βΌ CVE-2023-31997 βΌ
π Read
via "National Vulnerability Database".
UniFi OS 3.1 introduces a misconfiguration on consoles running UniFi Network that allows users on a local network to access MongoDB. Applicable Cloud Keys that are both (1) running UniFi OS 3.1 and (2) hosting the UniFi Network application. "Applicable Cloud Keys" include the following: Cloud Key Gen2 and Cloud Key Gen2 Plus.π Read
via "National Vulnerability Database".
βΌ CVE-2023-28324 βΌ
π Read
via "National Vulnerability Database".
A improper input validation vulnerability exists in Ivanti Endpoint Manager 2022 and below that could allow privilege escalation or remote code execution.π Read
via "National Vulnerability Database".
βΌ CVE-2021-4387 βΌ
π Read
via "National Vulnerability Database".
The Opal Estate plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.6.11. This is due to missing or incorrect nonce validation on the opalestate_set_feature_property() and opalestate_remove_feature_property() functions. This makes it possible for unauthenticated attackers to set and remove featured properties via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.π Read
via "National Vulnerability Database".
βΌ CVE-2020-36736 βΌ
π Read
via "National Vulnerability Database".
The WooCommerce Checkout & Funnel Builder by CartFlows plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.5.15. This is due to missing or incorrect nonce validation on the export_json, import_json, and status_logs_file functions. This makes it possible for unauthenticated attackers to import/export settings and trigger logs showing via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.π Read
via "National Vulnerability Database".
π1
βΌ CVE-2021-4384 βΌ
π Read
via "National Vulnerability Database".
The WordPress Photo Gallery Γ’β¬β Image Gallery plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.6. This is due to missing or incorrect nonce validation on the load_images_thumbnail() and edit_gallery() functions. This makes it possible for unauthenticated attackers to edit galleries via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.π Read
via "National Vulnerability Database".
βΌ CVE-2020-36737 βΌ
π Read
via "National Vulnerability Database".
The Import / Export Customizer Settings plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.3. This is due to missing or incorrect nonce validation on the astra_admin_errors() function. This makes it possible for unauthenticated attackers to display an import status via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.π Read
via "National Vulnerability Database".
βΌ CVE-2021-4386 βΌ
π Read
via "National Vulnerability Database".
The WP Security Question plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0.5. This is due to missing or incorrect nonce validation on the save() function. This makes it possible for unauthenticated attackers to modify the plugin's settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.π Read
via "National Vulnerability Database".
π I2P 2.3.0 π
π Read
via "Packet Storm Security".
I2P is an anonymizing network, offering a simple layer that identity-sensitive applications can use to securely communicate. All data is wrapped with several layers of encryption, and the network is both distributed and dynamic, with no trusted parties. This is the source code release version.π Read
via "Packet Storm Security".
Packetstormsecurity
I2P 2.3.0 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π AIDE 0.18.5 π
π Read
via "Packet Storm Security".
AIDE (Advanced Intrusion Detection Environment) is a free replacement for Tripwire(tm). It generates a database that can be used to check the integrity of files on server. It uses regular expressions for determining which files get added to the database. You can use several message digest algorithms to ensure that the files have not been tampered with.π Read
via "Packet Storm Security".
Packetstormsecurity
AIDE 0.18.5 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π΄ Architecting XDR to Save Money and Your SOC's Sanity π΄
π Read
via "Dark Reading".
XDR can lower platform costs and improve detection, but it requires committing to a few principles that go against the established way of thinking about SOC.π Read
via "Dark Reading".
Dark Reading
Architecting XDR to Save Money and Your SOC's Sanity
XDR can lower platform costs and improve detection, but it requires committing to a few principles that go against the established way of thinking about SOC.
π1π€―1
βΌ CVE-2023-3314 βΌ
π Read
via "National Vulnerability Database".
A vulnerability arises out of a failure to comprehensively sanitize the processing of a zip file(s). Incomplete neutralization of external commands used to control the process execution of the .zip application allows an authorized user to obtain control of the .zip application to execute arbitrary commands or obtain elevation of system privileges.π Read
via "National Vulnerability Database".
βΌ CVE-2023-3313 βΌ
π Read
via "National Vulnerability Database".
