โผ CVE-2023-26438 โผ
๐ Read
via "National Vulnerability Database".
External service lookups for a number of protocols were vulnerable to a time-of-check/time-of-use (TOCTOU) weakness, involving the JDK DNS cache. Attackers that were timing DNS cache expiry correctly were able to inject configuration that would bypass existing network deny-lists. Attackers could exploit this weakness to discover the existence of restricted network infrastructure and service availability. Improvements were made to include deny-lists not only during the check of the provided connection data, but also during use. No publicly available exploits are known.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-26447 โผ
๐ Read
via "National Vulnerability Database".
The "upsell" widget for the portal allows to specify a product description. This description taken from a user-controllable jslob did not get escaped before being added to DOM. Malicious script code can be executed within the victims context. This can lead to session hijacking or triggering unwanted actions via the web interface and API. To exploit this an attacker would require temporary access to the users account or lure a user to a compromised account. We now sanitize jslob content. No publicly available exploits are known.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-26446 โผ
๐ Read
via "National Vulnerability Database".
The users clientID at "application passwords" was not sanitized or escaped before being added to DOM. Malicious script code can be executed within the victims context. This can lead to session hijacking or triggering unwanted actions via the web interface and API. To exploit this an attacker would require temporary access to the users account or lure a user to a compromised account. We now sanitize the user-controllable clientID parameter. No publicly available exploits are known.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-26442 โผ
๐ Read
via "National Vulnerability Database".
In case Cacheservice was configured to use a sproxyd object-storage backend, it would follow HTTP redirects issued by that backend. An attacker with access to a local or restricted network with the capability to intercept and replay HTTP requests to sproxyd (or who is in control of the sproxyd service) could perform a server-side request-forgery attack and make Cacheservice connect to unexpected resources. We have disabled the ability to follow HTTP redirects when connecting to sproxyd resources. No publicly available exploits are known.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-26443 โผ
๐ Read
via "National Vulnerability Database".
Full-text autocomplete search allows user-provided SQL syntax to be injected to SQL statements. With existing sanitization in place, this can be abused to trigger benign SQL Exceptions but could potentially be escalated to a malicious SQL injection vulnerability. We now properly encode single quotes for SQL FULLTEXT queries. No publicly available exploits are known.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-26449 โผ
๐ Read
via "National Vulnerability Database".
The "OX Chat" web service did not specify a media-type when processing responses by external resources. Malicious script code can be executed within the victims context. This can lead to session hijacking or triggering unwanted actions via the web interface and API. To exploit this an attacker would require temporary access to the users account or lure a user to a compromised account. We are now defining the accepted media-type to avoid code execution. No publicly available exploits are known.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-26451 โผ
๐ Read
via "National Vulnerability Database".
Functions with insufficient randomness were used to generate authorization tokens of the integrated oAuth Authorization Service. Authorization codes were predictable for third parties and could be used to intercept and take over the client authorization process. As a result, other users accounts could be compromised. The oAuth Authorization Service is not enabled by default. We have updated the implementation to use sources with sufficient randomness to generate authorization tokens. No publicly available exploits are known.๐ Read
via "National Vulnerability Database".
๐ข Data breach costs: Businesses lose 73% of their income in the year following an incident ๐ข
๐ Read
via "ITPro".
Erosion of trust, remediation costs, and potential regulatory fines create a confluence of financial burdens for businesses ๐ Read
via "ITPro".
ITPro
Data breach costs: Businesses lose 73% of their income in the year following an incident
Erosion of trust, remediation costs, and potential regulatory fines create a confluence of financial burdens for businesses
โค1
โผ CVE-2023-33383 โผ
๐ Read
via "National Vulnerability Database".
Shelly 4PM Pro four-channel smart switch 0.11.0 allows an attacker to trigger a BLE out of bounds read fault condition that results in a device reload.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-38330 โผ
๐ Read
via "National Vulnerability Database".
OXID eShop Enterprise Edition 6.5.0 รขโฌโ 6.5.2 before 6.5.3 allows uploading files with modified headers in the administration area. An attacker can upload a file with a modified header to create a HTTP Response Splitting attack.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-40609 โผ
๐ Read
via "National Vulnerability Database".
