πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
@cibsecurity
25.8K subscribers
89.2K links
πŸ—ž The finest daily news on cybersecurity and privacy.

πŸ”” Daily releases.

πŸ’» Is your online life secure?

πŸ“© lalilolalo.dev@gmail.com
Download Telegram
About
Blog
Apps
Platform
Join
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
25.8K subscribers
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-43919 β€Ό

IBM MQ 9.2 CD, 9.2 LTS, 9.3 CD, and 9.3 LTS could allow an authenticated attacker with authorization to craft messages to cause a denial of service. IBM X-Force ID: 241354.

πŸ“– Read

via "National Vulnerability Database".
284 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-29935 β€Ό

llvm-project commit a0138390 was discovered to contain an assertion failure at !replacements.count(op) && "operation was already replaced.

πŸ“– Read

via "National Vulnerability Database".
263 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-29932 β€Ό

llvm-project commit fdbc55a5 was discovered to contain a segmentation fault via the component mlir::IROperand<mlir::OpOperand.

πŸ“– Read

via "National Vulnerability Database".
248 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-22874 β€Ό

IBM MQ Clients 9.2 CD, 9.3 CD, and 9.3 LTS are vulnerable to a denial of service attack when processing configuration files. IBM X-Force ID: 244216.

πŸ“– Read

via "National Vulnerability Database".
228 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-29934 β€Ό

llvm-project commit 6c01b5c was discovered to contain a segmentation fault via the component mlir::Type::getDialect().

πŸ“– Read

via "National Vulnerability Database".
210 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-30053 β€Ό

TOTOLINK A7100RU V7.4cu.2313_B20191024 is vulnerable to Command Injection.

πŸ“– Read

via "National Vulnerability Database".
217 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-29939 β€Ό

llvm-project commit a0138390 was discovered to contain a segmentation fault via the component mlir::spirv::TargetEnv::TargetEnv(mlir::spirv::TargetEnvAttr).

πŸ“– Read

via "National Vulnerability Database".
215 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-29941 β€Ό

llvm-project commit a0138390 was discovered to contain a segmentation fault via the component matchAndRewriteSortOp<mlir::sparse_tensor::SortOp>(mlir::sparse_tensor::SortOp.

πŸ“– Read

via "National Vulnerability Database".
217 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-29933 β€Ό

llvm-project commit bd456297 was discovered to contain a segmentation fault via the component mlir::Block::getArgument.

πŸ“– Read

via "National Vulnerability Database".
220 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-30243 β€Ό

Beijing Netcon NS-ASG Application Security Gateway v6.3 is vulnerable to SQL Injection via TunnelId that allows access to sensitive information.

πŸ“– Read

via "National Vulnerability Database".
224 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-30434 β€Ό

IBM Storage Scale (IBM Spectrum Scale 5.1.0.0 through 5.1.2.9, 5.1.3.0 through 5.1.6.1 and IBM Elastic Storage Systems 6.1.0.0 through 6.1.2.5, 6.1.3.0 through 6.1.6.0) could allow a local user to cause a kernel panic. IBM X-Force ID: 252187.

πŸ“– Read

via "National Vulnerability Database".
242 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-29942 β€Ό

llvm-project commit a0138390 was discovered to contain a segmentation fault via the component mlir::Type::isa<mlir::LLVM::LLVMVoidType.

πŸ“– Read

via "National Vulnerability Database".
245 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-30013 β€Ό

TOTOLINK X5000R V9.1.0u.6118_B20201102 and V9.1.0u.6369_B20230113 contain a command insertion vulnerability in setting/setTracerouteCfg. This vulnerability allows an attacker to execute arbitrary commands through the "command" parameter.

πŸ“– Read

via "National Vulnerability Database".
267 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-30054 β€Ό

TOTOLINK A7100RU V7.4cu.2313_B20191024 has a Command Injection vulnerability. An attacker can obtain a stable root shell through a specially constructed payload.

πŸ“– Read

via "National Vulnerability Database".
277 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2022-38707 β€Ό

IBM Cognos Command Center 10.2.4.1 could allow a local attacker to obtain sensitive information due to insufficient session expiration. IBM X-Force ID: 234179.

πŸ“– Read

via "National Vulnerability Database".
285 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
⚠ S3 Ep133: Apple takes β€œtight-lipped” to a whole new level ⚠

Entertaining, educational, and all in plain English πŸŽ§πŸ“–

πŸ“– Read

via "Naked Security".
Naked Security
S3 Ep133: Apple takes β€œtight-lipped” to a whole new level
Entertaining, educational, and all in plain English πŸŽ§πŸ“–
318 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
⚠ World Password Day: 2 + 2 = 4 ⚠

We've kept it short and simple, with no sermons, no judgmentalism, no tubthumping... and no BUY NOW buttons. Have a nice day!

πŸ“– Read

via "Naked Security".
Naked Security
World Password Day: 2 + 2 = 4
We’ve kept it short and simple, with no sermons, no judgmentalism, no tubthumping… and no BUY NOW buttons. Have a nice day!
330 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
⚠ PHP Packagist supply chain poisoned by hacker β€œlooking for a job” ⚠

I pwned you! Gizza job! You know it makes sense!

πŸ“– Read

via "Naked Security".
Sophos News
Naked Security – Sophos News
314 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ•΄ Attackers Route Malware Activity Over Popular CDNs πŸ•΄

One way to hide malicious activity is to make it look benign by blending in with regular traffic passing through content delivery networks (CDNs) and cloud service providers, according to a Netskope report.

πŸ“– Read

via "Dark Reading".
Dark Reading
Attackers Route Malware Activity Over Popular CDNs
One way to hide malicious activity is to make it look benign by blending in with regular traffic passing through content delivery networks (CDNs) and cloud service providers, according to a Netskope report.
395 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-29659 β€Ό

A Segmentation fault caused by a floating point exception exists in libheif 1.15.1 using crafted heif images via the heif::Fraction::round() function in box.cc, which causes a denial of service.

πŸ“– Read

via "National Vulnerability Database".
341 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-26285 β€Ό

IBM MQ 9.2 CD, 9.2 LTS, 9.3 CD, and 9.3 LTS could allow a remote attacker to cause a denial of service due to an error processing invalid data. IBM X-Force ID: 248418.

πŸ“– Read

via "National Vulnerability Database".
337 views