βΌ CVE-2023-20873 βΌ
π Read
via "National Vulnerability Database".
In Spring Boot versions 3.0.0 - 3.0.5, 2.7.0 - 2.7.10, and older unsupported versions, an application that is deployed to Cloud Foundry could be susceptible to a security bypass. Users of affected versions should apply the following mitigation: 3.0.x users should upgrade to 3.0.6+. 2.7.x users should upgrade to 2.7.11+. Users of older, unsupported versions should upgrade to 3.0.6+ or 2.7.11+.π Read
via "National Vulnerability Database".
βΌ CVE-2023-2131 βΌ
π Read
via "National Vulnerability Database".
Versions of INEA ME RTU firmware prior to 3.36 are vulnerable to OS command injection, which could allow an attacker to remotely execute arbitrary code.π Read
via "National Vulnerability Database".
βΌ CVE-2023-2194 βΌ
π Read
via "National Vulnerability Database".
An out-of-bounds write vulnerability was found in the Linux kernel's SLIMpro I2C device driver. The userspace "data->block[0]" variable was not capped to a number between 0-255 and was used as the size of a memcpy, possibly writing beyond the end of dma_buffer. This flaw could allow a local privileged user to crash the system or potentially achieve code execution.π Read
via "National Vulnerability Database".
βΌ CVE-2023-20865 βΌ
π Read
via "National Vulnerability Database".
VMware Aria Operations for Logs contains a command injection vulnerability. A malicious actor with administrative privileges in VMware Aria Operations for Logs can execute arbitrary commands as root.π Read
via "National Vulnerability Database".
βΌ CVE-2023-2177 βΌ
π Read
via "National Vulnerability Database".
A null pointer dereference issue was found in the sctp network protocol in net/sctp/stream_sched.c in Linux Kernel. If stream_in allocation is failed, stream_out is freed which would further be accessed. A local user could use this flaw to crash the system or potentially cause a denial of service.π Read
via "National Vulnerability Database".
βΌ CVE-2023-27090 βΌ
π Read
via "National Vulnerability Database".
Cross Site Scripting vulnerability found in TeaCMS storage allows attacker to cause a leak of sensitive information via the article title parameter.π Read
via "National Vulnerability Database".
βΌ CVE-2023-28459 βΌ
π Read
via "National Vulnerability Database".
pretalx 2.3.1 before 2.3.2 allows path traversal in HTML export (a non-default feature). Users were able to upload crafted HTML documents that trigger the reading of arbitrary files.π Read
via "National Vulnerability Database".
βΌ CVE-2023-28458 βΌ
π Read
via "National Vulnerability Database".
pretalx 2.3.1 before 2.3.2 allows path traversal in HTML export (a non-default feature). Organizers can trigger the overwriting (with the standard pretalx 404 page content) of an arbitrary file.π Read
via "National Vulnerability Database".
βΌ CVE-2023-2176 βΌ
π Read
via "National Vulnerability Database".
A vulnerability was found in compare_netdev_and_ip in drivers/infiniband/core/cma.c in RDMA in the Linux Kernel. The improper cleanup results in out-of-boundary read, where a local user can utilize this problem to crash the system or escalation of privilege.π Read
via "National Vulnerability Database".
βΌ CVE-2023-20864 βΌ
π Read
via "National Vulnerability Database".
VMware Aria Operations for Logs contains a deserialization vulnerability. An unauthenticated, malicious actor with network access to VMware Aria Operations for Logs may be able to execute arbitrary code as root.π Read
via "National Vulnerability Database".
π΄ 'GhostToken' Opens Google Accounts to Permanent Infection π΄
π Read
via "Dark Reading".
A bug in how Google Cloud Platform handles OAuth tokens opened the door to Trojan apps that could access anything in users' personal or business Google Drives, Photos, Gmail, and more.π Read
via "Dark Reading".
