βΌ CVE-2023-27977 βΌ
π Read
via "National Vulnerability Database".
A CWE-345: Insufficient Verification of Data Authenticity vulnerability exists in the Data Server that could cause access to delete files in the IGSS project report directory, this could lead to loss of data when an attacker sends specific crafted messages to the Data Server TCP port. Affected Products: IGSS Data Server(IGSSdataServer.exe)(V16.0.0.23040 and prior), IGSS Dashboard(DashBoard.exe)(V16.0.0.23040 and prior), Custom Reports(RMS16.dll)(V16.0.0.23040 and prior).π Read
via "National Vulnerability Database".
βΌ CVE-2022-42332 βΌ
π Read
via "National Vulnerability Database".
x86 shadow plus log-dirty mode use-after-free In environments where host assisted address translation is necessary but Hardware Assisted Paging (HAP) is unavailable, Xen will run guests in so called shadow mode. Shadow mode maintains a pool of memory used for both shadow page tables as well as auxiliary data structures. To migrate or snapshot guests, Xen additionally runs them in so called log-dirty mode. The data structures needed by the log-dirty tracking are part of aformentioned auxiliary data. In order to keep error handling efforts within reasonable bounds, for operations which may require memory allocations shadow mode logic ensures up front that enough memory is available for the worst case requirements. Unfortunately, while page table memory is properly accounted for on the code path requiring the potential establishing of new shadows, demands by the log-dirty infrastructure were not taken into consideration. As a result, just established shadow page tables could be freed again immediately, while other code is still accessing them on the assumption that they would remain allocated.π Read
via "National Vulnerability Database".
βΌ CVE-2022-42331 βΌ
π Read
via "National Vulnerability Database".
x86: speculative vulnerability in 32bit SYSCALL path Due to an oversight in the very original Spectre/Meltdown security work (XSA-254), one entrypath performs its speculation-safety actions too late. In some configurations, there is an unprotected RET instruction which can be attacked with a variety of speculative attacks.π Read
via "National Vulnerability Database".
βΌ CVE-2022-42334 βΌ
π Read
via "National Vulnerability Database".
x86/HVM pinned cache attributes mis-handling T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] To allow cachability control for HVM guests with passed through devices, an interface exists to explicitly override defaults which would otherwise be put in place. While not exposed to the affected guests themselves, the interface specifically exists for domains controlling such guests. This interface may therefore be used by not fully privileged entities, e.g. qemu running deprivileged in Dom0 or qemu running in a so called stub-domain. With this exposure it is an issue that - the number of the such controlled regions was unbounded (CVE-2022-42333), - installation and removal of such regions was not properly serialized (CVE-2022-42334).π Read
via "National Vulnerability Database".
βΌ CVE-2023-1154 βΌ
π Read
via "National Vulnerability Database".
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Pacsrapor allows Reflected XSS.This issue affects Pacsrapor: before 1.22.π Read
via "National Vulnerability Database".
βΌ CVE-2022-42333 βΌ
π Read
via "National Vulnerability Database".
x86/HVM pinned cache attributes mis-handling T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] To allow cachability control for HVM guests with passed through devices, an interface exists to explicitly override defaults which would otherwise be put in place. While not exposed to the affected guests themselves, the interface specifically exists for domains controlling such guests. This interface may therefore be used by not fully privileged entities, e.g. qemu running deprivileged in Dom0 or qemu running in a so called stub-domain. With this exposure it is an issue that - the number of the such controlled regions was unbounded (CVE-2022-42333), - installation and removal of such regions was not properly serialized (CVE-2022-42334).π Read
via "National Vulnerability Database".
βΌ CVE-2023-27874 βΌ
π Read
via "National Vulnerability Database".
IBM Aspera Faspex 4.4.2 is vulnerable to an XML external entity injection (XXE) attack when processing XML data. A remote authenticated attacker could exploit this vulnerability to execute arbitrary commands. IBM X-Force ID: 249845.π Read
via "National Vulnerability Database".
βΌ CVE-2023-25689 βΌ
π Read
via "National Vulnerability Database".
IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1 , and 4.1.1 could allow a remote attacker to traverse directories on the system. An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to view arbitrary files on the system. IBM X-Force ID: 247618.π Read
via "National Vulnerability Database".
βΌ CVE-2023-27873 βΌ
π Read
via "National Vulnerability Database".
