βΌ CVE-2021-44476 βΌ
π Read
via "National Vulnerability Database".
A sandboxing issue in Odoo Community 15.0 and earlier and Odoo Enterprise 15.0 and earlier allows authenticated administrators to read local files on the server, including sensitive configuration files.π Read
via "National Vulnerability Database".
π΄ NetWitness Partners With Palo Alto Networks, Broadcom to Launch SASE Packet Integrations at RSA Conference 2023 π΄
π Read
via "Dark Reading".
Full packet capture and log monitoring directly on SASE nodes maintains enterprise-grade security, no matter where the data originates.π Read
via "Dark Reading".
Dark Reading
NetWitness Partners With Palo Alto Networks, Broadcom to Launch SASE Packet Integrations at RSA Conference 2023
Full packet capture and log monitoring directly on SASE nodes maintains enterprise-grade security, no matter where the data originates.
π΄ ReliaQuest Adds AI Capabilities to GreyMatter Intelligent Analysis π΄
π Read
via "Dark Reading".
Integration of AI can lead to reduction of up to 90% in meantime to resolve security incidents.π Read
via "Dark Reading".
Dark Reading
ReliaQuest Adds AI Capabilities to GreyMatter Intelligent Analysis
Integration of AI can lead to reduction of up to 90% in meantime to resolve security incidents.
π΄ Forcepoint Delivers Data Security Everywhere, Extending DLP Policies From Endpoints to the Cloud π΄
π Read
via "Dark Reading".
π Read
via "Dark Reading".
Dark Reading
Forcepoint Delivers Data Security Everywhere, Extending DLP Policies From Endpoints to the Cloud
AUSTIN, Texas β April 25, 2023 β Global security leader Forcepoint today extended the depth and breadth of its Data-first SASE (Secure Access Service Edge) offering with the launch of Forcepoint Data Security Everywhere. Forcepoint is simplifying enterpriseβ¦
π΄ AI Experts: Account for AI/ML Resilience & Risk While There's Still Time π΄
π Read
via "Dark Reading".
CISOs and cybersecurity teams will play a key role in hardening artificial intelligence and machine learning systems.π Read
via "Dark Reading".
Dark Reading
AI Experts: Account for AI/ML Resilience & Risk While There's Still Time
CISOs and cybersecurity teams will play a key role in hardening artificial intelligence and machine learning systems.
βΌ CVE-2023-20871 βΌ
π Read
via "National Vulnerability Database".
VMware Fusion contains a local privilege escalation vulnerability. A malicious actor with read/write access to the host operating system can elevate privileges to gain root access to the host operating system.π Read
via "National Vulnerability Database".
βΌ CVE-2023-29012 βΌ
π Read
via "National Vulnerability Database".
Git for Windows is the Windows port of Git. Prior to version 2.40.1, any user of Git CMD who starts the command in an untrusted directory is impacted by an Uncontrolles Search Path Element vulnerability. Maliciously-placed `doskey.exe` would be executed silently upon running Git CMD. The problem has been patched in Git for Windows v2.40.1. As a workaround, avoid using Git CMD or, if using Git CMD, avoid starting it in an untrusted directory.π Read
via "National Vulnerability Database".
βΌ CVE-2023-25815 βΌ
π Read
via "National Vulnerability Database".
In Git for Windows, the Windows port of Git, no localized messages are shipped with the installer. As a consequence, Git is expected not to localize messages at all, and skips the gettext initialization. However, due to a change in MINGW-packages, the `gettext()` function's implicit initialization no longer uses the runtime prefix but uses the hard-coded path `C:\mingw64\share\locale` to look for localized messages. And since any authenticated user has the permission to create folders in `C:\` (and since `C:\mingw64` does not typically exist), it is possible for low-privilege users to place fake messages in that location where `git.exe` will pick them up in version 2.40.1.This vulnerability is relatively hard to exploit and requires social engineering. For example, a legitimate message at the end of a clone could be maliciously modified to ask the user to direct their web browser to a malicious website, and the user might think that the message comes from Git and is legitimate. It does require local write access by the attacker, though, which makes this attack vector less likely. Version 2.40.1 contains a patch for this issue. Some workarounds are available. Do not work on a Windows machine with shared accounts, or alternatively create a `C:\mingw64` folder and leave it empty. Users who have administrative rights may remove the permission to create folders in `C:\`.π Read
via "National Vulnerability Database".
βΌ CVE-2023-28084 βΌ
π Read
via "National Vulnerability Database".
HPE OneView and HPE OneView Global Dashboard appliance dumps may expose authentication tokensπ Read
via "National Vulnerability Database".
βΌ CVE-2023-25652 βΌ
π Read
via "National Vulnerability Database".
Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, by feeding specially crafted input to `git apply --reject`, a path outside the working tree can be overwritten with partially controlled contents (corresponding to the rejected hunk(s) from the given patch). A fix is available in versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1. As a workaround, avoid using `git apply` with `--reject` when applying patches from an untrusted source. Use `git apply --stat` to inspect a patch before applying; avoid applying one that create a conflict where a link corresponding to the `*.rej` file exists.π Read
via "National Vulnerability Database".
βΌ CVE-2023-30609 βΌ
π Read
via "National Vulnerability Database".
matrix-react-sdk is a react-based SDK for inserting a Matrix chat/VoIP client into a web page. Prior to version 3.71.0, plain text messages containing HTML tags are rendered as HTML in the search results. To exploit this, an attacker needs to trick a user into searching for a specific message containing an HTML injection payload. No cross-site scripting attack is possible due to the hardcoded content security policy. Version 3.71.0 of the SDK patches over the issue. As a workaround, restarting the client will clear the HTML injection.π Read
via "National Vulnerability Database".
