βΌ CVE-2023-29772 βΌ
π Read
via "National Vulnerability Database".
A Cross-site scripting (XSS) vulnerability in the System Log/General Log page of the administrator web UI in ASUS RT-AC51U wireless router firmware version up to and including 3.0.0.4.380.8591 allows remote attackers to inject arbitrary web script or HTML via a malicious network request.π Read
via "National Vulnerability Database".
βΌ CVE-2023-23723 βΌ
π Read
via "National Vulnerability Database".
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Winwar Media WP Email Capture plugin <=Γ 3.9.3 versions.π Read
via "National Vulnerability Database".
βΌ CVE-2023-2473 βΌ
π Read
via "National Vulnerability Database".
A vulnerability was found in Dreamer CMS up to 4.1.3. It has been declared as problematic. This vulnerability affects the function updatePwd of the file UserController.java of the component Password Hash Calculation. The manipulation leads to inefficient algorithmic complexity. The attack can be initiated remotely. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-227860.π Read
via "National Vulnerability Database".
π΄ Google Ads Abused to Lure Corporate Workers to LOBSHOT Backdoor π΄
π Read
via "Dark Reading".
The cyberattack campaign, similar to one to spread the Rhadamanthys Stealer, is part of a larger trend by attackers to use malvertising as initial access for ransomware and other threat activity.π Read
via "Dark Reading".
Dark Reading
Google Ads Abused to Lure Corporate Workers to LOBSHOT Backdoor
The cyberattack campaign, similar to one to spread the Rhadamanthys Stealer, is part of a larger trend by attackers to use malvertising as initial access for ransomware and other threat activity.
π MIMEDefang Email Scanner 3.4.1 π
π Read
via "Packet Storm Security".
MIMEDefang is a flexible MIME email scanner designed to protect Windows clients from viruses. Includes the ability to do many other kinds of mail processing, such as replacing parts of messages with URLs. It can alter or delete various parts of a MIME message according to a very flexible configuration file. It can also bounce messages with unacceptable attachments. MIMEDefang works with the Sendmail 8.11 and newer "Milter" API, which makes it more flexible and efficient than procmail-based approaches.π Read
via "Packet Storm Security".
Packetstormsecurity
MIMEDefang Email Scanner 3.4.1 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π Clam AntiVirus Toolkit 1.1.0 π
π Read
via "Packet Storm Security".
Clam AntiVirus is an anti-virus toolkit for Unix. The main purpose of this software is the integration with mail servers (attachment scanning). The package provides a flexible and scalable multi-threaded daemon, a command-line scanner, and a tool for automatic updating via Internet. The programs are based on a shared library distributed with the Clam AntiVirus package, which you can use in your own software. This is the LTS source code release.π Read
via "Packet Storm Security".
Packetstormsecurity
Clam AntiVirus Toolkit 1.1.0 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
βΌ CVE-2023-2476 βΌ
π Read
via "National Vulnerability Database".
A vulnerability was found in Dromara J2eeFAST up to 2.6.0. It has been classified as problematic. Affected is an unknown function of the component Announcement Handler. The manipulation of the argument ????/???? leads to cross site scripting. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 7a9e1a00e3329fdc0ae05f7a8257cce77037134d. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-227868.π Read
via "National Vulnerability Database".
βΌ CVE-2023-2477 βΌ
π Read
via "National Vulnerability Database".
A vulnerability was found in Funadmin up to 3.2.3. It has been declared as problematic. Affected by this vulnerability is the function tagLoad of the file Cx.php. The manipulation of the argument file leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-227869 was assigned to this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2023-2479 βΌ
π Read
via "National Vulnerability Database".
OS Command Injection in GitHub repository appium/appium-desktop prior to v1.22.3-4.π Read
via "National Vulnerability Database".
βΌ CVE-2023-29856 βΌ
π Read
via "National Vulnerability Database".
** UNSUPPORTED WHEN ASSIGNED ** D-Link DIR-868L Hardware version A1, firmware version 1.12 is vulnerable to Buffer Overflow. The vulnerability is in scandir.sgi binary.π Read
via "National Vulnerability Database".
βΌ CVE-2023-2445 βΌ
π Read
via "National Vulnerability Database".
Improper access control in Subscriptions Folder path filter in Devolutions Server 2023.1.1 and earlier allows attackers with administrator privileges to retrieve usage information on folders in user vaults via a specific folder name.π Read
via "National Vulnerability Database".
