βΌ CVE-2023-29659 βΌ
π Read
via "National Vulnerability Database".
A Segmentation fault caused by a floating point exception exists in libheif 1.15.1 using crafted heif images via the heif::Fraction::round() function in box.cc, which causes a denial of service.π Read
via "National Vulnerability Database".
βΌ CVE-2023-26285 βΌ
π Read
via "National Vulnerability Database".
IBM MQ 9.2 CD, 9.2 LTS, 9.3 CD, and 9.3 LTS could allow a remote attacker to cause a denial of service due to an error processing invalid data. IBM X-Force ID: 248418.π Read
via "National Vulnerability Database".
βΌ CVE-2023-32269 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in the Linux kernel before 6.1.11. In net/netrom/af_netrom.c, there is a use-after-free because accept is also allowed for a successfully connected AF_NETROM socket. However, in order for an attacker to exploit this, the system must have netrom routing configured or the attacker must have the CAP_NET_ADMIN capability.π Read
via "National Vulnerability Database".
π΄ Apple Patches Bluetooth Flaw in AirPods, Beats π΄
π Read
via "Dark Reading".
Users can check for the updated firmware version of their wireless headphones in the Bluetooth settings of their iPhone, iPad, or Mac devices.π Read
via "Dark Reading".
Dark Reading
Apple Patches Bluetooth Flaw in AirPods, Beats
Users can check for the updated firmware version of their wireless headphones in the Bluetooth settings of their iPhone, iPad, or Mac devices.
π΄ Judge Spares Former Uber CISO Jail Time Over 2016 Data Breach Charges π΄
π Read
via "Dark Reading".
Tell other CISO's "you got a break," judge says in handing down a three-year probation sentence to Joseph Sullivan.π Read
via "Dark Reading".
Dark Reading
Judge Spares Former Uber CISO Jail Time Over 2016 Data Breach Charges
Tell other CISOs "you got a break," judge says in handing down a three-year probation sentence to Joseph Sullivan.
βΌ CVE-2023-2427 βΌ
π Read
via "National Vulnerability Database".
Cross-site Scripting (XSS) - Reflected in GitHub repository thorsten/phpmyfaq prior to 3.1.13.π Read
via "National Vulnerability Database".
βΌ CVE-2020-4914 βΌ
π Read
via "National Vulnerability Database".
IBM Cloud Pak System Suite 2.3.3.0 through 2.3.3.5 does not invalidate session after logout which could allow a local user to impersonate another user on the system. IBM X-Force ID: 191290.π Read
via "National Vulnerability Database".
βΌ CVE-2022-43866 βΌ
π Read
via "National Vulnerability Database".
IBM Maximo Asset Management 7.6.1.2 and 7.6.1.3 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 239436.π Read
via "National Vulnerability Database".
βΌ CVE-2023-2516 βΌ
π Read
via "National Vulnerability Database".
Cross-site Scripting (XSS) - Stored in GitHub repository nilsteampassnet/teampass prior to 3.0.7.π Read
via "National Vulnerability Database".
π΄ Browser Isolation Adapts to Remote Work, Greater Cloud Usage π΄
π Read
via "Dark Reading".
As browsers become the center of many workers' days, isolation technologies shift to protecting the extended enterprise.π Read
via "Dark Reading".
Dark Reading
Browser Isolation Adapts to Remote Work, Greater Cloud Usage
As browsers become the center of many workers' days, isolation technologies shift to protecting the extended enterprise.
π΄ Satori Unveils Universal Data Permissions Scanner, A Free Open-Source Tool that Sheds Light on Data Access Authorization π΄
π Read
via "Dark Reading".
Addressing data access blindspots commonly faced by enterprises, data security leader launches the first open-source authorization analysis tool to provide universal visibility into data access permissions across multiple data stores.π Read
via "Dark Reading".
Dark Reading
Satori Unveils Universal Data Permissions Scanner, a Free Open Source Tool that Sheds Light on Data Access Authorization
Addressing data access blindspots commonly faced by enterprises, data security leader launches the first open-source authorization analysis tool to provide universal visibility into data access permissions across multiple data stores.
π΄ KnowBe4 Launches Password Kit to Celebrate World Password Day π΄
π Read
via "Dark Reading".
KnowBe4 is offering a no-cost password kit to help end users practice good password hygiene and strengthen their defenses against social engineering.π Read
via "Dark Reading".
Dark Reading
KnowBe4 Launches Password Kit to Celebrate World Password Day
KnowBe4 is offering a no-cost password kit to help end users practice good password hygiene and strengthen their defenses against social engineering.
βΌ CVE-2023-2553 βΌ
π Read
via "National Vulnerability Database".
Cross-site Scripting (XSS) - Stored in GitHub repository unilogies/bumsys prior to 2.2.0.π Read
via "National Vulnerability Database".
βΌ CVE-2023-2551 βΌ
π Read
via "National Vulnerability Database".
PHP Remote File Inclusion in GitHub repository unilogies/bumsys prior to 2.1.1.π Read
via "National Vulnerability Database".
βΌ CVE-2023-2554 βΌ
π Read
via "National Vulnerability Database".
External Control of File Name or Path in GitHub repository unilogies/bumsys prior to 2.2.0.π Read
via "National Vulnerability Database".
βΌ CVE-2023-2552 βΌ
π Read
via "National Vulnerability Database".
Cross-Site Request Forgery (CSRF) in GitHub repository unilogies/bumsys prior to 2.1.1.π Read
via "National Vulnerability Database".
βΌ CVE-2023-2550 βΌ
π Read
via "National Vulnerability Database".
Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.13.π Read
via "National Vulnerability Database".
π1
βΌ CVE-2023-26519 βΌ
π Read
via "National Vulnerability Database".
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Alex Benfica Publish to Schedule plugin <=Γ 4.5.4 versions.π Read
via "National Vulnerability Database".
βΌ CVE-2023-26517 βΌ
π Read
via "National Vulnerability Database".
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Jeff Starr Dashboard Widgets Suite plugin <=Γ 3.2.1 versions.π Read
via "National Vulnerability Database".
βΌ CVE-2023-25491 βΌ
π Read
via "National Vulnerability Database".
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerabilityΓ in Samuel Marshall JCH Optimize plugin <=Γ 3.2.2 versions.π Read
via "National Vulnerability Database".
π1
βΌ CVE-2023-24400 βΌ
π Read
via "National Vulnerability Database".
Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in Hu-manity.Co Cookie Notice & Compliance for GDPR / CCPA plugin <=Γ 2.4.6 versions.π Read
via "National Vulnerability Database".