IBM Aspera Faspex 4.4.2 could allow a remote authenticated attacker to obtain sensitive credential information using specially crafted XML input. IBM X-Force ID: 249654.π Read
via "National Vulnerability Database".
βΌ CVE-2023-27842 βΌ
π Read
via "National Vulnerability Database".
Insecure Permissions vulnerability found in Extplorer File manager eXtplorer v.2.1.15 allows a remote attacker to execute arbitrary code via the index.php compenentπ Read
via "National Vulnerability Database".
βΌ CVE-2023-27983 βΌ
π Read
via "National Vulnerability Database".
A CWE-306: Missing Authentication for Critical Function vulnerability exists in the Data Server TCP interface that could allow deletion of reports from the IGSS project report directory, this would lead to loss of data when an attacker abuses this functionality. Affected Products: IGSS Data Server(IGSSdataServer.exe)(V16.0.0.23040 and prior), IGSS Dashboard(DashBoard.exe)(V16.0.0.23040 and prior), Custom Reports(RMS16.dll)(V16.0.0.23040 and prior).π Read
via "National Vulnerability Database".
βΌ CVE-2023-25687 βΌ
π Read
via "National Vulnerability Database".
IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 could allow an authenticated user to obtain sensitive information from log files. IBM X-Force ID: 247602.π Read
via "National Vulnerability Database".
βΌ CVE-2023-27871 βΌ
π Read
via "National Vulnerability Database".
IBM Aspera Faspex 4.4.2 could allow a remote attacker to obtain sensitive credential information for an external user, using a specially crafted SQL query. IBM X-Force ID: 249613.π Read
via "National Vulnerability Database".
π΄ Name That Toon: It's E-Live! π΄
π Read
via "Dark Reading".
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.π Read
via "Dark Reading".
Dark Reading
Name That Toon: It's E-Live!
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.
β Bitcoin ATM customers hacked by video upload that was actually an app β
π Read
via "Naked Security".
As the misquote goes, "Once is misfortune..." This is the second time, and you know what Lady Bracknell had to say about that...π Read
via "Naked Security".
Naked Security
Bitcoin ATM customers hacked by video upload that was actually an app
As the misquote goes, βOnce is misfortuneβ¦β This is the second time, and you know what Lady Bracknell had to say about thatβ¦
β Google Pixel phones had a serious data leakage bug β hereβs what to do! β
π Read
via "Naked Security".
What if the "safe" images you shared after carefully cropping them... had some or all of the "unsafe" pixels left behind anyway?π Read
via "Naked Security".
Naked Security
Google Pixel phones had a serious data leakage bug β hereβs what to do!
What if the βsafeβ images you shared after carefully cropping themβ¦ had some or all of the βunsafeβ pixels left behind anyway?
π OpenSSL Toolkit 3.1.0 π
π Read
via "Packet Storm Security".
OpenSSL is a robust, fully featured Open Source toolkit implementing the Secure Sockets Layer and Transport Layer Security protocols with full-strength cryptography world-wide. The 3.1.x series is the current major version of OpenSSL.π Read
via "Packet Storm Security".
Packetstormsecurity
OpenSSL Toolkit 3.1.0 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
βΌ CVE-2023-1304 βΌ
π Read
via "National Vulnerability Database".
An authenticated attacker can leverage an exposed getattr() method via a Jinja template to smuggle OS commands and perform other actions that are normally expected to be private methods. This issue was resolved in the Managed and SaaS deployments on February 1, 2023, and in version 23.2.1 of the Self-Managed version of InsightCloudSec.π Read
via "National Vulnerability Database".
βΌ CVE-2023-27570 βΌ
π Read
via "National Vulnerability Database".
The eo_tags package before 1.4.19 for PrestaShop allows SQL injection via a crafted _ga cookie.π Read
via "National Vulnerability Database".
βΌ CVE-2022-45635 βΌ
π Read
via "National Vulnerability Database".
An issue discovered in MEGAFEIS, BOFEI DBD+ Application for IOS & Android v1.4.4 allows attacker to gain access to sensitive account information via insecure password policy.π Read
via "National Vulnerability Database".
βΌ CVE-2023-25686 βΌ
π Read
via "National Vulnerability Database".
IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 stores user credentials in plain clear text which can be read by a local user. IBM X-Force ID: 247601.π Read
via "National Vulnerability Database".