βΌ CVE-2023-1527 βΌ
π Read
via "National Vulnerability Database".
Cross-site Scripting (XSS) - Generic in GitHub repository tsolucio/corebos prior to 8.0.π Read
via "National Vulnerability Database".
βΌ CVE-2016-15029 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been found in Ydalb mapicoin up to 1.9.0 and classified as problematic. This vulnerability affects unknown code of the file webroot/stats.php. The manipulation of the argument link/search leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 1.10.0 is able to address this issue. The name of the patch is 67e87f0f0c1ac238fcd050f4c3db298229bc9679. It is recommended to upgrade the affected component. VDB-223402 is the identifier assigned to this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2023-1545 βΌ
π Read
via "National Vulnerability Database".
SQL Injection in GitHub repository nilsteampassnet/teampass prior to 3.0.0.23.π Read
via "National Vulnerability Database".
βΌ CVE-2023-27984 βΌ
π Read
via "National Vulnerability Database".
A CWE-20: Improper Input Validation vulnerability exists in Custom Reports that could cause a macro to be executed, potentially leading to remote code execution when a user opens a malicious report file planted by an attacker. Affected Products: IGSS Data Server(IGSSdataServer.exe)(V16.0.0.23040 and prior), IGSS Dashboard(DashBoard.exe)(V16.0.0.23040 and prior), Custom Reports(RMS16.dll)(V16.0.0.23040 and prior).π Read
via "National Vulnerability Database".
βΌ CVE-2023-27981 βΌ
π Read
via "National Vulnerability Database".
A CWE-22: Improper Limitation of a Pathname to a Restricted Directory vulnerability exists in Custom Reports that could cause a remote code execution when a victim tries to open a malicious report. Affected Products: IGSS Data Server(IGSSdataServer.exe)(V16.0.0.23040 and prior), IGSS Dashboard(DashBoard.exe)(V16.0.0.23040 and prior), Custom Reports(RMS16.dll)(V16.0.0.23040 and prior).π Read
via "National Vulnerability Database".
π’ Bitwarden to release fix for four-year-old vulnerability π’
π Read
via "ITPro".
The password manager knew about the issue since 2018, exploits for which were highlighted in a Flashpoint report earlier in Marchπ Read
via "ITPro".
ITPro
Bitwarden to release fix for four-year-old vulnerability
The password manager knew about the issue since 2018, exploits for which were highlighted in a Flashpoint report earlier in March
π’ Podcast transcript: The changing face of cyber warfare π’
π Read
via "ITPro".
Read the full transcript for this episode of ITPro Podcastπ Read
via "ITPro".
ITPro
Podcast transcript: The changing face of cyber warfare
Read the full transcript for this episode of ITPro Podcast
π’ ITPro Podcast: The changing face of cyber warfare π’
π Read
via "ITPro".
Russian-sponsored cyber attacks may not have had the feared impact, but for Europe theyβre here to stayπ Read
via "ITPro".
ITPro
ITPro Podcast: The changing face of cyber warfare
Russian-sponsored cyber attacks may not have had the feared impact, but for Europe theyβre here to stay
π’ Latitude hack leaves customers unable to protect their accounts π’
π Read
via "ITPro".
The cyber attack has affected around 330,000 customers, although the company has said this is likely to increaseπ Read
via "ITPro".
ITPro
Latitude hack now under state investigation as customers struggle to protect their accounts
The cyber attack has affected around 330,000 customers, although the company has said this is likely to increase
π’ Hacker who ran BreachForums could face 20 years in prison π’
π Read
via "ITPro".
The hacker behind BreachForums is thought to have been involved in a string of cyber attacksπ Read
via "ITPro".
ITPro
Hacker who ran BreachForums could face 20 years in prison
The hacker behind BreachForums is thought to have been involved in a string of cyber attacks
π1
π’ Free decryptor released for Conti ransomware variant infecting hundreds of organisations π’
π Read
via "ITPro".
Hundreds of organisations and state institutions are believed to have been impacted by the strainπ Read
via "ITPro".
ITPro
Free decryptor released for Conti ransomware variant infecting hundreds of organisations
Hundreds of organisations and state institutions are believed to have been impacted by the strain
π΄ Controlling Third-Party Data Risk Should Be a Top Cybersecurity Priority π΄
π Read
via "Dark Reading".
Third-party breaches have a wide effect that legacy security practices can no longer detect.π Read
via "Dark Reading".
Dark Reading
Controlling Third-Party Data Risk Should Be a Top Cybersecurity Priority
Third-party breaches have a wide effect that legacy security practices can no longer detect.
βΌ CVE-2023-1153 βΌ
π Read
via "National Vulnerability Database".
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Pacsrapor allows SQL Injection, Command Line Execution through SQL Injection.This issue affects Pacsrapor: before 1.22.π Read
via "National Vulnerability Database".
