βΌ CVE-2022-48385 βΌ
π Read
via "National Vulnerability Database".
In cp_dump driver, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.π Read
via "National Vulnerability Database".
βΌ CVE-2023-30741 βΌ
π Read
via "National Vulnerability Database".
Due to insufficient input validation, SAP BusinessObjects Business Intelligence Platform - versions 420, 430, allows an unauthenticated attacker to redirect users to untrusted site using a malicious link. On successful exploitation, an attacker can view or modify information causing a limited impact on confidentiality and integrity of the application.π Read
via "National Vulnerability Database".
βΌ CVE-2023-30743 βΌ
π Read
via "National Vulnerability Database".
Due to improper neutralization of input in SAPUI5 - versions SAP_UI 750, SAP_UI 754, SAP_UI 755, SAP_UI 756, SAP_UI 757, UI_700 200, sap.m.FormattedText SAPUI5 control allows injection of untrusted CSS. This blocks userΓ’β¬β’s interaction with the application. Further, in the absence of URL validation by the application, the vulnerability could lead to the attacker reading or modifying userΓ’β¬β’s information through phishing attack.π Read
via "National Vulnerability Database".
βΌ CVE-2023-31406 βΌ
π Read
via "National Vulnerability Database".
Due to insufficient input validation, SAP BusinessObjects Business Intelligence Platform - versions 420, 430, allows an unauthenticated attacker to redirect users to untrusted site using a malicious link. On successful exploitation, an attacker can view or modify information causing a limited impact on confidentiality and integrity of the application.π Read
via "National Vulnerability Database".
βΌ CVE-2022-48384 βΌ
π Read
via "National Vulnerability Database".
In srtd service, there is a possible missing permission check. This could lead to local escalation of privilege with no additional execution privileges.π Read
via "National Vulnerability Database".
βΌ CVE-2022-47469 βΌ
π Read
via "National Vulnerability Database".
In ext4fsfilter driver, there is a possible out of bounds read due to a missing bounds check. This could local denial of service with System execution privileges needed.π Read
via "National Vulnerability Database".
βΌ CVE-2023-32111 βΌ
π Read
via "National Vulnerability Database".
In SAP PowerDesigner (Proxy) - version 16.7, an attacker can send a crafted request from a remote host to the proxy machine and crash the proxy server, due to faulty implementation of memory management causing a memory corruption. This leads to a high impact on availability of the application.π Read
via "National Vulnerability Database".
βΌ CVE-2022-48389 βΌ
π Read
via "National Vulnerability Database".
In modem control device, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.π Read
via "National Vulnerability Database".
βΌ CVE-2022-48370 βΌ
π Read
via "National Vulnerability Database".
In dialer service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges.π Read
via "National Vulnerability Database".
βΌ CVE-2022-48374 βΌ
π Read
via "National Vulnerability Database".
In tee service, there is a possible out of bounds write due to a missing bounds check. This could lead to local denial of service with System execution privileges needed.π Read
via "National Vulnerability Database".
π’ The rise of identity-based cyber attacks and how to mitigate them π’
π Read
via "ITPro".
If identity-based cyber attacks are successful, they can give hackers the opportunity to infiltrate an entire network π Read
via "ITPro".
ITPro
The rise of identity-based cyber attacks and how to mitigate them
If identity-based cyber attacks are successful, they can give hackers the opportunity to infiltrate an entire network
π’ Microsoft Authenticator mandates number matching to counter MFA fatigue attacks π’
π Read
via "ITPro".
The added layer of complexity aims to keep social engineering at bay π Read
via "ITPro".
ITPro
Microsoft Authenticator mandates number matching to counter MFA fatigue attacks
The added layer of complexity aims to keep social engineering at bay
βΌ CVE-2023-2590 βΌ
π Read
via "National Vulnerability Database".
Missing Authorization in GitHub repository answerdev/answer prior to 1.0.9.π Read
via "National Vulnerability Database".
βΌ CVE-2023-23863 βΌ
π Read
via "National Vulnerability Database".
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Black and White Digital Ltd TreePress Γ’β¬β Easy Family Trees & Ancestor Profiles plugin <=Γ 2.0.22 versions.π Read
via "National Vulnerability Database".
βΌ CVE-2023-24372 βΌ
π Read
via "National Vulnerability Database".
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in USB Memory Direct Simple Custom Author Profiles plugin <=Γ 1.0.0 versions.π Read
via "National Vulnerability Database".
βΌ CVE-2023-23884 βΌ
π Read
via "National Vulnerability Database".
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Kanban for WordPress Kanban Boards for WordPress plugin <=Γ 2.5.20 versions.π Read
via "National Vulnerability Database".
βΌ CVE-2023-2591 βΌ
π Read
via "National Vulnerability Database".
Code Injection in GitHub repository nilsteampassnet/teampass prior to 3.0.7.π Read
via "National Vulnerability Database".
βΌ CVE-2023-23664 βΌ
π Read
via "National Vulnerability Database".
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in ConvertBox ConvertBox Auto Embed WordPress plugin <=Γ 1.0.19 versions.π Read
via "National Vulnerability Database".
βΌ CVE-2023-23883 βΌ
π Read
via "National Vulnerability Database".
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerabilityΓ in David Gwyer WP Content Filter plugin <=Γ 3.0.1 versions.π Read
via "National Vulnerability Database".
βΌ CVE-2023-23733 βΌ
π Read
via "National Vulnerability Database".
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Joel James Lazy Social Comments plugin <=Γ 2.0.4 versions.π Read
via "National Vulnerability Database".
βΌ CVE-2022-41640 βΌ
π Read
via "National Vulnerability Database".
Auth. (subscriber+) Stored Cross-Site Scripting (XSS) vulnerability in Rymera Web Co Wholesale Suite plugin <=Γ 2.1.5 versions.π Read
via "National Vulnerability Database".