πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
@cibsecurity
25.8K subscribers
89.2K links
πŸ—ž The finest daily news on cybersecurity and privacy.

πŸ”” Daily releases.

πŸ’» Is your online life secure?

πŸ“© lalilolalo.dev@gmail.com
Download Telegram
About
Blog
Apps
Platform
Join
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
25.8K subscribers
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-2536 β€Ό

** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

πŸ“– Read

via "National Vulnerability Database".
320 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-28068 β€Ό

Dell Command Monitor, versions 10.9 and prior, contains an improper folder permission vulnerability. A local authenticated malicious user can potentially exploit this vulnerability leading to privilege escalation by writing to a protected directory when Dell Command Monitor is installed to a non-default path

πŸ“– Read

via "National Vulnerability Database".
344 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-2537 β€Ό

** REJECT ** This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

πŸ“– Read

via "National Vulnerability Database".
394 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ•΄ Google Expands Passkey Support with Passwordless Authentication πŸ•΄

One year after Apple, Google and Microsoft pledged to support the FIDO Alliance’s passkeys standard, support is growing, though still early in adoption.

πŸ“– Read

via "Dark Reading".
Dark Reading
Google Expands Passkey Support With Passwordless Authentication
One year after Apple, Google and Microsoft pledged to support the FIDO Alliance’s passkeys standard, support is growing, though still early in adoption.
426 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ•΄ The (Security) Cost of Too Much Data Privacy πŸ•΄

The online fraud prevention industry has taken the brunt of increased privacy actions.

πŸ“– Read

via "Dark Reading".
Dark Reading
The (Security) Cost of Too Much Data Privacy
The online fraud prevention industry has taken the brunt of increased privacy actions.
371 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ•΄ 2 Years After Colonial Pipeline, US Critical Infrastructure Still Not Ready for Ransomware πŸ•΄

Sweeping changes implemented since the May 2021 cyberattack are helping -- but more work remains to be done, security experts say.

πŸ“– Read

via "Dark Reading".
Dark Reading
2 Years After Colonial Pipeline, US Critical Infrastructure Still Not Ready for Ransomware
Sweeping changes implemented since the May 2021 cyberattack are helping β€” but more work remains to be done, security experts say.
πŸ‘1
367 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-30242 β€Ό

NS-ASG v6.3 was discovered to contain a SQL injection vulnerability via the component /admin/add_ikev2.php.

πŸ“– Read

via "National Vulnerability Database".
349 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ•΄ New White House AI Initiatives Include AI Software-Vetting Event at DEF CON πŸ•΄

The Biden administration outlined its plans to ensure responsible AI development β€” cyber-risk is a core element.

πŸ“– Read

via "Dark Reading".
Dark Reading
New White House AI Initiatives Include AI Software-Vetting Event at DEF CON
The Biden administration outlined its plans to ensure responsible AI development β€” cyber-risk is a core element.
339 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-43919 β€Ό

IBM MQ 9.2 CD, 9.2 LTS, 9.3 CD, and 9.3 LTS could allow an authenticated attacker with authorization to craft messages to cause a denial of service. IBM X-Force ID: 241354.

πŸ“– Read

via "National Vulnerability Database".
284 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-29935 β€Ό

llvm-project commit a0138390 was discovered to contain an assertion failure at !replacements.count(op) && "operation was already replaced.

πŸ“– Read

via "National Vulnerability Database".
263 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-29932 β€Ό

llvm-project commit fdbc55a5 was discovered to contain a segmentation fault via the component mlir::IROperand<mlir::OpOperand.

πŸ“– Read

via "National Vulnerability Database".
248 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-22874 β€Ό

IBM MQ Clients 9.2 CD, 9.3 CD, and 9.3 LTS are vulnerable to a denial of service attack when processing configuration files. IBM X-Force ID: 244216.

πŸ“– Read

via "National Vulnerability Database".
228 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-29934 β€Ό

llvm-project commit 6c01b5c was discovered to contain a segmentation fault via the component mlir::Type::getDialect().

πŸ“– Read

via "National Vulnerability Database".
210 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-30053 β€Ό

TOTOLINK A7100RU V7.4cu.2313_B20191024 is vulnerable to Command Injection.

πŸ“– Read

via "National Vulnerability Database".
217 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-29939 β€Ό

llvm-project commit a0138390 was discovered to contain a segmentation fault via the component mlir::spirv::TargetEnv::TargetEnv(mlir::spirv::TargetEnvAttr).

πŸ“– Read

via "National Vulnerability Database".
215 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-29941 β€Ό

llvm-project commit a0138390 was discovered to contain a segmentation fault via the component matchAndRewriteSortOp<mlir::sparse_tensor::SortOp>(mlir::sparse_tensor::SortOp.

πŸ“– Read

via "National Vulnerability Database".
217 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-29933 β€Ό

llvm-project commit bd456297 was discovered to contain a segmentation fault via the component mlir::Block::getArgument.

πŸ“– Read

via "National Vulnerability Database".
220 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-30243 β€Ό

Beijing Netcon NS-ASG Application Security Gateway v6.3 is vulnerable to SQL Injection via TunnelId that allows access to sensitive information.

πŸ“– Read

via "National Vulnerability Database".
224 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-30434 β€Ό

IBM Storage Scale (IBM Spectrum Scale 5.1.0.0 through 5.1.2.9, 5.1.3.0 through 5.1.6.1 and IBM Elastic Storage Systems 6.1.0.0 through 6.1.2.5, 6.1.3.0 through 6.1.6.0) could allow a local user to cause a kernel panic. IBM X-Force ID: 252187.

πŸ“– Read

via "National Vulnerability Database".
242 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-29942 β€Ό

llvm-project commit a0138390 was discovered to contain a segmentation fault via the component mlir::Type::isa<mlir::LLVM::LLVMVoidType.

πŸ“– Read

via "National Vulnerability Database".
245 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-30013 β€Ό

TOTOLINK X5000R V9.1.0u.6118_B20201102 and V9.1.0u.6369_B20230113 contain a command insertion vulnerability in setting/setTracerouteCfg. This vulnerability allows an attacker to execute arbitrary commands through the "command" parameter.

πŸ“– Read

via "National Vulnerability Database".
267 views