βΌ CVE-2023-22264 βΌ
π Read
via "National Vulnerability Database".
Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction.π Read
via "National Vulnerability Database".
βΌ CVE-2023-22253 βΌ
π Read
via "National Vulnerability Database".
Experience Manager versions 6.5.15.0 (and earlier) are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.π Read
via "National Vulnerability Database".
βΌ CVE-2023-22252 βΌ
π Read
via "National Vulnerability Database".
Experience Manager versions 6.5.15.0 (and earlier) are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.π Read
via "National Vulnerability Database".
βΌ CVE-2023-22261 βΌ
π Read
via "National Vulnerability Database".
Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction.π Read
via "National Vulnerability Database".
βΌ CVE-2023-22269 βΌ
π Read
via "National Vulnerability Database".
Experience Manager versions 6.5.15.0 (and earlier) are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.π Read
via "National Vulnerability Database".
βΌ CVE-2023-22259 βΌ
π Read
via "National Vulnerability Database".
Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction.π Read
via "National Vulnerability Database".
βΌ CVE-2023-21616 βΌ
π Read
via "National Vulnerability Database".
Experience Manager versions 6.5.15.0 (and earlier) are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.π Read
via "National Vulnerability Database".
βΌ CVE-2023-25860 βΌ
π Read
via "National Vulnerability Database".
Illustrator version 26.5.2 (and earlier) and 27.2.0 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.π Read
via "National Vulnerability Database".
βΌ CVE-2023-22254 βΌ
π Read
via "National Vulnerability Database".
Experience Manager versions 6.5.15.0 (and earlier) are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.π Read
via "National Vulnerability Database".
βΌ CVE-2023-25862 βΌ
π Read
via "National Vulnerability Database".
Illustrator version 26.5.2 (and earlier) and 27.2.0 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.π Read
via "National Vulnerability Database".
βΌ CVE-2023-22258 βΌ
π Read
via "National Vulnerability Database".
Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction.π Read
via "National Vulnerability Database".
βΌ CVE-2023-27754 βΌ
π Read
via "National Vulnerability Database".
vox2mesh 1.0 has stack-overflow in main.cpp, this is stack-overflow caused by incorrect use of memcpy() funciton. The flow allows an attacker to cause a denial of service (abort) via a crafted file.π Read
via "National Vulnerability Database".
βΌ CVE-2023-22256 βΌ
π Read
via "National Vulnerability Database".
Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction.π Read
via "National Vulnerability Database".
βΌ CVE-2023-1573 βΌ
π Read
via "National Vulnerability Database".
A vulnerability was found in DataGear up to 1.11.1 and classified as problematic. This issue affects some unknown processing of the component Graph Dataset Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. Upgrading to version 1.12.0 is able to address this issue. It is recommended to upgrade the affected component. The identifier VDB-223565 was assigned to this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2023-26426 βΌ
π Read
via "National Vulnerability Database".
Illustrator version 26.5.2 (and earlier) and 27.2.0 (and earlier) are affected by a Use After Free vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.π Read
via "National Vulnerability Database".
βΌ CVE-2023-21615 βΌ
π Read
via "National Vulnerability Database".
Experience Manager versions 6.5.15.0 (and earlier) are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.π Read
via "National Vulnerability Database".
βΌ CVE-2022-3938 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2023-22265 βΌ
π Read
via "National Vulnerability Database".
Experience Manager versions 6.5.15.0 (and earlier) are affected by a URL Redirection to Untrusted Site ('Open Redirect') vulnerability. A low-privilege authenticated attacker could leverage this vulnerability to redirect users to malicious websites. Exploitation of this issue requires user interaction.π Read
via "National Vulnerability Database".
π΄ XM Cyber Announces Acquisition of Confluera, Adding Run-Time Protection on Cloud Workloads π΄
π Read
via "Dark Reading".
π Read
via "Dark Reading".
Dark Reading
XM Cyber Announces Acquisition of Confluera, Adding Run-Time Protection on Cloud Workloads
HERZLIYA, Israel and PALO ALTO, Calif., March 22, 2023 /PRNewswire/ -- XM Cyber, the leader in hybrid cloud security, announced today the acquisition of Confluera, a pioneer in next-generation cyber attack detection and response for the cloud. XM Cyber nowβ¦
π΄ Vectra Unifies AI-Driven Behavior-Based Detection and Signature-Based Detection π΄
π Read
via "Dark Reading".
π Read
via "Dark Reading".
Dark Reading
Vectra Unifies AI-Driven Behavior-Based Detection and Signature-Based Detection
SAN JOSE, Calif., March 22, 2023 /PRNewswire/ -- Vectra AI, the leader in AI-driven hybrid cloud threat detection and response, today announced the introduction of Vectra Match. Vectra Match brings intrusion detection signature context to Vectra Network Detectionβ¦
π΄ Lightspin Launches Remediation Hub to Identify and Fix Cloud Security Threats π΄
π Read
via "Dark Reading".
π Read
via "Dark Reading".
Dark Reading
Lightspin Launches Remediation Hub to Identify and Fix Cloud Security Threats
NEW YORK , March 22, 2023 /PRNewswire/ -- Lightspin, the leading cloud security solution for SaaS companies, today launched the Remediation Hub as part of its cloud-native application protection platform (CNAPP) solution. An evolution of Lightspin's rootβ¦