βΌ CVE-2023-22354 βΌ
π Read
via "National Vulnerability Database".
Datakit CrossCadWare_x64.dll contains an out-of-bounds read past the end of an allocated buffer while parsing a specially crafted SLDPRT file. This vulnerability could allow an attacker to disclose sensitive information.π Read
via "National Vulnerability Database".
βΌ CVE-2023-22846 βΌ
π Read
via "National Vulnerability Database".
Datakit CrossCadWare_x64.dll contains an out-of-bounds read past the end of an allocated buffer while parsing a specially crafted SLDPRT file. This vulnerability could allow an attacker to disclose sensitive information.π Read
via "National Vulnerability Database".
βΌ CVE-2023-30076 βΌ
π Read
via "National Vulnerability Database".
Sourcecodester Judging Management System v1.0 is vulnerable to SQL Injection via /php-jms/print_judges.php?print_judges.php=&se_name=&sub_event_id=.π Read
via "National Vulnerability Database".
βΌ CVE-2023-30616 βΌ
π Read
via "National Vulnerability Database".
Form block is a wordpress plugin designed to make form creation easier. Versions prior to 1.0.2 are subject to a Cross-Site Request Forgery due to a missing nonce check. There is potential for a Cross Site Request Forgery for all form blocks, since it allows to send requests to the forms from any website without a user noticing. Users are advised to upgrade to version 1.0.2. There are no known workarounds for this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2023-29528 βΌ
π Read
via "National Vulnerability Database".
XWiki Commons are technical libraries common to several other top level XWiki projects. The "restricted" mode of the HTML cleaner in XWiki, introduced in version 4.2-milestone-1 and massively improved in version 14.6-rc-1, allowed the injection of arbitrary HTML code and thus cross-site scripting via invalid HTML comments. As a consequence, any code relying on this "restricted" mode for security is vulnerable to JavaScript injection ("cross-site scripting"/XSS). When a privileged user with programming rights visits such a comment in XWiki, the malicious JavaScript code is executed in the context of the user session. This allows server-side code execution with programming rights, impacting the confidentiality, integrity and availability of the XWiki instance. This problem has been patched in XWiki 14.10, HTML comments are now removed in restricted mode and a check has been introduced that ensures that comments don't start with `>`. There are no known workarounds apart from upgrading to a version including the fix.π Read
via "National Vulnerability Database".
βΌ CVE-2023-27495 βΌ
π Read
via "National Vulnerability Database".
@fastify/csrf-protection is a plugin which helps protect Fastify servers against CSRF attacks. The CSRF protection enforced by the @fastify/csrf-protection library in combination with @fastify/cookie can be bypassed from network and same-site attackers under certain conditions. @fastify/csrf-protection supports an optional userInfo parameter that binds the CSRF token to the user. This parameter has been introduced to prevent cookie-tossing attacks as a fix for CVE-2021-29624. Whenever userInfo parameter is missing, or its value can be predicted for the target user account, network and same-site attackers can 1. fixate a _csrf cookie in the victim's browser, and 2. forge CSRF tokens that are valid for the victim's session. This allows attackers to bypass the CSRF protection mechanism. As a fix, @fastify/csrf-protection starting from version 6.3.0 (and v4.1.0) includes a server-defined secret hmacKey that cryptographically binds the CSRF token to the value of the _csrf cookie and the userInfo parameter, making tokens non-spoofable by attackers. This protection is effective as long as the userInfo parameter is unique for each user. This is patched in versions 6.3.0 and v4.1.0. Users are advised to upgrade. Users unable to upgrade may use a random, non-predictable userInfo parameter for each user as a mitigation.π Read
via "National Vulnerability Database".
π΄ Major US CFPB Data Breach Caused by Employee π΄
π Read
via "Dark Reading".
The sensitivity of the personal information involved in the breach has yet to be determined by agency officials, but it affects 256,000 consumers.π Read
via "Dark Reading".
Dark Reading
Major US CFPB Data Breach Caused by Employee
The sensitivity of the personal information involved in the breach has yet to be determined by agency officials, but it affects 256,000 consumers.
π΄ 3CX Supply Chain Attack Tied to Financial Trading App Breach π΄
π Read
via "Dark Reading".
