πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
@cibsecurity
25.8K subscribers
89.2K links
πŸ—ž The finest daily news on cybersecurity and privacy.

πŸ”” Daily releases.

πŸ’» Is your online life secure?

πŸ“© lalilolalo.dev@gmail.com
Download Telegram
About
Blog
Apps
Platform
Join
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
25.8K subscribers
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-30565 β€Ό

An insecure connection between Systems Manager and CQI Reporter application could expose infusion data to an attacker.

πŸ“– Read

via "National Vulnerability Database".
291 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-30564 β€Ό

Alaris Systems Manager does not perform input validation during the Device Import Function.

πŸ“– Read

via "National Vulnerability Database".
329 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-30562 β€Ό

A GRE dataset file within Systems Manager can be tampered with and distributed to PCUs.

πŸ“– Read

via "National Vulnerability Database".
325 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-30561 β€Ό

The data flowing between the PCU and its modules is insecure. A threat actor with physical access could potentially read or modify data by attaching a specially crafted device while an infusion is running.

πŸ“– Read

via "National Vulnerability Database".
361 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-37466 β€Ό

vm2 is an advanced vm/sandbox for Node.js. The library contains critical security issues and should not be used for production. The maintenance of the project has been discontinued. In vm2 for versions up to 3.9.19, `Promise` handler sanitization can be bypassed with `@@species` accessor property allowing attackers to escape the sandbox and run arbitrary code. Remote Code Execution, assuming the attacker has arbitrary code execution primitive inside the context of vm2 sandbox.

πŸ“– Read

via "National Vulnerability Database".
333 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-37714 β€Ό

Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack overflow in the page parameter in the function fromRouteStatic.

πŸ“– Read

via "National Vulnerability Database".
325 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-37718 β€Ό

Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack overflow in the page parameter in the function fromSafeClientFilter.

πŸ“– Read

via "National Vulnerability Database".
279 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-3668 β€Ό

Improper Encoding or Escaping of Output in GitHub repository froxlor/froxlor prior to 2.0.21.

πŸ“– Read

via "National Vulnerability Database".
259 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-37721 β€Ό

Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack overflow in the page parameter in the function fromSafeMacFilter.

πŸ“– Read

via "National Vulnerability Database".
253 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-37716 β€Ό

Tenda F1202 V1.0BR_V1.2.0.20(408) and FH1202_V1.2.0.19_EN, AC10 V1.0, AC1206 V1.0, AC7 V1.0, AC5 V1.0, and AC9 V3.0 were discovered to contain a stack overflow in the page parameter in the function fromNatStaticSetting.

πŸ“– Read

via "National Vulnerability Database".
266 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-37723 β€Ό

Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack overflow in the page parameter in the function fromqossetting.

πŸ“– Read

via "National Vulnerability Database".
285 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-37719 β€Ό

Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack overflow in the page parameter in the function fromP2pListFilter.

πŸ“– Read

via "National Vulnerability Database".
332 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-37722 β€Ό

Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack overflow in the page parameter in the function fromSafeUrlFilter.

πŸ“– Read

via "National Vulnerability Database".
408 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-37715 β€Ό

Tenda F1202 V1.0BR_V1.2.0.20(408), FH1202_V1.2.0.19_EN were discovered to contain a stack overflow in the page parameter in the function frmL7ProtForm.

πŸ“– Read

via "National Vulnerability Database".
436 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-37717 β€Ό

Tenda F1202 V1.0BR_V1.2.0.20(408) and FH1202_V1.2.0.19_EN, AC10 V1.0, AC1206 V1.0, AC7 V1.0, AC5 V1.0, and AC9 V3.0 were discovered to contain a stack overflow in the page parameter in the function fromDhcpListClient.

πŸ“– Read

via "National Vulnerability Database".
523 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ“’ JumpCloud reveals threat actors breached internal systems, following customer speculation πŸ“’

Suspicious activity was discovered in June, but a customer link took longer than a week to establish

πŸ“– Read

via "ITPro".
ITPro
JumpCloud reveals nation-state hackers breached internal systems, following customer speculation
Suspicious activity was discovered in June, but a customer link took longer than a week to establish
532 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-3672 β€Ό

Cross-site Scripting (XSS) - DOM in GitHub repository plaidweb/webmention.js prior to 0.5.5.

πŸ“– Read

via "National Vulnerability Database".
527 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
🦿 How to Check If Someone Else Accessed Your Google Account 🦿

Review your recent Gmail access, browser sign-in history and Google account activity to make sure no one other than you has used your account.

πŸ“– Read

via "Tech Republic".
TechRepublic
How to Check If Someone Else Accessed Your Google Account
Learn how to check if someone else accessed your Google account using this guide. Make sure no one other than you has used your account.
518 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ•΄ Electrical Grid Stability Relies on Balancing Digital Substation Security πŸ•΄

Because digital substations are critical elements of electrical systems, they are a prime target for sophisticated cyberattacks.

πŸ“– Read

via "Dark Reading".
Dark Reading
Electrical Grid Stability Relies on Balancing Digital Substation Security
Because digital substations are critical elements of electrical systems, they are a prime target for sophisticated cyberattacks.
399 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-3433 β€Ό

The "nickname" field within Savoir-faire Linux's Jami application is susceptible to a failed state when a user inserts special characters into the field. When present, these special characters, make it so the application cannot create the signature for the user and results in a local denial of service to the application.Γ‚ 

πŸ“– Read

via "National Vulnerability Database".
380 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-3434 β€Ό

Improper Input Validation in the hyperlink interpretation inΓ‚ Savoir-faire Linux's Jami (version 20222284)Γ‚ on Windows. This allows an attacker to send a custom HTML anchor tag to pass a string value to the Windows QRC Handler through the Jami messenger.

πŸ“– Read

via "National Vulnerability Database".
375 views