βΌ CVE-2023-1976 βΌ
π Read
via "National Vulnerability Database".
Password Aging with Long Expiration in GitHub repository answerdev/answer prior to 1.1.0.π Read
via "National Vulnerability Database".
βΌ CVE-2023-29054 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been identified in SCALANCE X200-4P IRT (All versions < V5.5.2), SCALANCE X201-3P IRT (All versions < V5.5.2), SCALANCE X201-3P IRT PRO (All versions < V5.5.2), SCALANCE X202-2IRT (All versions < V5.5.2), SCALANCE X202-2IRT (All versions < V5.5.2), SCALANCE X202-2P IRT (All versions < V5.5.2), SCALANCE X202-2P IRT PRO (All versions < V5.5.2), SCALANCE X204IRT (All versions < V5.5.2), SCALANCE X204IRT (All versions < V5.5.2), SCALANCE X204IRT PRO (All versions < V5.5.2), SCALANCE XF201-3P IRT (All versions < V5.5.2), SCALANCE XF202-2P IRT (All versions < V5.5.2), SCALANCE XF204-2BA IRT (All versions < V5.5.2), SCALANCE XF204IRT (All versions < V5.5.2), SIPLUS NET SCALANCE X202-2P IRT (All versions < V5.5.2). The SSH server on affected devices is configured to offer weak ciphers by default. This could allow an unauthorized attacker in a man-in-the-middle position to read and modify any data passed over the connection between legitimate clients and the affected device.π Read
via "National Vulnerability Database".
βΌ CVE-2023-28828 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been identified in Polarion ALM (All versions < V2304.0). The application contains a XML External Entity Injection (XXE) vulnerability. This could allow an attacker to view files on the application server filesystem.π Read
via "National Vulnerability Database".
βΌ CVE-2022-43767 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions), SIMATIC CP 1243-1 (All versions), SIMATIC CP 1243-1 DNP3 (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-1 IEC (incl. SIPLUS variants) (All versions), SIMATIC CP 1243-7 LTE EU (All versions), SIMATIC CP 1243-7 LTE US (All versions), SIMATIC CP 1243-8 IRC (All versions), SIMATIC CP 1542SP-1 (All versions), SIMATIC CP 1542SP-1 IRC (All versions), SIMATIC CP 1543SP-1 (All versions), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 (All versions < V3.3), SIMATIC CP 443-1 Advanced (All versions < V3.3), SIMATIC IPC DiagBase (All versions), SIMATIC IPC DiagMonitor (All versions), SIPLUS ET 200SP CP 1542SP-1 IRC TX RAIL (All versions), SIPLUS ET 200SP CP 1543SP-1 ISEC (All versions), SIPLUS ET 200SP CP 1543SP-1 ISEC TX RAIL (All versions), SIPLUS NET CP 1242-7 V2 (All versions), SIPLUS NET CP 443-1 (All versions < V3.3), SIPLUS NET CP 443-1 Advanced (All versions < V3.3), SIPLUS S7-1200 CP 1243-1 (All versions), SIPLUS S7-1200 CP 1243-1 RAIL (All versions), SIPLUS TIM 1531 IRC (All versions < V2.3.6), TIM 1531 IRC (All versions < V2.3.6). The webserver of the affected products contains a vulnerability that may lead to a denial of service condition. An attacker may cause a denial of service situation of the webserver of the affected product.π Read
via "National Vulnerability Database".
βΌ CVE-2023-28489 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05), CP-8050 MASTER MODULE (All versions < CPCI85 V05). Affected devices are vulnerable to command injection via the web server port 443/tcp, if the parameter Γ’β¬ΕRemote OperationΓ’β¬οΏ½ is enabled. The parameter is disabled by default. The vulnerability could allow an unauthenticated remote attacker to perform arbitrary code execution on the device.π Read
via "National Vulnerability Database".
βΌ CVE-2023-29053 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been identified in JT Open (All versions < V11.3.2.0), JT Utilities (All versions < V13.3.0.0). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted JT files. This could allow an attacker to execute code in the context of the current process.π Read
via "National Vulnerability Database".
