‼ CVE-2023-22686 ‼
📖 Read
via "National Vulnerability Database".
Cross-Site Request Forgery (CSRF) vulnerability in TriniTronic Nice PayPal Button Lite plugin <=Â 1.3.5 versions.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-2246 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability has been found in SourceCodester Online Pizza Ordering System 1.0 and classified as critical. This vulnerability affects unknown code of the file admin/ajax.php?action=save_settings. The manipulation of the argument img leads to unrestricted upload. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-227236.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-31043 ‼
📖 Read
via "National Vulnerability Database".
EnterpriseDB EDB Postgres Advanced Server (EPAS) before 14.6.0 logs unredacted passwords in situations where optional parameters are used with CREATE/ALTER USER/GROUP/ROLE, and redacting was configured with edb_filter_log.redact_password_commands. The fixed versions are 10.23.33, 11.18.29, 12.13.17, 13.9.13, and 14.6.0.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-23753 ‼
📖 Read
via "National Vulnerability Database".
The 'Visforms Base Package for Joomla 3' extension is vulnerable to SQL Injection as concatenation is used to construct an SQL Query. An attacker can interact with the database and could be able to read, modify and delete data on it.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-31061 ‼
📖 Read
via "National Vulnerability Database".
Repetier Server through 1.4.10 does not have CSRF protection.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-31060 ‼
📖 Read
via "National Vulnerability Database".
Repetier Server through 1.4.10 executes as SYSTEM. This can be leveraged in conjunction with CVE-2023-31059 for full compromise.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-31059 ‼
📖 Read
via "National Vulnerability Database".
Repetier Server through 1.4.10 allows ..%5c directory traversal for reading files that contain credentials, as demonstrated by connectionLost.php.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-31056 ‼
📖 Read
via "National Vulnerability Database".
CloverDX before 5.17.3 writes passwords to the audit log in certain situations, if the audit log is enabled and single sign-on is not employed. The fixed versions are 5.15.4, 5.16.2, 5.17.3, and 6.0.x.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-25131 ‼
📖 Read
via "National Vulnerability Database".
Use of default password vulnerability in PowerPanel Business Local/Remote for Windows v4.8.6 and earlier, PowerPanel Business Management for Windows v4.8.6 and earlier, PowerPanel Business Local/Remote for Linux 32bit v4.8.6 and earlier, PowerPanel Business Local/Remote for Linux 64bit v4.8.6 and earlier, PowerPanel Business Management for Linux 32bit v4.8.6 and earlier, PowerPanel Business Management for Linux 64bit v4.8.6 and earlier, PowerPanel Business Local/Remote for MacOS v4.8.6 and earlier, and PowerPanel Business Management for MacOS v4.8.6 and earlier allows remote attackers to log in to the server directly to perform administrative functions. Upon installation or upon first login, the application does not ask the user to change the 'admin' password.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-25132 ‼
📖 Read
via "National Vulnerability Database".
Unrestricted upload of file with dangerous type vulnerability in default.cmd file in PowerPanel Business Local/Remote for Windows v4.8.6 and earlier, PowerPanel Business Management for Windows v4.8.6 and earlier, PowerPanel Business Local/Remote for Linux 32bit v4.8.6 and earlier, PowerPanel Business Local/Remote for Linux 64bit v4.8.6 and earlier, PowerPanel Business Management for Linux 32bit v4.8.6 and earlier, PowerPanel Business Management for Linux 64bit v4.8.6 and earlier, PowerPanel Business Local/Remote for MacOS v4.8.6 and earlier, and PowerPanel Business Management for MacOS v4.8.6 and earlier allows remote attackers to execute operation system commands via unspecified vectors.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-25133 ‼
📖 Read
via "National Vulnerability Database".
