π΄ Consilient Inc. and Harex InfoTech Partner to Fight Financial Crime in South Korea π΄
π Read
via "Dark Reading".
Companies bring generative AI-Federated Learning to the forefront to transform business processes and enable dynamic risk management.π Read
via "Dark Reading".
Dark Reading
Consilient Inc. and Harex InfoTech Partner to Fight Financial Crime in South Korea
Companies bring generative AI-Federated Learning to the forefront to transform business processes and enable dynamic risk management.
βΌ CVE-2023-23543 βΌ
π Read
via "National Vulnerability Database".
The issue was addressed with additional restrictions on the observability of app states. This issue is fixed in macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4. A sandboxed app may be able to determine which app is currently using the cameraπ Read
via "National Vulnerability Database".
βΌ CVE-2022-46727 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2022-32874 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2023-27969 βΌ
π Read
via "National Vulnerability Database".
A use after free issue was addressed with improved memory management. This issue is fixed in macOS Ventura 13.3, watchOS 9.4, tvOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4. An app may be able to execute arbitrary code with kernel privilegesπ Read
via "National Vulnerability Database".
βΌ CVE-2023-27967 βΌ
π Read
via "National Vulnerability Database".
The issue was addressed with improved memory handling. This issue is fixed in Xcode 14.3. An app may be able to execute arbitrary code out of its sandbox or with certain elevated privilegesπ Read
via "National Vulnerability Database".
βΌ CVE-2023-27965 βΌ
π Read
via "National Vulnerability Database".
A memory corruption issue was addressed with improved state management. This issue is fixed in macOS Ventura 13.3, Studio Display Firmware Update 16.4. An app may be able to execute arbitrary code with kernel privilegesπ Read
via "National Vulnerability Database".
βΌ CVE-2022-42804 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2022-32873 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2023-31179 βΌ
π Read
via "National Vulnerability Database".
AgilePoint NX v8.0 SU2.2 & SU2.3 - Path traversal -Γ Vulnerability allows path traversal and downloading files from the server, by an unspecified request.π Read
via "National Vulnerability Database".
βΌ CVE-2023-31140 βΌ
π Read
via "National Vulnerability Database".
OpenProject is open source project management software. Starting with version 7.4.0 and prior to version 12.5.4, when a user registers and confirms their first two-factor authentication (2FA) device for an account, existing logged in sessions for that user account are not terminated. Likewise, if an administrators creates a mobile phone 2FA device on behalf of a user, their existing sessions are not terminated. The issue has been resolved in OpenProject version 12.5.4 by actively terminating sessions of user accounts having registered and confirmed a 2FA device. As a workaround, users who register the first 2FA device on their account can manually log out to terminate all other active sessions. This is the default behavior of OpenProject but might be disabled through a configuration option. Double check that this option is not overridden if one plans to employ the workaround.π Read
via "National Vulnerability Database".
βΌ CVE-2023-27963 βΌ
π Read
via "National Vulnerability Database".
The issue was addressed with additional permissions checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, watchOS 9.4, iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4. A shortcut may be able to use sensitive data with certain actions without prompting the userπ Read
via "National Vulnerability Database".
βΌ CVE-2023-23541 βΌ
π Read
via "National Vulnerability Database".
A privacy issue was addressed with improved private data redaction for log entries. This issue is fixed in iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4. An app may be able to access information about a userΓ’β¬β’s contactsπ Read
via "National Vulnerability Database".
βΌ CVE-2023-27960 βΌ
π Read
via "National Vulnerability Database".
This issue was addressed by removing the vulnerable code. This issue is fixed in GarageBand for macOS 10.4.8. An app may be able to gain elevated privileges during the installation of GarageBandπ Read
via "National Vulnerability Database".
βΌ CVE-2023-2478 βΌ
π Read
via "National Vulnerability Database".
An issue has been discovered in GitLab CE/EE affecting all versions starting from 15.4 before 15.9.7, all versions starting from 15.10 before 15.10.6, all versions starting from 15.11 before 15.11.2. Under certain conditions, a malicious unauthorized GitLab user may use a GraphQL endpoint to attach a malicious runner to any project.π Read
via "National Vulnerability Database".
βΌ CVE-2023-23536 βΌ
π Read
via "National Vulnerability Database".
The issue was addressed with improved bounds checks. This issue is fixed in macOS Ventura 13.3, iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4. An app may be able to execute arbitrary code with kernel privilegesπ Read
via "National Vulnerability Database".
βΌ CVE-2023-2513 βΌ
π Read
via "National Vulnerability Database".
A use-after-free vulnerability was found in the Linux kernel's ext4 filesystem in the way it handled the extra inode size for extended attributes. This flaw could allow a privileged local user to cause a system crash or other undefined behaviors.π Read
via "National Vulnerability Database".
βΌ CVE-2022-46719 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2023-23523 βΌ
π Read
via "National Vulnerability Database".
A logic issue was addressed with improved restrictions. This issue is fixed in macOS Ventura 13.3, iOS 16.4 and iPadOS 16.4. Photos belonging to the Hidden Photos Album could be viewed without authentication through Visual Lookupπ Read
via "National Vulnerability Database".
βΌ CVE-2023-27959 βΌ
π Read
via "National Vulnerability Database".
The issue was addressed with improved memory handling. This issue is fixed in iOS 16.4 and iPadOS 16.4. An app may be able to execute arbitrary code with kernel privilegesπ Read
via "National Vulnerability Database".
βΌ CVE-2022-42794 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none.π Read
via "National Vulnerability Database".