β Dangerous Android phone 0-day bugs revealed β patch or work around them now! β
π Read
via "Naked Security".
Despite its usually inflexible 0-day disclosure policy, Google is keeping four mobile modem bugs semi-secret due to likely ease of exploitation.π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
βΌ CVE-2023-28429 βΌ
π Read
via "National Vulnerability Database".
Pimcore is an open source data and experience management platform. Versions prior to 10.5.19 have an unsecured tooltip field in DataObject class definition. This vulnerability has the potential to steal a user's cookie and gain unauthorized access to that user's account through the stolen cookie or redirect users to other malicious sites. Users should upgrade to version 10.5.19 or, as a workaround, apply the patch manually.π Read
via "National Vulnerability Database".
βΌ CVE-2023-28428 βΌ
π Read
via "National Vulnerability Database".
PDFio is a C library for reading and writing PDF files. In versions 1.1.0 and prior, a denial of service vulnerability exists in the pdfio parser. Crafted pdf files can cause the program to run at 100% utilization and never terminate. This is different from CVE-2023-24808. A patch for this issue is available in version 1.1.1.π Read
via "National Vulnerability Database".
βΌ CVE-2023-1515 βΌ
π Read
via "National Vulnerability Database".
Cross-site Scripting (XSS) - Stored in GitHub repository pimcore/pimcore prior to 10.5.19.π Read
via "National Vulnerability Database".
βΌ CVE-2023-28426 βΌ
π Read
via "National Vulnerability Database".
savg-sanitizer is a PHP SVG/XML Sanitizer. A bypass has been found in versions prior to 0.16.0 that allows an attacker to upload an SVG with persistent cross-site scripting. HTML elements within CDATA needed to be sanitized correctly, as we were converting them to a textnode and therefore, the library wasn't seeing them as DOM elements. This issue is fixed in version 0.16.0. Any data within a CDATA node will now be sanitised using HTMLPurifier. The maintainers have also removed many of the HTML and MathML elements from the allowed element list, as without ForiegnObject, they're not legal within the SVG context. There are no known workarounds.π Read
via "National Vulnerability Database".
π΄ Cyberattackers Hoop NBA Fan Data via Third-Party Vendor π΄
π Read
via "Dark Reading".
The basketball playoffs are around the corner and convincing social-engineering attacks on fans using NBA-themed lures could be too.π Read
via "Dark Reading".
Dark Reading
Cyberattackers Hoop NBA Fan Data via Third-Party Vendor
The basketball playoffs are around the corner and convincing social-engineering attacks on fans using NBA-themed lures could be too.
β Bitcoin ATM customers hacked by video upload that was actually an app β
π Read
via "Naked Security".
As the misquote goes, "Once is misfortune..." This is the second time, and you know what Lady Bracknell had to say about that...π Read
via "Naked Security".
Naked Security
Bitcoin ATM customers hacked by video upload that was actually an app
As the misquote goes, βOnce is misfortuneβ¦β This is the second time, and you know what Lady Bracknell had to say about thatβ¦
π€1
π΄ Cops Nab BreachForums Boss in New York π΄
π Read
via "Dark Reading".
The alleged mastermind of hacker forum Breach Forums, "pompompurin," has been arrested in New York City, according to court documents.π Read
via "Dark Reading".
Dark Reading
Cops Nab BreachForums Boss in New York
The alleged mastermind of hacker forum BreachForums, "pompompurin," has been arrested in New York City, according to court documents.
βΌ CVE-2023-0876 βΌ
π Read
via "National Vulnerability Database".
The WP Meta SEO WordPress plugin before 4.5.3 does not authorize several ajax actions, allowing low-privilege users to make updates to certain data and leading to an arbitrary redirect vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2023-27586 βΌ
π Read
via "National Vulnerability Database".
CairoSVG is an SVG converter based on Cairo, a 2D graphics library. Prior to version 2.7.0, Cairo can send requests to external hosts when processing SVG files. A malicious actor could send a specially crafted SVG file that allows them to perform a server-side request forgery or denial of service. Version 2.7.0 disables CairoSVG's ability to access other files online by default.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0167 βΌ
π Read
via "National Vulnerability Database".
The GetResponse for WordPress plugin through 5.5.31 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.π Read
via "National Vulnerability Database".
βΌ CVE-2022-3894 βΌ
π Read
via "National Vulnerability Database".
The WP OAuth Server (OAuth Authentication) WordPress plugin before 4.2.5 does not have CSRF check when deleting a client, and does not ensure that the object to be deleted is actually a client, which could allow attackers to make a logged in admin delete arbitrary client and post via a CSRF attack.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0937 βΌ
π Read
via "National Vulnerability Database".
The VK All in One Expansion Unit WordPress plugin before 9.87.1.0 does not escape the $_SERVER['REQUEST_URI'] parameter before outputting it back in an attribute, which could lead to Reflected Cross-Site Scripting in old web browsersπ Read
via "National Vulnerability Database".
βΌ CVE-2023-0940 βΌ
π Read
via "National Vulnerability Database".
The ProfileGrid WordPress plugin before 5.3.1 provides an AJAX endpoint for resetting a user password but does not implement proper authorization. This allows a user with low privileges, such as subscriber, to change the password of any account, including Administrator ones.π Read
via "National Vulnerability Database".
βΌ CVE-2023-22288 βΌ
π Read
via "National Vulnerability Database".
HTML Email Injection in Tribe29 Checkmk <=2.1.0p23; <=2.0.0p34, and all versions of Checkmk 1.6.0 allows an authenticated attacker to inject malicious HTML into Emailsπ Read
via "National Vulnerability Database".
βΌ CVE-2023-0630 βΌ
π Read
via "National Vulnerability Database".
The Slimstat Analytics WordPress plugin before 4.9.3.3 does not prevent subscribers from rendering shortcodes that concatenates attributes directly into an SQL query.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0340 βΌ
π Read
via "National Vulnerability Database".
The Custom Content Shortcode WordPress plugin through 4.0.2 does not validate one of its shortcode attribute, which could allow users with a contributor role and above to include arbitrary files via a traversal attack. This could also allow them to read non PHP files and retrieve their content. RCE could also be achieved if the attacker manage to upload a malicious image containing PHP code, and then include it via the affected attribute, on a default WP install, authors could easily achieve that given that they have the upload_file capability.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0369 βΌ
π Read
via "National Vulnerability Database".
The GoToWP WordPress plugin through 5.1.1 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0875 βΌ
π Read
via "National Vulnerability Database".
The WP Meta SEO WordPress plugin before 4.5.3 does not properly sanitize and escape inputs into SQL queries, leading to a blind SQL Injection vulnerability that can be exploited by subscriber+ users.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0145 βΌ
π Read
via "National Vulnerability Database".
The Saan World Clock WordPress plugin through 1.8 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.π Read
via "National Vulnerability Database".