βΌ CVE-2023-0858 βΌ
π Read
via "National Vulnerability Database".
Improper Authentication of RemoteUI of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger unauthorized access to the product. *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmware Ver.11.04 and earlier sold in US. i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series, C1127P, C1127iF, C1127i firmware Ver.11.04 and earlier sold in Europe.π Read
via "National Vulnerability Database".
βΌ CVE-2023-31445 βΌ
π Read
via "National Vulnerability Database".
Cassia Access controller before 2.1.1.2203171453, was discovered to have a unprivileged -information disclosure vulnerability that allows read-only users have the ability to enumerate all other users and discover e-mail addresses, phone numbers, and privileges of all other users.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0853 βΌ
π Read
via "National Vulnerability Database".
Buffer overflow in mDNS NSEC record registering process of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmware Ver.11.04 and earlier sold in US. i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series, C1127P, C1127iF, C1127i firmware Ver.11.04 and earlier sold in Europe.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0852 βΌ
π Read
via "National Vulnerability Database".
Buffer overflow in the Address Book of Mobile Device function of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmware Ver.11.04 and earlier sold in US. i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series, C1127P, C1127iF, C1127i firmware Ver.11.04 and earlier sold in Europe.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0859 βΌ
π Read
via "National Vulnerability Database".
Arbitrary Files can be installed in the Setting Data Import function of Office / Small Office Multifunction Printers and Laser Printers(*). *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmware Ver.11.04 and earlier sold in US. i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series, C1127P, C1127iF, C1127i firmware Ver.11.04 and earlier sold in Europe.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0851 βΌ
π Read
via "National Vulnerability Database".
Buffer overflow in CPCA Resource Download process of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmware Ver.11.04 and earlier sold in US. i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series, C1127P, C1127iF, C1127i firmware Ver.11.04 and earlier sold in Europe.π Read
via "National Vulnerability Database".
βΌ CVE-2021-34076 βΌ
π Read
via "National Vulnerability Database".
File Upload vulnerability in PHPOK 5.7.140 allows remote attackers to run arbitrary code and gain escalated privileges via crafted zip file upload.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0854 βΌ
π Read
via "National Vulnerability Database".
Buffer overflow in NetBIOS QNAME registering and communication process of Office / Small Office Multifunction Printers and Laser Printers(*) which may allow an attacker on the network segment to trigger the affected product being unresponsive or to execute arbitrary code. *:Satera LBP660C Series/LBP620C Series/MF740C Series/MF640C Series firmware Ver.11.04 and earlier sold in Japan. Color imageCLASS LBP660C Series/LBP 620C Series/X LBP1127C/MF740C Series/MF640C Series/X MF1127C firmware Ver.11.04 and earlier sold in US. i-SENSYS LBP660C Series/LBP620C Series/MF740C Series/MF640C Series, C1127P, C1127iF, C1127i firmware Ver.11.04 and earlier sold in Europe.π Read
via "National Vulnerability Database".
π΄ CISA Addresses 'Cyber Poor' Small Biz, Local Government π΄
π Read
via "Dark Reading".
Relatively few organizations have the resources for security programs and security professionals, so the US cyber agency is putting programs in place to help them, while striving to understand the scope of the problem itself.π Read
via "Dark Reading".
Dark Reading
CISA Addresses 'Cyber Poor' Small Biz, Local Government
Relatively few organizations have the resources for security programs and security professionals, so the US cyber agency is putting programs in place to help them, while striving to understand the scope of the problem itself.
β S3 Ep134: Itβs a PRIVATE key β the hint is in the name! β
π Read
via "Naked Security".
Latest episode - listen now! π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
β Bootkit zero-day fix β is this Microsoftβs most cautious patch ever? β
π Read
via "Naked Security".
When blocking buggy bootup modules, you have to be really careful not to lock your keys inside the car...π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
βΌ CVE-2023-2661 βΌ
π Read
via "National Vulnerability Database".
A vulnerability was found in SourceCodester Online Computer and Laptop Store 1.0 and classified as critical. This issue affects some unknown processing of the file /classes/Master.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-228803.π Read
via "National Vulnerability Database".
βΌ CVE-2023-2659 βΌ
π Read
via "National Vulnerability Database".
A vulnerability, which was classified as critical, was found in SourceCodester Online Computer and Laptop Store 1.0. This affects an unknown part of the file view_product.php. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-228801 was assigned to this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2023-2660 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been found in SourceCodester Online Computer and Laptop Store 1.0 and classified as critical. This vulnerability affects unknown code of the file view_categories.php. The manipulation of the argument c leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-228802 is the identifier assigned to this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2023-2657 βΌ
π Read
via "National Vulnerability Database".
A vulnerability classified as problematic was found in SourceCodester Online Computer and Laptop Store 1.0. Affected by this vulnerability is an unknown functionality of the file products.php. The manipulation of the argument search leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-228799.π Read
via "National Vulnerability Database".
βΌ CVE-2023-2658 βΌ
π Read
via "National Vulnerability Database".
A vulnerability, which was classified as critical, has been found in SourceCodester Online Computer and Laptop Store 1.0. Affected by this issue is some unknown functionality of the file products.php. The manipulation of the argument c leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-228800.π Read
via "National Vulnerability Database".
βΌ CVE-2023-22720 βΌ
π Read
via "National Vulnerability Database".
Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Robert Macchi WP Links Page plugin <=Γ 4.9.3 versions.π Read
via "National Vulnerability Database".
βΌ CVE-2022-47129 βΌ
π Read
via "National Vulnerability Database".
PHPOK v6.3 was discovered to contain a remote code execution (RCE) vulnerability.π Read
via "National Vulnerability Database".
π΄ Startup Competition Secures ML Systems, Vulnerabilities in Automation π΄
π Read
via "Dark Reading".
RSA's Innovation Sandbox 2023 focused on the software supply chain, as well as attack surfaces exposed by generative AI, ML systems, and APIs.π Read
via "Dark Reading".
Dark Reading
Startup Competition Secures ML Systems, Vulnerabilities in Automation
RSA's Innovation Sandbox 2023 focused on the software supply chain, as well as attack surfaces exposed by generative AI, ML systems, and APIs.
π΄ Integrating Cyber Resiliency With FPGAs π΄
π Read
via "Dark Reading".
Field programmable gate arrays are particularly useful for organizations embracing new edge computing devices and applications.π Read
via "Dark Reading".
Dark Reading
Integrating Cyber Resiliency With FPGAs
Field programmable gate arrays are particularly useful for organizations that are embracing new edge computing devices and applications.
βΌ CVE-2023-29400 βΌ
π Read
via "National Vulnerability Database".
Templates containing actions in unquoted HTML attributes (e.g. "attr={{.}}") executed with empty input can result in output with unexpected results when parsed due to HTML normalization rules. This may allow injection of arbitrary attributes into tags.π Read
via "National Vulnerability Database".