Mandiant found that North Korea's UNC4736 gained initial access on 3CX's network when an employee downloaded a weaponized but legitimately-signed app from Trading Technologies.π Read
via "Dark Reading".
Dark Reading
3CX Supply Chain Attack Tied to Financial Trading App Breach
Mandiant found that North Korea's UNC4736 gained initial access on 3CX's network when an employee downloaded a weaponized but legitimately-signed app from Trading Technologies.
βΌ CVE-2021-36436 βΌ
π Read
via "National Vulnerability Database".
An issue in Mobicint Backend for Credit Unions v3 allows attackers to retrieve partial email addresses and user entered information via submission to the forgotten-password endpoint.π Read
via "National Vulnerability Database".
βΌ CVE-2023-20873 βΌ
π Read
via "National Vulnerability Database".
In Spring Boot versions 3.0.0 - 3.0.5, 2.7.0 - 2.7.10, and older unsupported versions, an application that is deployed to Cloud Foundry could be susceptible to a security bypass. Users of affected versions should apply the following mitigation: 3.0.x users should upgrade to 3.0.6+. 2.7.x users should upgrade to 2.7.11+. Users of older, unsupported versions should upgrade to 3.0.6+ or 2.7.11+.π Read
via "National Vulnerability Database".
βΌ CVE-2023-2131 βΌ
π Read
via "National Vulnerability Database".
Versions of INEA ME RTU firmware prior to 3.36 are vulnerable to OS command injection, which could allow an attacker to remotely execute arbitrary code.π Read
via "National Vulnerability Database".
βΌ CVE-2023-2194 βΌ
π Read
via "National Vulnerability Database".
An out-of-bounds write vulnerability was found in the Linux kernel's SLIMpro I2C device driver. The userspace "data->block[0]" variable was not capped to a number between 0-255 and was used as the size of a memcpy, possibly writing beyond the end of dma_buffer. This flaw could allow a local privileged user to crash the system or potentially achieve code execution.π Read
via "National Vulnerability Database".
βΌ CVE-2023-20865 βΌ
π Read
via "National Vulnerability Database".
VMware Aria Operations for Logs contains a command injection vulnerability. A malicious actor with administrative privileges in VMware Aria Operations for Logs can execute arbitrary commands as root.π Read
via "National Vulnerability Database".
βΌ CVE-2023-2177 βΌ
π Read
via "National Vulnerability Database".
A null pointer dereference issue was found in the sctp network protocol in net/sctp/stream_sched.c in Linux Kernel. If stream_in allocation is failed, stream_out is freed which would further be accessed. A local user could use this flaw to crash the system or potentially cause a denial of service.π Read
via "National Vulnerability Database".
βΌ CVE-2023-27090 βΌ
π Read
via "National Vulnerability Database".
Cross Site Scripting vulnerability found in TeaCMS storage allows attacker to cause a leak of sensitive information via the article title parameter.π Read
via "National Vulnerability Database".
βΌ CVE-2023-28459 βΌ
π Read
via "National Vulnerability Database".
pretalx 2.3.1 before 2.3.2 allows path traversal in HTML export (a non-default feature). Users were able to upload crafted HTML documents that trigger the reading of arbitrary files.π Read
via "National Vulnerability Database".
βΌ CVE-2023-28458 βΌ
π Read
via "National Vulnerability Database".
pretalx 2.3.1 before 2.3.2 allows path traversal in HTML export (a non-default feature). Organizers can trigger the overwriting (with the standard pretalx 404 page content) of an arbitrary file.π Read
via "National Vulnerability Database".
βΌ CVE-2023-2176 βΌ
π Read
via "National Vulnerability Database".
A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA in the Linux Kernel. The improper cleanup results in out-of-boundary read, where a local user can utilize this problem to crash the system or escalation of privilege.π Read
via "National Vulnerability Database".
βΌ CVE-2023-20864 βΌ
π Read
via "National Vulnerability Database".
VMware Aria Operations for Logs contains a deserialization vulnerability. An unauthenticated, malicious actor with network access to VMware Aria Operations for Logs may be able to execute arbitrary code as root.π Read
via "National Vulnerability Database".