‼ CVE-2023-28958 ‼
📖 Read
via "National Vulnerability Database".
IBM Watson Knowledge Catalog on Cloud Pak for Data 4.0 is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 251782.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-22673 ‼
📖 Read
via "National Vulnerability Database".
Cross-Site Request Forgery (CSRF) vulnerability in MageNet Website Monetization by MageNet plugin <=Â 1.0.29.1 versions.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-2029 ‼
📖 Read
via "National Vulnerability Database".
The PrePost SEO WordPress plugin through 3.0 does not properly sanitize some of its settings, which could allow high-privilege users to perform Stored Cross-Site Scripting (XSS) attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)📖 Read
via "National Vulnerability Database".
‼ CVE-2023-37703 ‼
📖 Read
via "National Vulnerability Database".
Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via the speed_dir parameter in the formSetSpeedWan function.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-35696 ‼
📖 Read
via "National Vulnerability Database".
Unauthenticated endpoints in the SICK ICR890-4 could allow an unauthenticatedremote attacker to retrieve sensitive information about the device via HTTP requests.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-37704 ‼
📖 Read
via "National Vulnerability Database".
Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via the deviceId parameter in the formSetClientState function.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-30442 ‼
📖 Read
via "National Vulnerability Database".
IBM Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) 11.1 and 11.5 federated server is vulnerable to a denial of service as the server may crash when using a specially crafted wrapper using certain options. IBM X-Force ID: 253202.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-37701 ‼
📖 Read
via "National Vulnerability Database".
Tenda FH1203 V2.0.1.6 was discovered to contain a stack overflow via the deviceId parameter in the addWifiMacFilter function.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-3564 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability was found in GZ Scripts GZ Multi Hotel Booking System 1.8. It has been classified as problematic. Affected is an unknown function of the file /index.php. The manipulation of the argument adults/children/cal_id leads to cross site scripting. It is possible to launch the attack remotely. VDB-233358 is the identifier assigned to this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-3270 ‼
📖 Read
via "National Vulnerability Database".
Exposure of Sensitive Information to an Unauthorized Actor in the SICK ICR890-4 could allow an unauthenticated remote attacker to retrieve sensitive information about the system.📖 Read
via "National Vulnerability Database".
⚠ Serious Security: Rowhammer returns to gaslight your computer ⚠
📖 Read
via "Naked Security".
Gaslights produce a telltale flicker when nearby lamps are lit; DRAM values do something similar when nearby memory cells are accessed.📖 Read
via "Naked Security".
Sophos News
Naked Security – Sophos News
🕴 Amazon Prime Day Draws out Cyber Scammers 🕴
📖 Read
via "Dark Reading".
Cybercriminals lining up to score off Amazon Prime Day shoppers, who spent more than $22B in US online sales alone last year, according to estimates. 📖 Read
via "Dark Reading".
Dark Reading
Amazon Prime Day Draws Out Cyber Scammers
Cybercriminals lining up to score off Amazon Prime Day shoppers, who spent more than $22B in US online sales alone last year, according to estimates.
‼ CVE-2023-34347 ‼
📖 Read
via "National Vulnerability Database".
?Delta Electronics InfraSuite Device Master versions prior to 1.0.7 contains classes that cannot be deserialized, which could allow an attack to remotely execute arbitrary code.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-36936 ‼
📖 Read
via "National Vulnerability Database".
Cross-Site Scripting (XSS) vulnerability in PHPGurukul Online Security Guards Hiring System using PHP and MySQL 1.0 allows attackers to execute arbitrary code via a crafted payload to the search booking box.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-26590 ‼
📖 Read
via "National Vulnerability Database".
A floating point exception vulnerability was found in sox, in the lsx_aiffstartwrite function at sox/src/aiff.c:622:58. This flaw can lead to a denial of service.📖 Read
via "National Vulnerability Database".
‼ CVE-2016-15034 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability was found in Dynacase Webdesk and classified as critical. Affected by this issue is the function freedomrss_search of the file freedomrss_search.php. The manipulation leads to sql injection. Upgrading to version 3.2-20180305 is able to address this issue. The patch is identified as 750a9b35af182950c952faf6ddfdcc50a2b25f8b. It is recommended to upgrade the affected component. VDB-233366 is the identifier assigned to this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-23348 ‼
📖 Read
via "National Vulnerability Database".
HCL Launch could disclose sensitive information if a manual edit of a configuration file has been performed.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-36939 ‼
📖 Read
via "National Vulnerability Database".
Cross-Site Scripting (XSS) vulnerability in Hostel Management System v2.1 allows an attacker to execute arbitrary code via a crafted payload to the search booking field.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-34318 ‼
📖 Read
via "National Vulnerability Database".
A heap buffer overflow vulnerability was found in sox, in the startread function at sox/src/hcom.c:160:41. This flaw can lead to a denial of service, code execution, or information disclosure.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-36940 ‼
📖 Read
via "National Vulnerability Database".
Cross Site Scripting (XSS) vulnerability in PHPGurukul Online Fire Reporting System Using PHP and MySQL v.1.2 allows attackers to execute arbitrary code via a crafted payload injected into the search field.📖 Read
via "National Vulnerability Database".
👍1
‼ CVE-2023-32627 ‼
📖 Read
via "National Vulnerability Database".
A floating point exception vulnerability was found in sox, in the read_samples function at sox/src/voc.c:334:18. This flaw can lead to a denial of service.📖 Read
via "National Vulnerability Database".