π΄ APT41 Subgroup Plows Through Asia-Pacific, Utilizing Layered Stealth Tactics π΄
π Read
via "Dark Reading".
The notorious Chinese APT is spreading cyber maliciousness around Southeast Asia, and its next targets are already in sight.π Read
via "Dark Reading".
Dark Reading
APT41 Subgroup Plows Through Asia-Pacific, Utilizing Layered Stealth Tactics
The notorious Chinese APT is spreading cyber maliciousness around Southeast Asia, and its next targets are already in sight.
βΌ CVE-2022-47878 βΌ
π Read
via "National Vulnerability Database".
Incorrect input validation for the default-storage-path in the settings page in Jedox 2020.2.5 allows remote, authenticated users to specify the location as Webroot directory. Consecutive file uploads can lead to the execution of arbitrary code.π Read
via "National Vulnerability Database".
βΌ CVE-2023-31434 βΌ
π Read
via "National Vulnerability Database".
The parameters nutzer_titel, nutzer_vn, and nutzer_nn in the user profile, and langID and ONLINEID in direct links, in evasys before 8.2 Build 2286 and 9.x before 9.0 Build 2401 do not validate input, which allows authenticated attackers to inject HTML Code and XSS payloads in multiple locations.π Read
via "National Vulnerability Database".
βΌ CVE-2022-47877 βΌ
π Read
via "National Vulnerability Database".
A Stored cross-site scripting vulnerability in Jedox 2020.2.5 allows remote, authenticated users to inject arbitrary web script or HTML in the Logs page via the log module 'log'.π Read
via "National Vulnerability Database".
βΌ CVE-2023-30943 βΌ
π Read
via "National Vulnerability Database".
The vulnerability was found Moodle which exists because the application allows a user to control path of the older to create in TinyMCE loaders. A remote user can send a specially crafted HTTP request and create arbitrary folders on the system.π Read
via "National Vulnerability Database".
βΌ CVE-2022-47874 βΌ
π Read
via "National Vulnerability Database".
Improper Access Control in /tc/rpc in Jedox GmbH Jedox 2020.2.5 allows remote authenticated users to view details of database connections via class 'com.jedox.etl.mngr.Connections' and method 'getGlobalConnection'.π Read
via "National Vulnerability Database".
βΌ CVE-2023-29778 βΌ
π Read
via "National Vulnerability Database".
GL.iNET MT3000 4.1.0 Release 2 is vulnerable to OS Command Injection via /usr/lib/oui-httpd/rpc/logread.π Read
via "National Vulnerability Database".
βΌ CVE-2023-27892 βΌ
π Read
via "National Vulnerability Database".
Insufficient length checks in the ShapeShift KeepKey hardware wallet firmware before 7.7.0 allow a global buffer overflow via crafted messages. Flaws in cf_confirmExecTx() in ethereum_contracts.c can be used to reveal arbitrary microcontroller memory on the device screen or crash the device. With physical access to a PIN-unlocked device, attackers can extract the BIP39 mnemonic secret from the hardware wallet.π Read
via "National Vulnerability Database".
βΌ CVE-2023-26546 βΌ
π Read
via "National Vulnerability Database".
European Chemicals Agency IUCLID before 6.27.6 allows remote authenticated users to execute arbitrary code via Server Side Template Injection (SSTI) with a crafted template file. The attacker must have template manager permission.π Read
via "National Vulnerability Database".
βΌ CVE-2023-26089 βΌ
π Read
via "National Vulnerability Database".
European Chemicals Agency IUCLID 6.x before 6.27.6 allows authentication bypass because a weak hard-coded secret is used for JWT signing. The affected versions are 5.15.0 through 6.27.5.π Read
via "National Vulnerability Database".
βΌ CVE-2023-26268 βΌ
π Read
via "National Vulnerability Database".
Design documents with matching document IDs, from databases on the same cluster, may share a mutable Javascript environment when using these design document functions: * validate_doc_update * list * filter * filter views (using view functions as filters) * rewrite * updateThis doesn't affect map/reduce or search (Dreyfus) index functions.Users are recommended to upgrade to a version that is no longer affected by this issue (Apache CouchDB 3.3.2 or 3.2.3).Workaround: Avoid using design documents from untrusted sources which may attempt to cache or store data in the Javascript environment.π Read
via "National Vulnerability Database".