βΌ CVE-2023-27979 βΌ
π Read
via "National Vulnerability Database".
A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists in the Data Server that could allow the renaming of files in the IGSS project report directory, this could lead to denial of service when an attacker sends specific crafted messages to the Data Server TCP port. Affected Products: IGSS Data Server(IGSSdataServer.exe)(V16.0.0.23040 and prior), IGSS Dashboard(DashBoard.exe)(V16.0.0.23040 and prior), Custom Reports(RMS16.dll)(V16.0.0.23040 and prior).π Read
via "National Vulnerability Database".
βΌ CVE-2023-1314 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been discovered in cloudflared's installer (<= 2023.3.0) for Windows 32-bits devices that allows a local attacker with no administrative permissions to escalate their privileges on the affected device. This vulnerability exists because the MSI installer used by cloudflared relied on a world-writable directory. An attacker with local access to the device (without Administrator rights) can use symbolic links to trick the MSI installer into deleting files in locations that the attacker would otherwise have no access to. By creating a symlink from the world-writable directory to the target file, the attacker can manipulate the MSI installer's repair functionality to delete the target file during the repair process. Exploitation of this vulnerability could allow an attacker to delete important system files or replace them with malicious files, potentially leading to the affected device being compromised. The cloudflared client itself is not affected by this vulnerability, only the installer for 32-bit Windows devices.π Read
via "National Vulnerability Database".
βΌ CVE-2023-27977 βΌ
π Read
via "National Vulnerability Database".
A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists in the Data Server that could cause access to delete files in the IGSS project report directory, this could lead to loss of data when an attacker sends specific crafted messages to the Data Server TCP port. Affected Products: IGSS Data Server(IGSSdataServer.exe)(V16.0.0.23040 and prior), IGSS Dashboard(DashBoard.exe)(V16.0.0.23040 and prior), Custom Reports(RMS16.dll)(V16.0.0.23040 and prior).π Read
via "National Vulnerability Database".
βΌ CVE-2022-42332 βΌ
π Read
via "National Vulnerability Database".
x86 shadow plus log-dirty mode use-after-free In environments where host assisted address translation is necessary but Hardware Assisted Paging (HAP) is unavailable, Xen will run guests in so called shadow mode. Shadow mode maintains a pool of memory used for both shadow page tables as well as auxiliary data structures. To migrate or snapshot guests, Xen additionally runs them in so called log-dirty mode. The data structures needed by the log-dirty tracking are part of aformentioned auxiliary data. In order to keep error handling efforts within reasonable bounds, for operations which may require memory allocations shadow mode logic ensures up front that enough memory is available for the worst case requirements. Unfortunately, while page table memory is properly accounted for on the code path requiring the potential establishing of new shadows, demands by the log-dirty infrastructure were not taken into consideration. As a result, just established shadow page tables could be freed again immediately, while other code is still accessing them on the assumption that they would remain allocated.π Read
via "National Vulnerability Database".
βΌ CVE-2022-42331 βΌ
π Read
via "National Vulnerability Database".
x86: speculative vulnerability in 32bit SYSCALL path Due to an oversight in the very original Spectre/Meltdown security work (XSA-254), one entrypath performs its speculation-safety actions too late. In some configurations, there is an unprotected RET instruction which can be attacked with a variety of speculative attacks.π Read
via "National Vulnerability Database".
βΌ CVE-2022-42334 βΌ
π Read
via "National Vulnerability Database".
x86/HVM pinned cache attributes mis-handling T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] To allow cachability control for HVM guests with passed through devices, an interface exists to explicitly override defaults which would otherwise be put in place. While not exposed to the affected guests themselves, the interface specifically exists for domains controlling such guests. This interface may therefore be used by not fully privileged entities, e.g. qemu running deprivileged in Dom0 or qemu running in a so called stub-domain. With this exposure it is an issue that - the number of the such controlled regions was unbounded (CVE-2022-42333), - installation and removal of such regions was not properly serialized (CVE-2022-42334).π Read
via "National Vulnerability Database".
βΌ CVE-2023-1154 βΌ
π Read
via "National Vulnerability Database".
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pacsrapor allows Reflected XSS.This issue affects Pacsrapor: before 1.22.π Read
via "National Vulnerability Database".
βΌ CVE-2022-42333 βΌ
π Read
via "National Vulnerability Database".
x86/HVM pinned cache attributes mis-handling T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] To allow cachability control for HVM guests with passed through devices, an interface exists to explicitly override defaults which would otherwise be put in place. While not exposed to the affected guests themselves, the interface specifically exists for domains controlling such guests. This interface may therefore be used by not fully privileged entities, e.g. qemu running deprivileged in Dom0 or qemu running in a so called stub-domain. With this exposure it is an issue that - the number of the such controlled regions was unbounded (CVE-2022-42333), - installation and removal of such regions was not properly serialized (CVE-2022-42334).π Read
via "National Vulnerability Database".