๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
@cibsecurity
25.9K subscribers
89.2K links
๐Ÿ—ž The finest daily news on cybersecurity and privacy.

๐Ÿ”” Daily releases.

๐Ÿ’ป Is your online life secure?

๐Ÿ“ฉ lalilolalo.dev@gmail.com
Download Telegram
About
Blog
Apps
Platform
Join
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
25.9K subscribers
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2022-47134 โ€ผ

Cross-Site Request Forgery (CSRF) vulnerability in Bill Erickson Gallery Metabox plugin <=ร‚ 1.5 versions.

๐Ÿ“– Read

via "National Vulnerability Database".
๐Ÿ‘1
488 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-22689 โ€ผ

Cross-Site Request Forgery (CSRF) vulnerability in Lucian Apostol Auto Affiliate Links plugin <=ร‚ 6.3 versions.

๐Ÿ“– Read

via "National Vulnerability Database".
525 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-23890 โ€ผ

Cross-Site Request Forgery (CSRF) vulnerability in LJ Apps WP Airbnb Review Slider plugin <=ร‚ 3.2 versions.

๐Ÿ“– Read

via "National Vulnerability Database".
597 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-32589 โ€ผ

Cross-Site Request Forgery (CSRF) vulnerability in PingOnline Dyslexiefont Free plugin <=ร‚ 1.0.0 versions.

๐Ÿ“– Read

via "National Vulnerability Database".
641 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-24414 โ€ผ

Cross-Site Request Forgery (CSRF) vulnerability in RoboSoft Photo Gallery, Images, Slider in Rbs Image Gallery plugin <=ร‚ 3.2.11 versions.

๐Ÿ“– Read

via "National Vulnerability Database".
732 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-2826 โ€ผ

A vulnerability has been found in SourceCodester Class Scheduling System 1.0 and classified as problematic. This vulnerability affects unknown code of the file search_teacher_result.php of the component POST Parameter Handler. The manipulation of the argument teacher leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-229612.

๐Ÿ“– Read

via "National Vulnerability Database".
788 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-33252 โ€ผ

iden3 snarkjs through 0.6.11 allows double spending because there is no validation that the publicSignals length is less than the field modulus.

๐Ÿ“– Read

via "National Vulnerability Database".
690 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2020-36694 โ€ผ

An issue was discovered in netfilter in the Linux kernel before 5.10. There can be a use-after-free in the packet processing context, because the per-CPU sequence count is mishandled during concurrent iptables rules replacement. This could be exploited with the CAP_NET_ADMIN capability in an unprivileged namespace. NOTE: cc00bca was reverted in 5.12.

๐Ÿ“– Read

via "National Vulnerability Database".
695 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-33254 โ€ผ

There is an LDAP bind credentials exposure on KACE Systems Deployment and Remote Site appliances 9.0.146. The captured credentials may provide a higher privilege level on the Active Directory domain. To exploit this, an authenticated attacker edits the user-authentication settings to specify an attacker-controlled LDAP server, clicks the Test Settings button, and captures the cleartext credentials.

๐Ÿ“– Read

via "National Vulnerability Database".
667 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2022-0010 โ€ผ

Insertion of Sensitive Information into Log File vulnerability in ABB QCS 800xA, ABB QCS AC450, ABB Platform Engineering Tools.An attacker, who already has local access to the QCS nodes, could successfully obtain the password for a system user account. Using this information, the attacker could have the potential to exploit this vulnerability to gain control of system nodes. This issue affects QCS 800xA: from 1.0;0 through 6.1SP2; QCS AC450: from 1.0;0 through 5.1SP2; Platform Engineering Tools: from 1.0:0 through 2.3.0.

๐Ÿ“– Read

via "National Vulnerability Database".
525 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-22714 โ€ผ

Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Coming Soon by Supsystic plugin <=ร‚ 1.7.10 versions.

๐Ÿ“– Read

via "National Vulnerability Database".
478 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-33297 โ€ผ

Bitcoin Core before 24.1, when debug mode is not used, allows attackers to cause a denial of service (CPU consumption) because draining the inventory-to-send queue is inefficient, as exploited in the wild in May 2023.

๐Ÿ“– Read

via "National Vulnerability Database".
391 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-33235 โ€ผ

MXsecurity version 1.0 is vulnearble to command injection vulnerability. This vulnerability has been reported in the SSH CLI program, which can be exploited by attackers who have gained authorization privileges. The attackers can break out of the restricted shell and subsequently execute arbitrary code.

๐Ÿ“– Read

via "National Vulnerability Database".
320 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-22709 โ€ผ

Cross-Site Request Forgery (CSRF) vulnerability in Atif N SRS Simple Hits Counter plugin <=ร‚ 1.1.0 versions.

๐Ÿ“– Read

via "National Vulnerability Database".
278 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-23813 โ€ผ

Cross-Site Request Forgery (CSRF) vulnerability in Joseph C Dolson My Calendar plugin <=ร‚ 3.4.3 versions.

๐Ÿ“– Read

via "National Vulnerability Database".
273 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-23712 โ€ผ

Cross-Site Request Forgery (CSRF) vulnerability in User Meta Manager plugin <=ร‚ 3.4.9 versions.

๐Ÿ“– Read

via "National Vulnerability Database".
272 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-22688 โ€ผ

Cross-Site Request Forgery (CSRF) vulnerability in Abdul Ibad WP Tabs Slides plugin <=ร‚ 2.0.3 versions.

๐Ÿ“– Read

via "National Vulnerability Database".
278 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-22692 โ€ผ

Cross-Site Request Forgery (CSRF) vulnerability in Jeroen Peters Name Directory plugin <=ร‚ 1.27.1 versions.

๐Ÿ“– Read

via "National Vulnerability Database".
293 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2022-47142 โ€ผ

Cross-Site Request Forgery (CSRF) vulnerability in Plugincraft Mediamatic รขโ‚ฌโ€œ Media Library Folders plugin <=ร‚ 2.8.1 versions.

๐Ÿ“– Read

via "National Vulnerability Database".
302 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2022-47609 โ€ผ

Cross-Site Request Forgery (CSRF) vulnerability in Nicearma DNUI plugin <=ร‚ 2.8.1 versions.

๐Ÿ“– Read

via "National Vulnerability Database".
306 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-23680 โ€ผ

Cross-Site Request Forgery (CSRF) vulnerability in Bob Goetz WP-TopBar plugin <=ร‚ 5.36 versions.

๐Ÿ“– Read

via "National Vulnerability Database".
312 views