βΌ CVE-2023-24512 βΌ
π Read
via "National Vulnerability Database".
On affected platforms running Arista EOS, an authorized attacker with permissions to perform gNMI requests could craft a request allowing it to update arbitrary configurations in the switch. This situation occurs only when the Streaming Telemetry Agent (referred to as the TerminAttr agent) is enabled and gNMI access is configured on the agent. Note: This gNMI over the Streaming Telemetry Agent scenario is mostly commonly used when streaming to a 3rd party system and is not used by default when streaming to CloudVisionπ Read
via "National Vulnerability Database".
βΌ CVE-2023-23839 βΌ
π Read
via "National Vulnerability Database".
The SolarWinds Platform was susceptible to the Exposure of Sensitive Information Vulnerability. This vulnerability allows users to access Orion.WebCommunityStrings SWIS schema object and obtain sensitive information.π Read
via "National Vulnerability Database".
βΌ CVE-2023-23995 βΌ
π Read
via "National Vulnerability Database".
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Tim Reeves & David StΓΒΆckl TinyMCE Custom Styles pluginΓ <= 1.1.2 versions.π Read
via "National Vulnerability Database".
βΌ CVE-2023-30549 βΌ
π Read
via "National Vulnerability Database".
Apptainer is an open source container platform for Linux. There is an ext4 use-after-free flaw that is exploitable through versions of Apptainer < 1.1.0, installations that include apptainer-suid < 1.1.8, and all versions of Singularity in their default configurations on older operating systems where that CVE has not been patched. That includes Red Hat Enterprise Linux 7, Debian 10 buster (unless the linux-5.10 package is installed), Ubuntu 18.04 bionic and Ubuntu 20.04 focal. Use-after-free flaws in the kernel can be used to attack the kernel for denial of service and potentially for privilege escalation.Apptainer 1.1.8 includes a patch that by default disables mounting of extfs filesystem types in setuid-root mode, while continuing to allow mounting of extfs filesystems in non-setuid "rootless" mode using fuse2fs.Some workarounds are possible. Either do not install apptainer-suid (for versions 1.1.0 through 1.1.7) or set `allow setuid = no` in apptainer.conf (or singularity.conf for singularity versions). This requires having unprivileged user namespaces enabled and except for apptainer 1.1.x versions will disallow mounting of sif files, extfs files, and squashfs files in addition to other, less significant impacts. (Encrypted sif files are also not supported unprivileged in apptainer 1.1.x.). Alternatively, use the `limit containers` options in apptainer.conf/singularity.conf to limit sif files to trusted users, groups, and/or paths, and set `allow container extfs = no` to disallow mounting of extfs overlay files. The latter option by itself does not disallow mounting of extfs overlay partitions inside SIF files, so that's why the former options are also needed.π Read
via "National Vulnerability Database".
βΌ CVE-2023-29007 βΌ
π Read
via "National Vulnerability Database".
Git is a revision control system. Prior to versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1, a specially crafted `.gitmodules` file with submodule URLs that are longer than 1024 characters can used to exploit a bug in `config.c::git_config_copy_or_rename_section_in_file()`. This bug can be used to inject arbitrary configuration into a user's `$GIT_DIR/config` when attempting to remove the configuration section associated with that submodule. When the attacker injects configuration values which specify executables to run (such as `core.pager`, `core.editor`, `core.sshCommand`, etc.) this can lead to a remote code execution. A fix A fix is available in versions 2.30.9, 2.31.8, 2.32.7, 2.33.8, 2.34.8, 2.35.8, 2.36.6, 2.37.7, 2.38.5, 2.39.3, and 2.40.1. As a workaround, avoid running `git submodule deinit` on untrusted repositories or without prior inspection of any submodule sections in `$GIT_DIR/config`.π Read
via "National Vulnerability Database".
βΌ CVE-2023-24005 βΌ
π Read
via "National Vulnerability Database".
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Winwar Media Inline Tweet Sharer Γ’β¬β Twitter Sharing Plugin plugin <=Γ 2.5.3 versions.π Read
via "National Vulnerability Database".
βΌ CVE-2023-29011 βΌ
π Read
via "National Vulnerability Database".
Git for Windows, the Windows port of Git, ships with an executable called `connect.exe`, which implements a SOCKS5 proxy that can be used to connect e.g. to SSH servers via proxies when certain ports are blocked for outgoing connections. The location of `connect.exe`'s config file is hard-coded as `/etc/connectrc` which will typically be interpreted as `C:\etc\connectrc`. Since `C:\etc` can be created by any authenticated user, this makes `connect.exe` susceptible to malicious files being placed there by other users on the same multi-user machine. The problem has been patched in Git for Windows v2.40.1. As a workaround, create the folder `etc` on all drives where Git commands are run, and remove read/write access from those folders. Alternatively, watch out for malicious `<drive>:\etc\connectrc` files on multi-user machines.π Read
via "National Vulnerability Database".
β€1
βΌ CVE-2023-2269 βΌ
π Read
via "National Vulnerability Database".
A denial of service problem was found, due to a possible recursive locking scenario, resulting in a deadlock in table_clear in drivers/md/dm-ioctl.c in the Linux Kernel Device Mapper-Multipathing sub-component.π Read
via "National Vulnerability Database".