An OS common injection vulnerability exists in the ESM certificate API, whereby incorrectly neutralized special elements may have allowed an unauthorized user to execute system command injection for the purpose of privilege escalation or to execute arbitrary commands.π Read
via "National Vulnerability Database".
βΌ CVE-2023-3438 βΌ
π Read
via "National Vulnerability Database".
An unquoted Windows search path vulnerability existed in the install the MOVE 4.10.x and earlier Windows install service (mvagtsce.exe). The misconfiguration allowed an unauthorized local user to insert arbitrary code into the unquoted service path to obtain privilege escalation and stop antimalware services.π Read
via "National Vulnerability Database".
βΌ CVE-2023-35797 βΌ
π Read
via "National Vulnerability Database".
Improper Input Validation vulnerability in Apache Software Foundation Apache Airflow Hive Provider.This issue affects Apache Airflow Apache Hive Provider: before 6.1.1.Before version 6.1.1 it wasΓ possible to bypass the security check to RCE viaprincipal parameter. For this to beΓ exploited it requires access to modifying the connection details.It is recommended updating provider version to 6.1.1 in order to avoid thisΓ vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2023-36053 βΌ
π Read
via "National Vulnerability Database".
In Django 3.2 before 3.2.20, 4 before 4.1.10, and 4.2 before 4.2.3, EmailValidator and URLValidator are subject to a potential ReDoS (regular expression denial of service) attack via a very large number of domain name labels of emails and URLs.π Read
via "National Vulnerability Database".
π΄ A CISO's Guide to Paying Down Software Supply Chain Security Debt π΄
π Read
via "Dark Reading".
When you just keep filing it away to handle "someday," security debt typically rears its head when you are most vulnerable and can least afford to pay it.π Read
via "Dark Reading".
Dark Reading
A CISO's Guide to Paying Down Software Supply Chain Security Debt
When you just keep filing it away to handle "someday," security debt typically rears its head when you are most vulnerable and can least afford to pay it.
π΄ Name That Edge Toon: Three-Ring Circus π΄
π Read
via "Dark Reading".
Come up with a clever caption, and our panel of experts will reward the winner with a $25 Amazon gift card.π Read
via "Dark Reading".
Dark Reading
Name That Edge Toon: Three-Ring Circus
Come up with a clever caption, and our panel of experts will reward the winner with a $25 Amazon gift card.
π΄ SSH Servers Hit in 'Proxyjacking' Cyberattacks π΄
π Read
via "Dark Reading".
Cybercriminals employ obfuscated script to stealthily hijack victim server bandwidth for use in legitimate proxy networks.π Read
via "Dark Reading".
Dark Reading
SSH Servers Hit in 'Proxyjacking' Cyberattacks
Cybercriminals employ obfuscated script to stealthily hijack victim server bandwidth for use in legitimate proxy networks.
βοΈ Whoβs Behind the DomainNetworks Snail Mail Scam? βοΈ
π Read
via "Krebs on Security".
If you've ever owned a domain name, the chances are good that at some point you've received a snail mail letter which appears to be a bill for a domain or website-related services. In reality, these misleading missives try to trick people into paying for useless services they never ordered, don't need, and probably will never receive. Here's a look at the most recent incarnation of this scam -- DomainNetworks -- and some clues about who may be behind it.π Read
via "Krebs on Security".
Krebs on Security
Whoβs Behind the DomainNetworks Snail Mail Scam?
If you've ever owned a domain name, the chances are good that at some point you've received a snail mail letter which appears to be a bill for a domain or website-related services. In reality, these misleading missives try toβ¦
βΌ CVE-2023-26509 βΌ
π Read
via "National Vulnerability Database".
AnyDesk 7.0.8 allows remote Denial of Service.π Read
via "National Vulnerability Database".
βΌ CVE-2023-26258 βΌ
π Read
via "National Vulnerability Database".
Arcserve UDP through 9.0.6034 allows authentication bypass. The method getVersionInfo at WebServiceImpl/services/FlashServiceImpl leaks the AuthUUID token. This token can be used at /WebServiceImpl/services/VirtualStandbyServiceImpl to obtain a valid session. This session can be used to execute any task as administrator.π Read
via "National Vulnerability Database".