 ‼

Microsoft Dynamics 365 Information Disclosure Vulnerability

📖 Read

via "National Vulnerability Database".

121 views18:30

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-24921 ‼

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

📖 Read

via "National Vulnerability Database".

118 views18:30

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-24910 ‼

Windows Graphics Component Elevation of Privilege Vulnerability

📖 Read

via "National Vulnerability Database".

117 views18:30

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-27069 ‼

A stored cross-site scripting (XSS) vulnerability in TotalJS OpenPlatform commit b80b09d allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the account name field.

📖 Read

via "National Vulnerability Database".

117 views18:30

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-24906 ‼

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability

📖 Read

via "National Vulnerability Database".

121 views18:30

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-24911 ‼

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability

📖 Read

via "National Vulnerability Database".

126 views18:30

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-27585 ‼

PJSIP is a free and open source multimedia communication library written in C. A buffer overflow vulnerability in versions 2.13 and prior affects applications that use PJSIP DNS resolver. It doesn't affect PJSIP users who do not utilise PJSIP DNS resolver. This vulnerability is related to CVE-2022-24793. A patch is available as commit `d1c5e4d` in the `master` branch. A workaround is to disable DNS resolution in PJSIP config (by setting `nameserver_count` to zero) or use an external resolver implementation instead.

📖 Read

via "National Vulnerability Database".

138 views18:30

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-23419 ‼

Windows Resilient File System (ReFS) Elevation of Privilege Vulnerability

📖 Read

via "National Vulnerability Database".

145 views18:30

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-25206 ‼

PrestaShop ws_productreviews < 3.6.2 is vulnerable to SQL Injection.

📖 Read

via "National Vulnerability Database".

148 views18:30

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-24909 ‼

Microsoft PostScript and PCL6 Class Printer Driver Remote Code Execution Vulnerability

📖 Read

via "National Vulnerability Database".

154 views18:30

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-24930 ‼

Microsoft OneDrive for MacOS Elevation of Privilege Vulnerability

📖 Read

via "National Vulnerability Database".

181 views18:30

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-24923 ‼

Microsoft OneDrive for Android Information Disclosure Vulnerability

📖 Read

via "National Vulnerability Database".

231 views18:30

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-27070 ‼

A stored cross-site scripting (XSS) vulnerability in TotalJS OpenPlatform commit b80b09d allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the platform name field.

📖 Read

via "National Vulnerability Database".

240 views18:30

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-24919 ‼

Microsoft Dynamics 365 (on-premises) Cross-site Scripting Vulnerability

📖 Read

via "National Vulnerability Database".

259 views18:30

🛡 Cybersecurity & Privacy 🛡 - News

📢 MI5 to establish new security agency to counter Chinese hacking, espionage 📢

The new organisation has been compared to GCHQ’s NCSC, and will provide companies advice on how to deal with Chinese companies or carry out business in China

📖 Read

via "ITPro".

ITPro

MI5 to establish new security agency to counter Chinese hacking, espionage

The new organisation has been compared to GCHQ’s NCSC, and will provide companies advice on how to deal with Chinese companies or carry out business in China

245 views20:22

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-28144 ‼

KDAB Hotspot 1.3.x and 1.4.x through 1.4.1, in a non-default configuration, allows privilege escalation because of race conditions involving symlinks and elevate_perf_privileges.sh chown calls.

📖 Read

via "National Vulnerability Database".

225 views20:23

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-27589 ‼

Minio is a Multi-Cloud Object Storage framework. Starting with RELEASE.2020-12-23T02-24-12Z and prior to RELEASE.2023-03-13T19-46-17Z, a user with `consoleAdmin` permissions can potentially create a user that matches the root credential `accessKey`. Once this user is created successfully, the root credential ceases to work appropriately. The issue is patched in RELEASE.2023-03-13T19-46-17Z. There are ways to work around this via adding higher privileges to the disabled root user via `mc admin policy set`.

📖 Read

via "National Vulnerability Database".

197 views20:23

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-28339 ‼

OpenDoas through 6.8.2, when TIOCSTI is available, allows privilege escalation because of sharing a terminal with the original session. NOTE: TIOCSTI is unavailable in OpenBSD 6.0 and later, and can be made unavailable in the Linux kernel 6.2 and later.

📖 Read

via "National Vulnerability Database".

199 views20:23

About

Blog

Apps

Platform