βΌ CVE-2023-29579 βΌ
π Read
via "National Vulnerability Database".
yasm 1.3.0.55.g101bc was discovered to contain a stack overflow via the component yasm/yasm+0x43b466 in vsprintf.π Read
via "National Vulnerability Database".
βΌ CVE-2022-48477 βΌ
π Read
via "National Vulnerability Database".
In JetBrains Hub before 2023.1.15725 SSRF protection in Auth Module integration was missingπ Read
via "National Vulnerability Database".
βΌ CVE-2022-48476 βΌ
π Read
via "National Vulnerability Database".
In JetBrains Ktor before 2.3.0 path traversal in the `resolveResource` method was possibleπ Read
via "National Vulnerability Database".
βΌ CVE-2023-29578 βΌ
π Read
via "National Vulnerability Database".
mp4v2 v2.0.0 was discovered to contain a heap buffer overflow via the mp4v2::impl::MP4StringProperty::~MP4StringProperty() function at src/mp4property.cpp.π Read
via "National Vulnerability Database".
βΌ CVE-2023-29583 βΌ
π Read
via "National Vulnerability Database".
yasm 1.3.0.55.g101bc was discovered to contain a stack overflow via the function parse_expr5 at /nasm/nasm-parse.c.π Read
via "National Vulnerability Database".
βΌ CVE-2023-29582 βΌ
π Read
via "National Vulnerability Database".
yasm 1.3.0.55.g101bc was discovered to contain a stack overflow via the function parse_expr1 at /nasm/nasm-parse.c.π Read
via "National Vulnerability Database".
π΄ The New Frontier in Email Security: Goodbye, Gateways; Hello, Behavioral AI π΄
π Read
via "Dark Reading".
As email attackers move to more targeted and sophisticated attacks, email security needs to understand the organization, not past attacks, to keep up with attacker innovation and stop novel threats on the first encounter.π Read
via "Dark Reading".
Darkreading
The New Frontier in Email Security: Goodbye, Gateways; Hello, Behavioral AI
As email attackers move to more targeted and sophisticated attacks, email security needs to understand the organization, not past attacks, to keep up with attacker innovation and stop novel threats on the first encounter.
π΄ Cybersecurity Survival: Hide From Adversarial AI π΄
π Read
via "Dark Reading".
Consider adding some security-through-obscurity tactics to your organization's protection arsenal to boost protection. Mask your attack surface behind additional zero-trust layers to remove AI's predictive advantage.π Read
via "Dark Reading".
Dark Reading
Cybersecurity Survival: Hide From Adversarial AI
Consider adding some security-through-obscurity tactics to your organization's protection arsenal to boost protection. Mask your attack surface behind additional zero-trust layers to remove AI's predictive advantage.
π΄ ZeroFox to Acquire LookingGlass, Broadening Global Attack Surface Intelligence Capabilities π΄
π Read
via "Dark Reading".
Deal strengthens ZeroFox's External Cybersecurity Platform with attack surface management (EASM) and threat intelligence capabilities.π Read
via "Dark Reading".
Dark Reading
ZeroFox to Acquire LookingGlass, Broadening Global Attack Surface Intelligence Capabilities
Deal strengthens ZeroFox's External Cybersecurity Platform with attack surface management (EASM) and threat intelligence capabilities.
π΄ Cisco Unveils Solution to Rapidly Detect Advanced Cyber Threats and Automate Response π΄
π Read
via "Dark Reading".
π Read
via "Dark Reading".
Dark Reading
Cisco Unveils Solution to Rapidly Detect Advanced Cyber Threats and Automate Response
SAN FRANCISCO, April 24, 2023 /PRNewswire/ -- RSA CONFERENCE 2023 -- Cisco (NASDAQ: CSCO), the leader in enterprise networking and security, unveiled the latest progress towards its vision of the Cisco Security Cloud, a unified, AI-driven, cross-domain securityβ¦
βΌ CVE-2022-47598 βΌ
π Read
via "National Vulnerability Database".
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WP Plugins Pro WP Super Popup pluginΓ <= 1.1.2 versions.π Read
via "National Vulnerability Database".
βΌ CVE-2023-1731 βΌ
π Read
via "National Vulnerability Database".
In LTOS versions prior to V7.06.013, the configuration file upload function would not correctly validate the input, which would allow an remote authenticated attacker with high privileges to execute arbitrary commands.π Read
via "National Vulnerability Database".
βΌ CVE-2023-2251 βΌ
π Read
via "National Vulnerability Database".
Uncaught Exception in GitHub repository eemeli/yaml prior to 2.2.2.π Read
via "National Vulnerability Database".
βΌ CVE-2023-23892 βΌ
π Read
via "National Vulnerability Database".
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Jamie Poitra M Chart plugin <=Γ 1.9.4 versions.π Read
via "National Vulnerability Database".
βΌ CVE-2023-24819 βΌ
π Read
via "National Vulnerability Database".
RIOT-OS, an operating system that supports Internet of Things devices, contains a network stack with the ability to process 6LoWPAN frames. Prior to version 2022.10, an attacker can send a crafted frame to the device resulting in an out of bounds write in the packet buffer. The overflow can be used to corrupt other packets and the allocator metadata. Corrupting a pointer will easily lead to denial of service. While carefully manipulating the allocator metadata gives an attacker the possibility to write data to arbitrary locations and thus execute arbitrary code. Version 2022.10 fixes this issue. As a workaround, disable support for fragmented IP datagrams or apply the patches manually.π Read
via "National Vulnerability Database".
βΌ CVE-2023-29849 βΌ
π Read
via "National Vulnerability Database".
Bang Resto 1.0 was discovered to contain multiple SQL injection vulnerabilities via the btnMenuItemID, itemID, itemPrice, menuID, staffID, or itemqty parameter.π Read
via "National Vulnerability Database".
βΌ CVE-2023-30370 βΌ
π Read
via "National Vulnerability Database".
In Tenda AC15 V15.03.05.19, the function GetValue contains a stack-based buffer overflow vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2023-24820 βΌ
π Read
via "National Vulnerability Database".
RIOT-OS, an operating system that supports Internet of Things devices, contains a network stack with the ability to process 6LoWPAN frames. An attacker can send a crafted frame to the device resulting in a large out of bounds write beyond the packet buffer. The write will create a hard fault exception after reaching the last page of RAM. The hard fault is not handled and the system will be stuck until reset. Thus the impact is denial of service. Version 2022.10 fixes this issue. As a workaround, apply the patch manually.π Read
via "National Vulnerability Database".
βΌ CVE-2023-30368 βΌ
π Read
via "National Vulnerability Database".
Tenda AC5 V15.03.06.28 is vulnerable to Buffer Overflow via the initWebs function.π Read
via "National Vulnerability Database".
βΌ CVE-2023-30376 βΌ
π Read
via "National Vulnerability Database".
In Tenda AC15 V15.03.05.19, the function "henan_pppoe_user" contains a stack-based buffer overflow vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2023-29480 βΌ
π Read
via "National Vulnerability Database".
Ribose RNP before 0.16.3 sometimes lets secret keys remain unlocked after use.π Read
via "National Vulnerability Database".