π’ Five things to consider before choosing an MFA solution π’
π Read
via "ITPro".
Because we all should move on from using βpasswordβ as a password π Read
via "ITPro".
ITPro
Five things to consider before choosing an MFA solution
Because we all should move on from using βpasswordβ as a password
π΄ North Korean APT Gets Around Macro-Blocking With LNK Switch-Up π΄
π Read
via "Dark Reading".
APT37 is among a growing list of threat actors that have switched to Windows shortcut files after Microsoft blocked macros last year.π Read
via "Dark Reading".
Dark Reading
North Korean APT Gets Around Macro-Blocking With LNK Switch-Up
APT37 is among a growing list of threat actors that have switched to Windows shortcut files after Microsoft blocked macros last year.
βΌ CVE-2023-29868 βΌ
π Read
via "National Vulnerability Database".
Zammad 5.3.x (Fixed in 5.4.0) is vulnerable to Incorrect Access Control. An authenticated attacker with agent and customer roles could perform unauthorized changes on articles where they only have customer permissions.π Read
via "National Vulnerability Database".
βΌ CVE-2023-29918 βΌ
π Read
via "National Vulnerability Database".
RosarioSIS 10.8.4 is vulnerable to CSV injection via the Periods Module.π Read
via "National Vulnerability Database".
βΌ CVE-2023-29867 βΌ
π Read
via "National Vulnerability Database".
Zammad 5.3.x (Fixed 5.4.0) is vulnerable to Incorrect Access Control. An authenticated attacker could gain information about linked accounts of users involved in their tickets using the Zammad API.π Read
via "National Vulnerability Database".
βΌ CVE-2023-30861 βΌ
π Read
via "National Vulnerability Database".
Flask is a lightweight WSGI web application framework. When all of the following conditions are met, a response containing data intended for one client may be cached and subsequently sent by the proxy to other clients. If the proxy also caches `Set-Cookie` headers, it may send one client's `session` cookie to other clients. The severity depends on the application's use of the session and the proxy's behavior regarding cookies. The risk depends on all these conditions being met.1. The application must be hosted behind a caching proxy that does not strip cookies or ignore responses with cookies.2. The application sets `session.permanent = True`3. The application does not access or modify the session at any point during a request.4. `SESSION_REFRESH_EACH_REQUEST` enabled (the default).5. The application does not set a `Cache-Control` header to indicate that a page is private or should not be cached.This happens because vulnerable versions of Flask only set the `Vary: Cookie` header when the session is accessed or modified, not when it is refreshed (re-sent to update the expiration) without being accessed or modified. This issue has been fixed in versions 2.3.2 and 2.2.5.π Read
via "National Vulnerability Database".
π΄ Apple Debuts Its Rapid Response Security Update Approach π΄
π Read
via "Dark Reading".
Smaller fixes deliver quick improvements for iPhones, iPads, and iMacs between software updates. π Read
via "Dark Reading".
Dark Reading
Apple Debuts Its Rapid Response Security Update Approach
Smaller fixes deliver quick improvements for iPhones, iPads, and iMacs between software updates.
π΄ PrivateGPT Tackles Sensitive Info in ChatGPT Prompts π΄
π Read
via "Dark Reading".
In an effort to curb employees from entering private data into the AI, ChatGPT is blocked from ingesting more than 50+ types of PII and other sensitive information.π Read
via "Dark Reading".
Dark Reading
PrivateGPT Tackles Sensitive Info in ChatGPT Prompts
In an effort to curb employees from entering private data into the AI, ChatGPT is blocked from ingesting more than 50+ types of PII and other sensitive information.
π΄ APT41 Subgroup Plows Through Asia-Pacific, Utilizing Layered Stealth Tactics π΄
π Read
via "Dark Reading".
The notorious Chinese APT is spreading cyber maliciousness around Southeast Asia, and its next targets are already in sight.π Read
via "Dark Reading".
Dark Reading
APT41 Subgroup Plows Through Asia-Pacific, Utilizing Layered Stealth Tactics
The notorious Chinese APT is spreading cyber maliciousness around Southeast Asia, and its next targets are already in sight.
βΌ CVE-2022-47878 βΌ
π Read
via "National Vulnerability Database".
Incorrect input validation for the default-storage-path in the settings page in Jedox 2020.2.5 allows remote, authenticated users to specify the location as Webroot directory. Consecutive file uploads can lead to the execution of arbitrary code.π Read
via "National Vulnerability Database".