βΌ CVE-2023-38947 βΌ
π Read
via "National Vulnerability Database".
An arbitrary file upload vulnerability in the /languages/install.php component of WBCE CMS v1.6.1 allows attackers to execute arbitrary code via a crafted PHP file.π Read
via "National Vulnerability Database".
βΌ CVE-2023-33364 βΌ
π Read
via "National Vulnerability Database".
An OS Command injection vulnerability exists in Suprema BioStar 2 before V2.9.1, which allows authenticated users to execute arbitrary OS commands on the BioStar 2 server.π Read
via "National Vulnerability Database".
π1
βΌ CVE-2023-38948 βΌ
π Read
via "National Vulnerability Database".
An arbitrary file download vulnerability in the /c/PluginsController.php component of jizhi CMS 1.9.5 allows attackers to execute arbitrary code via downloading a crafted plugin.π Read
via "National Vulnerability Database".
βΌ CVE-2023-0956 βΌ
π Read
via "National Vulnerability Database".
External input could be used on TEL-STER TelWin SCADA WebInterface to construct paths to files and directories without properly neutralizing special elements within the pathname, which could allow an unauthenticated attacker to read files on the system.π Read
via "National Vulnerability Database".
βΌ CVE-2023-39075 βΌ
π Read
via "National Vulnerability Database".
Renault Zoe EV 2021 automotive infotainment system versions 283C35202R to 283C35519R (builds 11.10.2021 to 16.01.2023) allows attackers to crash the infotainment system by sending arbitrary USB data via a USB device.π Read
via "National Vulnerability Database".
βΌ CVE-2023-38942 βΌ
π Read
via "National Vulnerability Database".
Dango-Translator v4.5.5 was discovered to contain a remote command execution (RCE) vulnerability via the component app/config/cloud_config.json.π Read
via "National Vulnerability Database".
βΌ CVE-2023-36217 βΌ
π Read
via "National Vulnerability Database".
Cross Site Scripting vulnerability in Xoops CMS v.2.5.10 allows a remote attacker to execute arbitrary code via the category name field of the image manager function.π Read
via "National Vulnerability Database".
βΌ CVE-2023-32764 βΌ
π Read
via "National Vulnerability Database".
Fabasoft Cloud Enterprise Client 23.3.0.130 allows a user to escalate their privileges to local administrator.π Read
via "National Vulnerability Database".
βΌ CVE-2023-35081 βΌ
π Read
via "National Vulnerability Database".
A path traversal vulnerability in Ivanti EPMM versions (11.10.x < 11.10.0.3, 11.9.x < 11.9.1.2 and 11.8.x < 11.8.1.2) allows an authenticated administrator to write arbitrary files onto the appliance.π Read
via "National Vulnerability Database".
βΌ CVE-2022-42986 βΌ
π Read
via "National Vulnerability Database".
** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2023-39122. Reason: This candidate is a reservation duplicate of CVE-2023-39122. Notes: All CVE users should reference CVE-2023-39122 instead of this candidate. All references and descriptions in this candidate have been removed to prevent accidental usage.π Read
via "National Vulnerability Database".
π¦Ώ Could C2PA Cryptography be the Key to Fighting AI-Driven Misinformation? π¦Ώ
π Read
via "Tech Republic".
Adobe, Arm, Intel, Microsoft and Truepic put their weight behind C2PA, an alternative to watermarking AI-generated content. π Read
via "Tech Republic".
TechRepublic
Could C2PA Cryptography be the Key to Fighting AI-Driven Misinformation?
Adobe, Microsoft and others put their weight behind C2PA, an alternative to watermarking AI-generated content.
π΄ Center for Cyber Safety and Education Awards $174K in Cybersecurity Scholarships π΄
π Read
via "Dark Reading".
π Read
via "Dark Reading".
Dark Reading
Center for Cyber Safety and Education Awards $174K in Cybersecurity Scholarships
ALEXANDRIA, Va., Aug. 3, 2023 /PRNewswire/ -- The Center for Cyber Safety and Education, the charitable foundation of nonprofit membership association (ISC)Β², has announced the award recipients of its 2023 scholarship program. This year, scholarships totaling $174β¦
π΄ Vulcan Cyber Attack Path Graph Targets Cloud-Scale Risk Prioritization and Mitigation π΄
π Read
via "Dark Reading".
π Read
via "Dark Reading".
Dark Reading
Vulcan Cyber Attack Path Graph Targets Cloud-Scale Risk Prioritization and Mitigation
TEL AVIV, Israel, Aug. 3, 2023 /PRNewswire/ -- Vulcan Cyber, developers of the cyber risk management platform for all attack surfaces, today announced the launch of the new Vulcan Cyber Attack Path Graph. Vulcan Cyber Attack Path Graph helps cybersecurityβ¦
π΄ Mission Secure, Idaho National Laboratory Announce Partnership to Protect Critical Infrastructure π΄
π Read
via "Dark Reading".
π Read
via "Dark Reading".
Dark Reading
Mission Secure, Idaho National Laboratory Announce Partnership to Protect Critical Infrastructure
CHARLOTTESVILLE, Va., Aug. 3, 2023 /PRNewswire/ -- Mission Secure announced today that it has partnered with Idaho National Laboratory, a U.S. Department of Energy national laboratory, to expand the adoption of the Consequence-Driven, Cyber-Informed Engineeringβ¦
π΄ Qualys Announces First-Party Software Risk Management Solution π΄
π Read
via "Dark Reading".
π Read
via "Dark Reading".
Dark Reading
Qualys Announces First-Party Software Risk Management Solution
FOSTER CITY, Calif., Aug. 3, 2023 /PRNewswire/ -- Qualys, Inc. (NASDAQ: QLYS), a provider of disruptive cloud-based IT, security and compliance solutions, today announced it is opening up its risk management platform to AppSec teams to bring their own detectionsβ¦
βΌ CVE-2023-3749 βΌ
π Read
via "National Vulnerability Database".
A local user could edit the VideoEdge configuration file and interfere with VideoEdge operation.π Read
via "National Vulnerability Database".
βΌ CVE-2023-39121 βΌ
π Read
via "National Vulnerability Database".
emlog v2.1.9 was discovered to contain a SQL injection vulnerability via the component /admin/user.php.π Read
via "National Vulnerability Database".
βΌ CVE-2023-33666 βΌ
π Read
via "National Vulnerability Database".
ai-dev aioptimizedcombinations before v0.1.3 was discovered to contain a SQL injection vulnerability via the component /includes/ajax.php.π Read
via "National Vulnerability Database".
βΌ CVE-2023-4002 βΌ
π Read
via "National Vulnerability Database".
An issue has been discovered in GitLab EE affecting all versions starting from 14.1 before 16.0.8, all versions starting from 16.1 before 16.1.3, all versions starting from 16.2 before 16.2.2. It was possible for EE-licensed users to link any security policy project by its ID to projects or groups the user has access to, potentially revealing the security projects's configured security policies.π Read
via "National Vulnerability Database".
βΌ CVE-2023-38941 βΌ
π Read
via "National Vulnerability Database".
django-sspanel v2022.2.2 was discovered to contain a remote command execution (RCE) vulnerability via the component sspanel/admin_view.py -> GoodsCreateView._post.π Read
via "National Vulnerability Database".
βΌ CVE-2023-36137 βΌ
π Read
via "National Vulnerability Database".
There is a Cross Site Scripting (XSS) vulnerability in the "theme" parameter of preview.php in PHPJabbers Class Scheduling System 1.0.π Read
via "National Vulnerability Database".