π1
βΌ CVE-2023-31433 βΌ
π Read
via "National Vulnerability Database".
A SQL injection issue in Logbuch in evasys before 8.2 Build 2286 and 9.x before 9.0 Build 2401 allows authenticated attackers to execute SQL statements via the welche parameter.π Read
via "National Vulnerability Database".
βΌ CVE-2023-30403 βΌ
π Read
via "National Vulnerability Database".
An issue in the time-based authentication mechanism of Aigital Aigital Wireless-N Repeater Mini_Router v0.131229 allows attackers to bypass login by connecting to the web app after a successful attempt by a legitimate user.π Read
via "National Vulnerability Database".
βΌ CVE-2023-31435 βΌ
π Read
via "National Vulnerability Database".
Multiple components (such as Onlinetemplate-Verwaltung, Liste aller Teilbereiche, Umfragen anzeigen, and questionnaire previews) in evasys before 8.2 Build 2286 and 9.x before 9.0 Build 2401 allow authenticated attackers to read and write to unauthorized data by accessing functions directly.π Read
via "National Vulnerability Database".
βΌ CVE-2022-30759 βΌ
π Read
via "National Vulnerability Database".
In Nokia One-NDS (aka Network Directory Server) through 20.9, some Sudo permissions can be exploited by some users to escalate to root privileges and execute arbitrary commands.π Read
via "National Vulnerability Database".
βΌ CVE-2022-47875 βΌ
π Read
via "National Vulnerability Database".
A Directory Traversal vulnerability in /be/erpc.php in Jedox GmbH Jedox 2020.2.5 allows remote authenticated users to execute arbitrary code.π Read
via "National Vulnerability Database".
βΌ CVE-2023-30944 βΌ
π Read
via "National Vulnerability Database".
The vulnerability was found Moodle which exists due to insufficient sanitization of user-supplied data in external Wiki method for listing pages. A remote attacker can send a specially crafted request to the affected application and execute limited SQL commands within the application database.π Read
via "National Vulnerability Database".
βΌ CVE-2022-47876 βΌ
π Read
via "National Vulnerability Database".
The integrator in Jedox GmbH Jedox 2020.2.5 allows remote authenticated users to create Jobs to execute arbitrary code via Groovy-scripts.π Read
via "National Vulnerability Database".
βοΈ Promising Jobs at the U.S. Postal Service, βUS Job Servicesβ Leaks Customer Data βοΈ
π Read
via "Krebs on Security".
A sprawling online company based in Georgia that has made tens of millions of dollars purporting to sell access to jobs at the United States Postal Service (USPS) has exposed its internal IT operations and database of nearly 900,000 customers. The leaked records indicate the network's chief technology officer in Pakistan has been hacked for the past year, and that the entire operation was created by the principals of a Tennessee-based telemarketing firm that has promoted USPS employment websites since 2016.π Read
via "Krebs on Security".
Krebs on Security
Promising Jobs at the U.S. Postal Service, βUS Job Servicesβ Leaks Customer Data
A sprawling online company based in Georgia that has made tens of millions of dollars purporting to sell access to jobs at the United States Postal Service (USPS) has exposed its internal IT operations and database of nearly 900,000 customers.β¦
βΌ CVE-2023-2466 βΌ
π Read
via "National Vulnerability Database".
Inappropriate implementation in Prompts in Google Chrome prior to 113.0.5672.63 allowed a remote attacker to spoof the contents of the security UI via a crafted HTML page. (Chromium security severity: Low)π Read
via "National Vulnerability Database".
βΌ CVE-2023-2463 βΌ
π Read
via "National Vulnerability Database".
Inappropriate implementation in Full Screen Mode in Google Chrome on Android prior to 113.0.5672.63 allowed a remote attacker to hide the contents of the Omnibox (URL bar) via a crafted HTML page. (Chromium security severity: Medium)π Read
via "National Vulnerability Database".