IBM SDK, Java Technology Edition 7.1.5.18 and 8.0.8.0 could allow a remote attacker to execute arbitrary code on the system, caused by an unsafe deserialization flaw. By sending specially-crafted data, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 236069.๐ Read
via "National Vulnerability Database".
๐1
โผ CVE-2023-33257 โผ
๐ Read
via "National Vulnerability Database".
Verint Engagement Management 15.3 Update 2023R2 is vulnerable to HTML injection via the user data form in the live chat.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-23476 โผ
๐ Read
via "National Vulnerability Database".
IBM Robotic Process Automation 21.0.0 through 21.0.7.latest is vulnerable to unauthorized access to data due to insufficient authorization validation on some API routes. IBM X-Force ID: 245425.๐ Read
via "National Vulnerability Database".
๐1
โผ CVE-2023-26317 โผ
๐ Read
via "National Vulnerability Database".
A vulnerability has been discovered in Xiaomi routers that could allow command injection through an external interface. This vulnerability arises from inadequate filtering of responses returned from the external interface. Attackers could exploit this vulnerability by hijacking the ISP or an upper-layer router to gain privileges on the Xiaomi router. Successful exploitation of this flaw could permit remote code execution and complete compromise of the device.๐ Read
via "National Vulnerability Database".
๐1
โผ CVE-2022-46484 โผ
๐ Read
via "National Vulnerability Database".
Information disclosure in password protected surveys in Data Illusion Survey Software Solutions NGSurvey v2.4.28 and below allows attackers to view the password to access and arbitrarily submit surveys.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-26316 โผ
๐ Read
via "National Vulnerability Database".
A XSS vulnerability exists in the Xiaomi cloud service Application product. The vulnerability is caused by Webview's whitelist checking function allowing javascript protocol to be loaded and can be exploited by attackers to steal Xiaomi cloud service account's cookies.๐ Read
via "National Vulnerability Database".
๐1
โผ CVE-2022-46485 โผ
๐ Read
via "National Vulnerability Database".
Data Illusion Survey Software Solutions ngSurvey version 2.4.28 and below is vulnerable to Denial of Service if a survey contains a "Text Field", "Comment Field" or "Contact Details".๐ Read
via "National Vulnerability Database".
๐ด Cyber-Insurance Underwriting Is Still Stuck in the Dark Ages ๐ด
๐ Read
via "Dark Reading".
Innovations in continuous controls monitoring may be the only way underwriters can offer cyber-insurance policies that make sense in the market. ๐ Read
via "Dark Reading".
Dark Reading
Cyber-Insurance Underwriting Is Still Stuck in the Dark Ages
Innovations in continuous controls monitoring may be the only way underwriters can offer cyber-insurance policies that make sense in the market.
โผ CVE-2023-3470 โผ
๐ Read
via "National Vulnerability Database".
Specific F5 BIG-IP platforms with Cavium Nitrox FIPS HSM cards generate a deterministic password for the Crypto User account. ร The predictable nature of the password allows an authenticated user with TMSH access to the BIG-IP system, or anyone with physical access to the FIPS HSM, the information required to generate the correct password. ร On vCMP systems, all Guests share the same deterministic password, allowing those with TMSH access on one Guest to access keys of a different Guest.The following BIG-IP hardware platforms are affected: 10350v-F, i5820-DF, i7820-DF, i15820-DF, 5250v-F, 7200v-F, 10200v-F, 6900-F, 8900-F, 11000-F, and 11050-F.The BIG-IP rSeries r5920-DF and r10920-DF are not affected, nor does the issue affect software FIPS implementations or network HSM configurations.Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-38423 โผ
๐ Read
via "National Vulnerability Database".
A cross-site scripting (XSS) vulnerability exists in an undisclosed page of the BIG-IP Configuration utility that allows an attacker to run JavaScript in the context of the currently logged-in user.ร Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-38419 โผ
๐ Read
via "National Vulnerability Database".
An authenticated attacker with guest privileges or higher can cause the iControl SOAP process to terminate by sending undisclosed requests.ร ร Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.๐ Read
via "National Vulnerability Database".