π΄ Browser Isolation Adapts to Remote Work, Greater Cloud Usage π΄
π Read
via "Dark Reading".
As browsers become the center of many workers' days, isolation technologies shift to protecting the extended enterprise.π Read
via "Dark Reading".
Dark Reading
Browser Isolation Adapts to Remote Work, Greater Cloud Usage
As browsers become the center of many workers' days, isolation technologies shift to protecting the extended enterprise.
π΄ Satori Unveils Universal Data Permissions Scanner, A Free Open-Source Tool that Sheds Light on Data Access Authorization π΄
π Read
via "Dark Reading".
Addressing data access blindspots commonly faced by enterprises, data security leader launches the first open-source authorization analysis tool to provide universal visibility into data access permissions across multiple data stores.π Read
via "Dark Reading".
Dark Reading
Satori Unveils Universal Data Permissions Scanner, a Free Open Source Tool that Sheds Light on Data Access Authorization
Addressing data access blindspots commonly faced by enterprises, data security leader launches the first open-source authorization analysis tool to provide universal visibility into data access permissions across multiple data stores.
π΄ KnowBe4 Launches Password Kit to Celebrate World Password Day π΄
π Read
via "Dark Reading".
KnowBe4 is offering a no-cost password kit to help end users practice good password hygiene and strengthen their defenses against social engineering.π Read
via "Dark Reading".
Dark Reading
KnowBe4 Launches Password Kit to Celebrate World Password Day
KnowBe4 is offering a no-cost password kit to help end users practice good password hygiene and strengthen their defenses against social engineering.
βΌ CVE-2023-2553 βΌ
π Read
via "National Vulnerability Database".
Cross-site Scripting (XSS) - Stored in GitHub repository unilogies/bumsys prior to 2.2.0.π Read
via "National Vulnerability Database".
βΌ CVE-2023-2551 βΌ
π Read
via "National Vulnerability Database".
PHP Remote File Inclusion in GitHub repository unilogies/bumsys prior to 2.1.1.π Read
via "National Vulnerability Database".
βΌ CVE-2023-2554 βΌ
π Read
via "National Vulnerability Database".
External Control of File Name or Path in GitHub repository unilogies/bumsys prior to 2.2.0.π Read
via "National Vulnerability Database".
βΌ CVE-2023-2552 βΌ
π Read
via "National Vulnerability Database".
Cross-Site Request Forgery (CSRF) in GitHub repository unilogies/bumsys prior to 2.1.1.π Read
via "National Vulnerability Database".
βΌ CVE-2023-2550 βΌ
π Read
via "National Vulnerability Database".
Cross-site Scripting (XSS) - Stored in GitHub repository thorsten/phpmyfaq prior to 3.1.13.π Read
via "National Vulnerability Database".
π1
βΌ CVE-2023-26519 βΌ
π Read
via "National Vulnerability Database".
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Alex Benfica Publish to Schedule plugin <=Γ 4.5.4 versions.π Read
via "National Vulnerability Database".
βΌ CVE-2023-26517 βΌ
π Read
via "National Vulnerability Database".
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Jeff Starr Dashboard Widgets Suite plugin <=Γ 3.2.1 versions.π Read
via "National Vulnerability Database".
βΌ CVE-2023-25491 βΌ
π Read
via "National Vulnerability Database".
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerabilityΓ in Samuel Marshall JCH Optimize plugin <=Γ 3.2.2 versions.π Read
via "National Vulnerability Database".
π1
βΌ CVE-2023-24400 βΌ
π Read
via "National Vulnerability Database".
Auth. (contributor+) Cross-Site Scripting (XSS) vulnerability in Hu-manity.Co Cookie Notice & Compliance for GDPR / CCPA plugin <=Γ 2.4.6 versions.π Read
via "National Vulnerability Database".
βΌ CVE-2023-31047 βΌ
π Read
via "National Vulnerability Database".
In Django 3.2 before 3.2.19, 4.x before 4.1.9, and 4.2 before 4.2.1, it was possible to bypass validation when using one form field to upload multiple files. This multiple upload has never been supported by forms.FileField or forms.ImageField (only the last uploaded file was validated). However, Django's "Uploading multiple files" documentation suggested otherwise.π Read
via "National Vulnerability Database".
βΌ CVE-2023-32290 βΌ
π Read
via "National Vulnerability Database".
The myMail app through 14.30 for iOS sends cleartext credentials in a situation where STARTTLS is expected by a server.π Read
via "National Vulnerability Database".
βΌ CVE-2023-2564 βΌ
π Read
via "National Vulnerability Database".
OS Command Injection in GitHub repository sbs20/scanservjs prior to v2.27.0.π Read
via "National Vulnerability Database".
βΌ CVE-2023-2565 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been found in SourceCodester Multi Language Hotel Management Software 1.0 and classified as problematic. This vulnerability affects unknown code of the file ajax.php of the component POST Parameter Handler. The manipulation of the argument complaint_type with the input <script>alert(document.cookie)</script> leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-228172.π Read
via "National Vulnerability Database".
βΌ CVE-2023-30185 βΌ
π Read
via "National Vulnerability Database".
CRMEB v4.4 to v4.6 was discovered to contain an arbitrary file upload vulnerability via the component \attachment\SystemAttachmentServices.php.π Read
via "National Vulnerability Database".
π1
βΌ CVE-2023-30018 βΌ
π Read
via "National Vulnerability Database".
Judging Management System v1.0 is vulnerable to SQL Injection. via /php-jms/review_se_result.php?mainevent_id=.π Read
via "National Vulnerability Database".
βΌ CVE-2023-30257 βΌ
π Read
via "National Vulnerability Database".
A buffer overflow in the component /proc/ftxxxx-debug of FiiO M6 Build Number v1.0.4 allows attackers to escalate privileges to root.π Read
via "National Vulnerability Database".
βΌ CVE-2023-29944 βΌ
π Read
via "National Vulnerability Database".
Metersphere v1.20.20-lts-79d354a6 is vulnerable to Remote Command Execution. The system command reverse-shell can be executed at the custom code snippet function of the metersphere system workbenchπ Read
via "National Vulnerability Database".
π1
βΌ CVE-2023-29247 βΌ
π Read
via "National Vulnerability Database".
Task instance details page in the UI is vulnerable to a stored XSS.This issue affects Apache Airflow: before 2.6.0.π Read
via "National Vulnerability Database".