Improper privilege management vulnerability in default.cmd file in PowerPanel Business Local/Remote for Windows v4.8.6 and earlier, PowerPanel Business Management for Windows v4.8.6 and earlier, PowerPanel Business Local/Remote for Linux 32bit v4.8.6 and earlier, PowerPanel Business Local/Remote for Linux 64bit v4.8.6 and earlier, PowerPanel Business Management for Linux 32bit v4.8.6 and earlier, PowerPanel Business Management for Linux 64bit v4.8.6 and earlier, PowerPanel Business Local/Remote for MacOS v4.8.6 and earlier, and PowerPanel Business Management for MacOS v4.8.6 and earlier allows remote attackers to execute operation system commands via unspecified vectors.📖 Read
via "National Vulnerability Database".
🕴 Zimperium Launches Unified Mobile Security Platform for Threat Detection, Visibility, and Response 🕴
📖 Read
via "Dark Reading".
Integrated platform enables enterprises to seamlessly execute their mobile-first security strategy.📖 Read
via "Dark Reading".
Dark Reading
Zimperium Launches Unified Mobile Security Platform for Threat Detection, Visibility, and Response
Integrated platform enables enterprises to seamlessly execute their mobile-first security strategy.
🕴 Rethinking Safer AI: Can There Really Be a 'TruthGPT'? 🕴
📖 Read
via "Dark Reading".
Is Elon Musk's "maximum truth-seeking AI" achievable? Overcoming bias in artificial technologies is crucial for cybersecurity, but doing it could be a challenge.📖 Read
via "Dark Reading".
Dark Reading
Rethinking Safer AI: Can There Really Be a 'TruthGPT'?
Is Elon Musk's "maximum truth-seeking AI" achievable? Overcoming bias in artificial technologies is crucial for cybersecurity, but doing it could be a challenge.
🕴 CrowdStrike Introduces CrowdStream to Accelerate and Simplify XDR Adoption 🕴
📖 Read
via "Dark Reading".
Powered by Cribl, a CrowdStrike Falcon Fund partner, and available to CrowdStrike Falcon platform customers.📖 Read
via "Dark Reading".
Dark Reading
CrowdStrike Introduces CrowdStream to Accelerate and Simplify XDR Adoption
Powered by Cribl, a CrowdStrike Falcon Fund partner, and available to CrowdStrike Falcon platform customers.
🕴 Palo Alto Networks Takes Aim At Cyberattacks With the Expansion of Unit 42's Digital Forensics & Incident Response Service Globally 🕴
📖 Read
via "Dark Reading".
With 60% of organizations taking more than four days to resolve cybersecurity issues, Unit 42’s Global Incident Response Service dramatically reduces time to remediate threats.📖 Read
via "Dark Reading".
Dark Reading
Palo Alto Networks Takes Aim At Cyberattacks With the Expansion of Unit 42's Digital Forensics & Incident Response Service Globally
With 60% of organizations taking more than four days to resolve cybersecurity issues, Unit 42’s Global Incident Response Service dramatically reduces time to remediate threats.
‼ CVE-2023-29579 ‼
📖 Read
via "National Vulnerability Database".
yasm 1.3.0.55.g101bc was discovered to contain a stack overflow via the component yasm/yasm+0x43b466 in vsprintf.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-48477 ‼
📖 Read
via "National Vulnerability Database".
In JetBrains Hub before 2023.1.15725 SSRF protection in Auth Module integration was missing📖 Read
via "National Vulnerability Database".
‼ CVE-2022-48476 ‼
📖 Read
via "National Vulnerability Database".
In JetBrains Ktor before 2.3.0 path traversal in the `resolveResource` method was possible📖 Read
via "National Vulnerability Database".
‼ CVE-2023-29578 ‼
📖 Read
via "National Vulnerability Database".
mp4v2 v2.0.0 was discovered to contain a heap buffer overflow via the mp4v2::impl::MP4StringProperty::~MP4StringProperty() function at src/mp4property.cpp.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-29583 ‼
📖 Read
via "National Vulnerability Database".
yasm 1.3.0.55.g101bc was discovered to contain a stack overflow via the function parse_expr5 at /nasm/nasm-parse.c.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-29582 ‼
📖 Read
via "National Vulnerability Database".
yasm 1.3.0.55.g101bc was discovered to contain a stack overflow via the function parse_expr1 at /nasm/nasm-parse.c.📖 Read
via "National Vulnerability Database".