🛡 Cybersecurity & Privacy 🛡 - News
@cibsecurity
25.8K subscribers
89.2K links
🗞 The finest daily news on cybersecurity and privacy.

🔔 Daily releases.

💻 Is your online life secure?

📩 lalilolalo.dev@gmail.com
Download Telegram
About
Blog
Apps
Platform
Join
🛡 Cybersecurity & Privacy 🛡 - News
25.8K subscribers
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-31181 ‼

WJJ Software - InnoKB Server, InnoKB/Console 2.2.1 - CWE-22: Path Traversal

📖 Read

via "National Vulnerability Database".
80 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-30787 ‼

MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the `people:id/introductions` endpoint and first_met_additional_info parameter.

📖 Read

via "National Vulnerability Database".
79 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-22649 ‼

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none.

📖 Read

via "National Vulnerability Database".
79 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-32856 ‼

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none.

📖 Read

via "National Vulnerability Database".
81 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-32930 ‼

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none.

📖 Read

via "National Vulnerability Database".
82 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-27968 ‼

A buffer overflow issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3. An app may be able to cause unexpected system termination or write kernel memory

📖 Read

via "National Vulnerability Database".
83 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-24505 ‼

Milesight NCR/camera version 71.8.0.6-r5 discloses sensitive information through an unspecified request.

📖 Read

via "National Vulnerability Database".
83 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-23534 ‼

The issue was addressed with improved checks. This issue is fixed in macOS Ventura 13.3, macOS Big Sur 11.7.5. Processing a maliciously crafted image may result in disclosure of process memory

📖 Read

via "National Vulnerability Database".
83 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-31125 ‼

Engine.IO is the implementation of transport-based cross-browser/cross-device bi-directional communication layer for Socket.IO. An uncaught exception vulnerability was introduced in version 5.1.0 and included in version 4.1.0 of the `socket.io` parent package. Older versions are not impacted. A specially crafted HTTP request can trigger an uncaught exception on the Engine.IO server, thus killing the Node.js process. This impacts all the users of the `engine.io` package, including those who use depending packages like `socket.io`. This issue was fixed in version 6.4.2 of Engine.IO. There is no known workaround except upgrading to a safe version.

📖 Read

via "National Vulnerability Database".
82 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-30790 ‼

MonicaHQ version 4.0.0 allows an authenticated remote attacker to execute malicious code in the application via CSTI in the `people:id/relationships` endpoint and first_name and last_name parameter.

📖 Read

via "National Vulnerability Database".
74 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-27954 ‼

The issue was addressed by removing origin information. This issue is fixed in macOS Ventura 13.3, watchOS 9.4, tvOS 16.4, iOS 15.7.4 and iPadOS 15.7.4, Safari 16.4, iOS 16.4 and iPadOS 16.4. A website may be able to track sensitive user information

📖 Read

via "National Vulnerability Database".
78 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-23528 ‼

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in tvOS 16.4, iOS 16.4 and iPadOS 16.4. Processing a maliciously crafted Bluetooth packet may result in disclosure of process memory

📖 Read

via "National Vulnerability Database".
78 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-27958 ‼

The issue was addressed with improved memory handling. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. A remote user may be able to cause unexpected system termination or corrupt kernel memory

📖 Read

via "National Vulnerability Database".
81 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-46707 ‼

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none.

📖 Read

via "National Vulnerability Database".
79 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-27946 ‼

An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, iOS 15.7.4 and iPadOS 15.7.4, macOS Big Sur 11.7.5. Processing a maliciously crafted file may lead to unexpected app termination or arbitrary code execution

📖 Read

via "National Vulnerability Database".
80 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-32806 ‼

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none.

📖 Read

via "National Vulnerability Database".
81 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-28182 ‼

The issue was addressed with improved authentication. This issue is fixed in macOS Ventura 13.3, macOS Big Sur 11.7.5, macOS Monterey 12.6.4, iOS 15.7.4 and iPadOS 15.7.4, iOS 16.4 and iPadOS 16.4. A user in a privileged network position may be able to spoof a VPN server that is configured with EAP-only authentication on a device

📖 Read

via "National Vulnerability Database".
82 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-23494 ‼

A buffer overflow was addressed with improved bounds checking. This issue is fixed in iOS 16.4 and iPadOS 16.4. A user in a privileged network position may be able to cause a denial-of-service

📖 Read

via "National Vulnerability Database".
80 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-23540 ‼

The issue was addressed with improved memory handling. This issue is fixed in macOS Monterey 12.6.4, macOS Big Sur 11.7.5, iOS 16.4 and iPadOS 16.4. An app may be able to execute arbitrary code with kernel privileges

📖 Read

via "National Vulnerability Database".
79 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-27935 ‼

The issue was addressed with improved bounds checks. This issue is fixed in macOS Ventura 13.3, macOS Monterey 12.6.4, macOS Big Sur 11.7.5. A remote user may be able to cause unexpected app termination or arbitrary code execution

📖 Read

via "National Vulnerability Database".
75 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2022-22645 ‼

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was in a CNA pool that was not assigned to any issues during 2022. Notes: none.

📖 Read

via "National Vulnerability Database".
73 views