Dark Reading
'GhostToken' Opens Google Accounts to Permanent Infection
A bug in how Google Cloud Platform handles OAuth tokens opened the door to Trojan apps that could access anything in users' personal or business Google Drives, Photos, Gmail, and more.
π΄ Infoblox Uncovers DNS Malware Toolkit & Urges Companies to Block Malicious Domains π΄
π Read
via "Dark Reading".
π Read
via "Dark Reading".
Dark Reading
Infoblox Uncovers DNS Malware Toolkit & Urges Companies to Block Malicious Domains
SANTA CLARA, Calif., April 20, 2023 /PRNewswire/ -- Infoblox Inc. the company that delivers a simplified, cloud- enabled networking and security platform for improved performance and protection, today published a threat report blog on a remote access trojanβ¦
βΌ CVE-2023-27352 βΌ
π Read
via "National Vulnerability Database".
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Sonos One Speaker 70.3-35220. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of the SMB directory query command. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-19845.π Read
via "National Vulnerability Database".
βΌ CVE-2023-27354 βΌ
π Read
via "National Vulnerability Database".
This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Sonos One Speaker 70.3-35220. Authentication is not required to exploit this vulnerability. The specific flaw exists within the processing of the SMB directory query command. The issue results from the lack of proper validation of user-supplied data, which can result in an integer overflow before reading from memory. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-19727.π Read
via "National Vulnerability Database".
βΌ CVE-2023-27353 βΌ
π Read
via "National Vulnerability Database".
This vulnerability allows network-adjacent attackers to disclose sensitive information on affected installations of Sonos One Speaker 70.3-35220. Authentication is not required to exploit this vulnerability. The specific flaw exists within the msprox endpoint. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of root. Was ZDI-CAN-19846.π Read
via "National Vulnerability Database".
βΌ CVE-2023-27355 βΌ
π Read
via "National Vulnerability Database".
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected installations of Sonos One Speaker 70.3-35220. Authentication is not required to exploit this vulnerability. The specific flaw exists within the MPEG-TS parser. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a fixed-length stack-based buffer. An attacker can leverage this vulnerability to execute code in the context of root. Was ZDI-CAN-19773.π Read
via "National Vulnerability Database".
βοΈ 3CX Breach Was a Double Supply Chain Compromise βοΈ
π Read
via "Krebs on Security".
We learned some remarkable new details this week about the recent supply-chain attack on VoIP software provider 3CX, a complex, lengthy intrusion that has the makings of a cyberpunk spy novel: North Korean hackers using legions of fake executive accounts on LinkedIn to lure people into opening malware disguised as a job offer; malware targeting Mac and Linux users working at defense and cryptocurrency firms; and software supply-chain attacks nested within earlier supply chain attacks.π Read
via "Krebs on Security".
Krebs on Security
3CX Breach Was a Double Supply Chain Compromise
We learned some remarkable new details this week about the recent supply-chain attack on VoIP software provider 3CX, a complex, lengthy intrusion that has the makings of a cyberpunk spy novel: North Korean hackers using legions of fake executive accountsβ¦
π’ Best practices for Microsoft 365 business continuity π’
π Read
via "ITPro".
Discover how to mitigate the effects of large-scale, high-cost data loss disastersπ Read
via "ITPro".
ITPro
Best practices for Microsoft 365 business continuity
Discover how to mitigate the effects of large-scale, high-cost data loss disasters
π’ Best practices for Salesforce business continuity π’
π Read
via "ITPro".
Empowering businesses to invest more time and resources on actionable activitiesπ Read
via "ITPro".
ITPro
Best practices for Salesforce business continuity
Empowering businesses to invest more time and resources on actionable activities
βΌ CVE-2023-2205 βΌ
π Read
via "National Vulnerability Database".
A vulnerability was found in Campcodes Retro Basketball Shoes Online Store 1.0. It has been rated as critical. Affected by this issue is some unknown functionality of the file /function/login.php. The manipulation of the argument email leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-226970 is the identifier assigned to this vulnerability.π Read
via "National Vulnerability Database".