βΌ CVE-2023-34958 βΌ
π Read
via "National Vulnerability Database".
Incorrect access control in Chamilo 1.11.* up to 1.11.18 allows a student subscribed to a given course to download documents belonging to another student if they know the document's ID.π Read
via "National Vulnerability Database".
π΄ City of Dallas Still Clawing Back Weeks After Cyber Incident π΄
π Read
via "Dark Reading".
The Texas city's networks have returned to 90% functionality following the May 3 Royal ransomware attack.π Read
via "Dark Reading".
Dark Reading
City of Dallas Still Clawing Back Weeks After Cyber Incident
The Texas city's networks have returned to 90% functionality following the May 3 Royal ransomware attack.
π΄ Cybersecurity Institute to Open in Saudi Arabia π΄
π Read
via "Dark Reading".
The Global Cybersecurity Forum branch, which will be in Riyadh, is meant to enable the exchange of ideas and facilitate international projects and partnerships.π Read
via "Dark Reading".
Dark Reading
Cybersecurity Institute to Open in Saudi Arabia
The Global Cybersecurity Forum branch, which will be in Riyadh, is meant to enable the exchange of ideas and facilitate international projects and partnerships.
βοΈ Barracuda Urges Replacing β Not Patching β Its Email Security Gateways βοΈ
π Read
via "Krebs on Security".
It's not often that a zero-day vulnerability causes a network security vendor to urge customers to physically remove and decommission an entire line of affected hardware -- as opposed to just applying software updates. But experts say that is exactly what transpired this week with Barracuda Networks, as the company struggled to combat a sprawling malware threat which appears to have undermined its email security appliances in such a fundamental way that they can no longer be safely updated with software fixes.π Read
via "Krebs on Security".
Krebs on Security
Barracuda Urges Replacing β Not Patching β Its Email Security Gateways
It's not often that a zero-day vulnerability causes a network security vendor to urge customers to physically remove and decommission an entire line of affected hardware -- as opposed to just applying software updates. But experts say that is exactlyβ¦
βΌ CVE-2023-32750 βΌ
π Read
via "National Vulnerability Database".
Pydio Cells through 4.1.2 allows SSRF. For longer running processes, Pydio Cells allows for the creation of jobs, which are run in the background. The job "remote-download" can be used to cause the backend to send a HTTP GET request to a specified URL and save the response to a new file. The response file is then available in a user-specified folder in Pydio Cells.π Read
via "National Vulnerability Database".
βΌ CVE-2023-29403 βΌ
π Read
via "National Vulnerability Database".
On Unix platforms, the Go runtime does not behave differently when a binary is run with the setuid/setgid bits. This can be dangerous in certain cases, such as when dumping memory state, or assuming the status of standard i/o file descriptors. If a setuid/setgid binary is executed with standard I/O file descriptors closed, opening any files can result in unexpected content being read or written with elevated privileges. Similarly, if a setuid/setgid program is terminated, either via panic or signal, it may leak the contents of its registers.π Read
via "National Vulnerability Database".
βΌ CVE-2023-32751 βΌ
π Read
via "National Vulnerability Database".
Pydio Cells through 4.1.2 allows XSS. Pydio Cells implements the download of files using presigned URLs which are generated using the Amazon AWS SDK for JavaScript [1]. The secrets used to sign these URLs are hardcoded and exposed through the JavaScript files of the web application. Therefore, it is possible to generate valid signatures for arbitrary download URLs. By uploading an HTML file and modifying the download URL to serve the file inline instead of as an attachment, any included JavaScript code is executed when the URL is opened in a browser, leading to a cross-site scripting vulnerability.π Read
via "National Vulnerability Database".
π€1
βΌ CVE-2023-34243 βΌ
π Read
via "National Vulnerability Database".
TGstation is a toolset to manage production BYOND servers. In affected versions if a Windows user was registered in tgstation-server (TGS), an attacker could discover their username by brute-forcing the login endpoint with an invalid password. When a valid Windows logon was found, a distinct response would be generated. This issue has been addressed in version 5.12.5. Users are advised to upgrade. Users unable to upgrade may be mitigated by rate-limiting API calls with software that sits in front of TGS in the HTTP pipeline such as fail2ban.π Read
via "National Vulnerability Database".
π1π₯1
βΌ CVE-2023-3173 βΌ
π Read
via "National Vulnerability Database".
Improper Restriction of Excessive Authentication Attempts in GitHub repository froxlor/froxlor prior to 2.0.20.π Read
via "National Vulnerability Database".
βΌ CVE-2023-34112 βΌ
π Read
via "National Vulnerability Database".