π΄ Samsung Engineers Feed Sensitive Data to ChatGPT, Sparking Workplace AI Warnings π΄
π Read
via "Dark Reading".
In three separate incidents, engineers at the Korean electronics giant reportedly shared sensitive corporate data with the AI-powered chatbot.π Read
via "Dark Reading".
Dark Reading
Samsung Engineers Feed Sensitive Data to ChatGPT, Sparking Workplace AI Warnings
In three separate incidents, engineers at the Korean electronics giant reportedly shared sensitive corporate data with the AI-powered chatbot.
π΄ Israeli Irrigation Water Controllers & Postal Service Breached π΄
π Read
via "Dark Reading".
Israel's National Cyber Defense is warning of increased cyberattacks by anti-Israel groups during the month of Ramadan.π Read
via "Dark Reading".
Dark Reading
Israeli Irrigation Water Controllers & Postal Service Breached
Israel's National Cyber Defense is warning of increased cyberattacks by anti-Israel groups during the month of Ramadan.
π΄ How Password Managers Can Get Hacked π΄
π Read
via "Dark Reading".
Password managers aren't foolproof, but they do help mitigate risks from weak credentials and password reuse. Following best practices can contribute to a company's defenses.π Read
via "Dark Reading".
Dark Reading
How Password Managers Can Get Hacked
Password managers aren't foolproof, but they do help mitigate risks from weak credentials and password reuse. Following best practices can contribute to a company's defenses.
π΄ How CIEM Can Improve Identity, Permissions Management for Multicloud Deployments π΄
π Read
via "Dark Reading".
The gap between permissions granted and permissions used exposes organizations to increased risk. (Part two of a two-part series.)π Read
via "Dark Reading".
Dark Reading
How CIEM Can Improve Identity, Permissions Management for Multicloud Deployments
The gap between permissions granted and permissions used exposes organizations to increased risk. (Part two of a two-part series.)
βΌ CVE-2023-26917 βΌ
π Read
via "National Vulnerability Database".
libyang from v2.0.164 to v2.1.30 was discovered to contain a NULL pointer dereference via the function lysp_stmt_validate_value at lys_parse_mem.c.π Read
via "National Vulnerability Database".
βΌ CVE-2022-47464 βΌ
π Read
via "National Vulnerability Database".
In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service.π Read
via "National Vulnerability Database".
βΌ CVE-2022-47338 βΌ
π Read
via "National Vulnerability Database".
In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service.π Read
via "National Vulnerability Database".
π1
βΌ CVE-2022-47467 βΌ
π Read
via "National Vulnerability Database".
In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service.π Read
via "National Vulnerability Database".
βΌ CVE-2022-47337 βΌ
π Read
via "National Vulnerability Database".
In media service, there is a missing permission check. This could lead to local denial of service in media service.π Read
via "National Vulnerability Database".
βΌ CVE-2022-47468 βΌ
π Read
via "National Vulnerability Database".
In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service.π Read
via "National Vulnerability Database".
βΌ CVE-2022-47465 βΌ
π Read
via "National Vulnerability Database".
In vdsp service, there is a missing permission check. This could lead to local denial of service in vdsp service.π Read
via "National Vulnerability Database".
βΌ CVE-2023-27645 βΌ
π Read
via "National Vulnerability Database".
An issue found in POWERAMP audioplayer build 925 bundle play and build 954 allows a remote attacker to gain privileges via the reverb and EQ preset parameters.π Read
via "National Vulnerability Database".
βΌ CVE-2022-47362 βΌ
π Read
via "National Vulnerability Database".
In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service.π Read
via "National Vulnerability Database".
βΌ CVE-2022-47466 βΌ
π Read
via "National Vulnerability Database".
In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service.π Read
via "National Vulnerability Database".
π1
βΌ CVE-2022-47463 βΌ
π Read
via "National Vulnerability Database".
In telecom service, there is a missing permission check. This could lead to local denial of service in telecom service.π Read
via "National Vulnerability Database".