๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
@cibsecurity
25.8K subscribers
89.2K links
๐Ÿ—ž The finest daily news on cybersecurity and privacy.

๐Ÿ”” Daily releases.

๐Ÿ’ป Is your online life secure?

๐Ÿ“ฉ lalilolalo.dev@gmail.com
Download Telegram
About
Blog
Apps
Platform
Join
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
25.8K subscribers
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-25542 โ€ผ

Dell Trusted Device Agent, versions prior to 5.3.0, contain(s) an improper installation permissions vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to escalated privileges.

๐Ÿ“– Read

via "National Vulnerability Database".
373 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-29416 โ€ผ

An issue was discovered in libbzip3.a in bzip3 before 1.3.0. A bz3_decode_block out-of-bounds write can occur with a crafted archive because bzip3 does not follow the required procedure for interacting with libsais.

๐Ÿ“– Read

via "National Vulnerability Database".
317 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-29419 โ€ผ

An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is a bz3_decode_block out-of-bounds read.

๐Ÿ“– Read

via "National Vulnerability Database".
229 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-29421 โ€ผ

An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is an out-of-bounds write in bz3_decode_block.

๐Ÿ“– Read

via "National Vulnerability Database".
198 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-23982 โ€ผ

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPGear.Pro WPFrom Email plugin <= 1.8.8 versions.

๐Ÿ“– Read

via "National Vulnerability Database".
176 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-29415 โ€ผ

An issue was discovered in libbzip3.a in bzip3 before 1.3.0. A denial of service (process hang) can occur with a crafted archive because bzip3 does not follow the required procedure for interacting with libsais.

๐Ÿ“– Read

via "National Vulnerability Database".
167 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-24003 โ€ผ

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Timersys WP Popups รขโ‚ฌโ€œ WordPress Popup plugin <= 2.1.4.8 versions.

๐Ÿ“– Read

via "National Vulnerability Database".
161 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-23979 โ€ผ

Unauth. Stored Cross-Site Scripting (XSS) vulnerability in Fullworks Quick Event Manager plugin <= 9.7.4 versions.

๐Ÿ“– Read

via "National Vulnerability Database".
159 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-29420 โ€ผ

An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is a crash caused by an invalid memmove in bz3_decode_block.

๐Ÿ“– Read

via "National Vulnerability Database".
168 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-24006 โ€ผ

Auth. (admin+) Cross-Site Scripting (XSS) vulnerability in Link Software LLC WP Terms Popup plugin <= 2.6.0 versions.

๐Ÿ“– Read

via "National Vulnerability Database".
161 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-23815 โ€ผ

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Alan Jackson Multi-column Tag Map plugin <= 17.0.24 versions.

๐Ÿ“– Read

via "National Vulnerability Database".
154 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-28046 โ€ผ

Dell Display Manager, versions 2.1.0 and prior, contains an arbitrary file or folder deletion vulnerability during uninstallation A local low privilege attacker could potentially exploit this vulnerability, leading to the deletion of arbitrary files on the operating system with high privileges.

๐Ÿ“– Read

via "National Vulnerability Database".
177 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-23971 โ€ผ

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in CodePeople WP Time Slots Booking Form plugin <= 1.1.81 versions.

๐Ÿ“– Read

via "National Vulnerability Database".
179 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-24001 โ€ผ

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Yannick Lefebvre Modal Dialog plugin <= 3.5.9 versions.

๐Ÿ“– Read

via "National Vulnerability Database".
191 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-29418 โ€ผ

An issue was discovered in libbzip3.a in bzip3 before 1.2.3. There is an xwrite out-of-bounds read.

๐Ÿ“– Read

via "National Vulnerability Database".
203 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-24002 โ€ผ

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPdevart YouTube Embed, Playlist and Popup by WpDevArt plugin <= 2.6.3 versions.

๐Ÿ“– Read

via "National Vulnerability Database".
223 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-23987 โ€ผ

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WPEverest User Registration plugin <= 2.3.0 versions.

๐Ÿ“– Read

via "National Vulnerability Database".
258 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-23980 โ€ผ

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in MailOptin Popup Builder Team MailOptin plugin <= 1.2.54.0 versions.

๐Ÿ“– Read

via "National Vulnerability Database".
297 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-1802 โ€ผ

In Docker Desktop 4.17.x the Artifactory Integration falls back to sending registry credentials over plain HTTP if the HTTPS health check has failed. A targeted network sniffing attack can lead to a disclosure of sensitive information. Only users who have Access Experimental Features enabled and have logged in to a private registry are affected.

๐Ÿ“– Read

via "National Vulnerability Database".
352 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
๐Ÿ•ด The Pope's Security Gets a Boost With Vatican's MDM Move ๐Ÿ•ด

Faced with enterprise challenges, the Holy See looks to ensure it avoids a "holey" mobile device management solution.

๐Ÿ“– Read

via "Dark Reading".
Dark Reading
The Pope's Security Gets a Boost With Vatican's MDM Move
Faced with enterprise challenges, the Holy See looks to ensure it avoids a "holey" mobile device management solution.
337 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
๐Ÿ•ด Styx Marketplace Provides Hub for Financial Cybercrime ๐Ÿ•ด

An emerging, illicit marketplace proves that financial cybercrime is still on the rise, with a need for countries to collectively put safeguards in place.

๐Ÿ“– Read

via "Dark Reading".
Dark Reading
Styx Marketplace Provides Hub for Financial Cybercrime
An emerging, illicit marketplace proves that financial cybercrime is still on the rise, with a need for countries to collectively put safeguards in place.
320 views