βΌ CVE-2022-47169 βΌ
π Read
via "National Vulnerability Database".
Cross-Site Request Forgery (CSRF) vulnerability in StaxWP Visibility Logic for Elementor plugin <=Γ 2.3.4 versions.π Read
via "National Vulnerability Database".
βΌ CVE-2022-45828 βΌ
π Read
via "National Vulnerability Database".
Cross-Site Request Forgery (CSRF) vulnerability in NooTheme Noo Timetable plugin <=Γ 2.1.3 versions.π Read
via "National Vulnerability Database".
βΌ CVE-2023-37889 βΌ
π Read
via "National Vulnerability Database".
Cross-Site Request Forgery (CSRF) vulnerability in WPAdmin WPAdmin AWS CDN plugin <=Γ 2.0.13 versions.π Read
via "National Vulnerability Database".
π Suricata 7.0.0 π
π Read
via "Packet Storm Security".
Suricata is a network intrusion detection and prevention engine developed by the Open Information Security Foundation and its supporting vendors. The engine is multi-threaded and has native IPv6 support. It's capable of loading existing Snort rules and signatures and supports the Barnyard and Barnyard2 tools.π Read
via "Packet Storm Security".
Packetstormsecurity
Suricata 7.0.0 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π¦Ώ Armis, Honeywell Uncover Vulnerabilities in Honeywell Systems π¦Ώ
π Read
via "Tech Republic".
Newly discovered vulnerabilities in distributed control systems could allow attackers access to systems supporting industrial, energy, chemical and other operations.π Read
via "Tech Republic".
TechRepublic
Armis, Honeywell Uncover Vulnerabilities in Honeywell Systems
The discoveries revealed how attackers could gain access to systems supporting industrial, energy, chemical and other operations.
βοΈ LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack βοΈ
π Read
via "Krebs on Security".
[This is Part III in a series on research conducted for a recent Hulu documentary on the 2015 hack of marital infidelity website AshleyMadison.com.]In 2019, a Canadian company called Defiant Tech Inc. pleaded guilty to running LeakedSource[.]com, a service that sold access to billions of passwords and other data exposed in countless data breaches. KrebsOnSecurity has learned that the owner of Defiant Tech, a 32-year-old Ontario man named Jordan Evan Bloom, was hired in late 2014 as a developer for the marital infidelity site AshleyMadison.com. Bloom resigned from AshleyMadison citing health reasons in June 2015 -- less than one month before unidentified hackers stole data on 37 million users -- and launched LeakedSource three months later.π Read
via "Krebs on Security".
Krebs on Security
LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack
[This is Part III in a series on research conducted for a recent Hulu documentary on the 2015 hack of marital infidelity website AshleyMadison.com.] In 2019, a Canadian company called Defiant Tech Inc. pleaded guilty to running LeakedSource[.]com, a serviceβ¦
π1
π¦Ώ How to Protect and Secure Your Data in 10 Ways π¦Ώ
π Read
via "Tech Republic".
Use this comprehensive list of strategies to help you safeguard your company's data from threats and data breaches.π Read
via "Tech Republic".
TechRepublic
How to Protect and Secure Your Data in 10 Ways
Use this comprehensive list of strategies to help you safeguard your company's data from threats and data breaches.
π1
βΌ CVE-2020-23909 βΌ
π Read
via "National Vulnerability Database".
Heap-based buffer over-read in function png_convert_4 in file pngex.cc in AdvanceMAME through 2.1.π Read
via "National Vulnerability Database".
βΌ CVE-2022-33064 βΌ
π Read
via "National Vulnerability Database".
An off-by-one error in function wav_read_header in src/wav.c in Libsndfile 1.1.0, results in a write out of bound, which allows an attacker to execute arbitrary code, Denial of Service or other unspecified impacts.π Read
via "National Vulnerability Database".
βΌ CVE-2021-34121 βΌ
π Read
via "National Vulnerability Database".
An Out of Bounds flaw was discovered in htmodoc 1.9.12 in function parse_tree() in toc.cxx, this possibly leads to memory layout information leaking in the data. This might be used in a chain of vulnerability in order to reach code execution.π Read
via "National Vulnerability Database".
βΌ CVE-2022-26563 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in Tildeslash Monit before 5.31.0, allows remote attackers to gain escilated privlidges due to improper PAM-authorization.π Read
via "National Vulnerability Database".
βΌ CVE-2022-47085 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in ostree before 2022.7 allows attackers to cause a denial of service or other unspecified impacts via the print_panic function in repo_checkout_filter.rs.π Read
via "National Vulnerability Database".
βΌ CVE-2020-36762 βΌ
π Read
via "National Vulnerability Database".
A vulnerability was found in ONS Digital RAS Collection Instrument up to 2.0.27 and classified as critical. Affected by this issue is the function jobs of the file .github/workflows/comment.yml. The manipulation of the argument $COMMENT_BODY leads to os command injection. Upgrading to version 2.0.28 is able to address this issue. The name of the patch is dcaad2540f7d50c512ff2e031d3778dd9337db2b. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-234248.π Read
via "National Vulnerability Database".
βΌ CVE-2022-34155 βΌ
π Read
via "National Vulnerability Database".
Improper Authentication vulnerability in miniOrange OAuth Single Sign On Γ’β¬β SSO (OAuth Client) plugin allows Authentication Bypass.This issue affects OAuth Single Sign On Γ’β¬β SSO (OAuth Client): from n/a through 6.23.3.π Read
via "National Vulnerability Database".
βΌ CVE-2022-33065 βΌ
π Read
via "National Vulnerability Database".
Multiple signed integers overflow in function au_read_header in src/au.c and in functions mat4_open and mat4_read_header in src/mat4.c in Libsndfile, allows an attacker to cause Denial of Service or other unspecified impacts.π Read
via "National Vulnerability Database".
βΌ CVE-2023-24390 βΌ
π Read
via "National Vulnerability Database".
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in WeSecur Security plugin <=Γ 1.2.1 versions.π Read
via "National Vulnerability Database".
βΌ CVE-2022-41409 βΌ
π Read
via "National Vulnerability Database".
Integer overflow vulnerability in pcre2test before 10.41 allows attackers to cause a denial of service or other unspecified impacts via negative input.π Read
via "National Vulnerability Database".
βΌ CVE-2021-34123 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered on atasm, version 1.09. A stack-buffer-overflow vulnerability in function aprintf() in asm.c allows attackers to execute arbitrary code on the system via a crafted file.π Read
via "National Vulnerability Database".
βΌ CVE-2022-47421 βΌ
π Read
via "National Vulnerability Database".
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Repute InfoSystems ARMember (free), Repute InfoSystems ARMember (premium) plugins.π Read
via "National Vulnerability Database".
βΌ CVE-2023-36120 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CVE RECORD. ConsultIDs: none. Reason: This record was withdrawn by its CNA. Further investigation showed that it was not a security issue. Notes: none.π Read
via "National Vulnerability Database".
βΌ CVE-2023-36384 βΌ
π Read
via "National Vulnerability Database".
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in CodePeople Booking Calendar Contact Form plugin <=Γ 1.2.40 versions.π Read
via "National Vulnerability Database".