JavaCPP Presets is a project providing Java distributions of native C++ libraries. All the actions in the `bytedeco/javacpp-presets` use the `github.event.head_commit.message?` parameter in an insecure way. For example, the commit message is used in a run statement - resulting in a command injection vulnerability due to string interpolation. No exploitation has been reported. This issue has been addressed in version 1.5.9. Users of JavaCPP Presets are advised to upgrade as a precaution.π Read
via "National Vulnerability Database".
βΌ CVE-2023-3172 βΌ
π Read
via "National Vulnerability Database".
Path Traversal in GitHub repository froxlor/froxlor prior to 2.0.20.π Read
via "National Vulnerability Database".
βΌ CVE-2023-1978 βΌ
π Read
via "National Vulnerability Database".
The ShiftController Employee Shift Scheduling plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the query string in versions up to, and including, 4.9.25 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0992 βΌ
π Read
via "National Vulnerability Database".
The Shield Security plugin for WordPress is vulnerable to stored Cross-Site Scripting in versions up to, and including, 17.0.17 via the 'User-Agent' header. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.π Read
via "National Vulnerability Database".
βΌ CVE-2023-1910 βΌ
π Read
via "National Vulnerability Database".
The Getwid Γ’β¬β Gutenberg Blocks plugin for WordPress is vulnerable to unauthorized modification of data due to an insufficient capability check on the get_remote_templates function in versions up to, and including, 1.8.3. This makes it possible for authenticated attackers with subscriber-level permissions or above to flush the remote template cache. Cached template information can also be accessed via this endpoint but these are not considered sensitive as they are publicly accessible from the developer's site.π Read
via "National Vulnerability Database".
βΌ CVE-2023-1895 βΌ
π Read
via "National Vulnerability Database".
The Getwid Γ’β¬β Gutenberg Blocks plugin for WordPress is vulnerable to Server Side Request Forgery via the get_remote_content REST API endpoint in versions up to, and including, 1.8.3. This can allow authenticated attackers with subscriber-level permissions or above to make web requests to arbitrary locations originating from the web application and can be used to query and modify information from internal services.π Read
via "National Vulnerability Database".
βΌ CVE-2023-2189 βΌ
π Read
via "National Vulnerability Database".
The Elementor Addons, Widgets and Enhancements Γ’β¬β Stax plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the toggle_widget function in versions up to, and including, 1.4.3. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to enable or disable Elementor widgets.π Read
via "National Vulnerability Database".
βΌ CVE-2023-2086 βΌ
π Read
via "National Vulnerability Database".
The Essential Blocks plugin for WordPress is vulnerable to unauthorized use of functionality due to a missing capability check on the template_count function in versions up to, and including, 4.0.6. This makes it possible for subscriber-level attackers to obtain plugin template information. While a nonce check is present, it is only executed when a nonce is provided. Not providing a nonce results in the nonce verification to be skipped. There is no capability check.π Read
via "National Vulnerability Database".
βΌ CVE-2023-2895 βΌ
π Read
via "National Vulnerability Database".
The WP EasyCart plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 5.4.8. This is due to missing or incorrect nonce validation on the process_bulk_activate_product function. This makes it possible for unauthenticated attackers to bulk activate products via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.π Read
via "National Vulnerability Database".
π’ Arctic Wolf expands $1 million security operations warranty to Europe and ANZ π’
π Read
via "ITPro".
Qualifying customers now have access to fully underwritten financial assistance of up to $1 million in the event of a cyber attack π Read
via "ITPro".
channelpro
Arctic Wolf expands $1 million security operations warranty to Europe and ANZ
Qualifying customers now have access to fully underwritten financial assistance of up to $1 million in the event of a cyber attack
π’ University of Manchester admits cyber incident "likely" led to data theft π’
π Read
via "ITPro".
The university said it is working with relevant authorities as part of its investigation π Read
via "ITPro".
ITPro
University of Manchester admits cyber incident "likely" led to data theft
The university said it is working with relevant authorities as part of its investigation
βΌ CVE-2023-1428 βΌ
π Read
via "National Vulnerability Database".
There exists an vulnerability causing an abort() to be called in gRPC.Γ The following headers cause gRPC's C++ implementation to abort() when called via http2:te: x (x != trailers):scheme: x (x != http, https)grpclb_client_stats: x (x == anything)On top of sending one of those headers, a later header must be sent that gets the total header size past 8KB. We recommend upgrading past git commitΓ 2485fa94bd8a723e5c977d55a3ce10b301b437f8 or v1.53 and above.π Read
via "National Vulnerability Database".