βΌ CVE-2023-36134 βΌ
π Read
via "National Vulnerability Database".
In PHP Jabbers Class Scheduling System 1.0, lack of verification when changing an email address and/or password (on the Profile Page) allows remote attackers to take over accounts.π Read
via "National Vulnerability Database".
βΌ CVE-2023-39379 βΌ
π Read
via "National Vulnerability Database".
Fujitsu Software Infrastructure Manager (ISM) stores sensitive information at the product's maintenance data (ismsnap) in cleartext form. As a result, the password for the proxy server that is configured in ISM may be retrieved. Affected products and versions are as follows: Fujitsu Software Infrastructure Manager Advanced Edition V2.8.0.060, Fujitsu Software Infrastructure Manager Advanced Edition for PRIMEFLEX V2.8.0.060, and Fujitsu Software Infrastructure Manager Essential Edition V2.8.0.060.π Read
via "National Vulnerability Database".
π΄ Google, Microsoft Take Refuge in Rust Language's Better Security π΄
π Read
via "Dark Reading".
More tech giants turn to the Rust programming language for its built-in memory safety and other security features.π Read
via "Dark Reading".
Dark Reading
Google, Microsoft Take Refuge in Rust Language's Better Security
More tech giants are turning to the Rust programming language for its built-in memory safety and other security features.
π1
π΄ How To Deal With the Vagueness in New Cyber Regulations π΄
π Read
via "Dark Reading".
Recent regulations for privacy, AI, and breaches tend to be overly broad, suggesting that the rulemakers lack tech acumen. π Read
via "Dark Reading".
Dark Reading
How To Deal With the Vagueness in New Cyber Regulations
Recent regulations for privacy, AI, and breaches tend to be overly broad, suggesting that the rulemakers lack tech acumen.
βοΈ Teach a Man to Phish and Heβs Set for Life βοΈ
π Read
via "Krebs on Security".
One frustrating aspect of email phishing is the frequency with which scammers fall back on tried-and-true methods that really have no business working these days. Like attaching a phishing email to a traditional, clean email message, or leveraging link redirects on LinkedIn, or abusing an encoding method that makes it easy to disguise booby-trapped Microsoft Windows files as relatively harmless documents.π Read
via "Krebs on Security".
Krebs on Security
Teach a Man to Phish and Heβs Set for Life
One frustrating aspect of email phishing is the frequency with which scammers fall back on tried-and-true methods that really have no business working these days. Like attaching a phishing email to a traditional, clean email message, or leveraging link redirectsβ¦
π΄ How to Talk So Your CISO Will Listen π΄
π Read
via "Dark Reading".
Tailor your business project proposal to suit the language your company's CISO speaks, be it business, technical, or compliance. Do your research first and gather support from around the company. π Read
via "Dark Reading".
Dark Reading
How to Talk So Your CISO Will Listen
Tailor your business project proposal to suit the language your company's CISO speaks, be it business, technical, or compliance. Do your research first and gather support from around the company.
βΌ CVE-2023-34038 βΌ
π Read
via "National Vulnerability Database".
VMware Horizon Server contains an information disclosure vulnerability. A malicious actor with network access may be able to access information relating to the internal network configuration.π Read
via "National Vulnerability Database".
π1
βΌ CVE-2023-34037 βΌ
π Read
via "National Vulnerability Database".
VMware Horizon Server contains a HTTP request smuggling vulnerability. A malicious actor with network access may be able to perform HTTP smuggle requests.π Read
via "National Vulnerability Database".
π1
π¦Ώ 8 Best Identity and Access Management (IAM) Solutions for 2023 π¦Ώ
π Read
via "Tech Republic".
Identity and access management software helps you maintain control of your environment by allowing authorized users to access company resources. Learn 10 of the top IAM tools to see which might be the best fit for your business.π Read
via "Tech Republic".
TechRepublic
8 Best IAM Solutions (Updated for 2024)
Microsoft, JumpCloud and CyberArk are among the best IAM tools. Find out how these IAM solutions compare and explore use cases.
β€2
βΌ CVE-2023-36480 βΌ
π Read
via "National Vulnerability Database".
The Aerospike Java client is a Java application that implements a network protocol to communicate with an Aerospike server. Prior to version 7.0.0, some of the messages received from the server contain Java objects that the client deserializes when it encounters them without further validation. Attackers that manage to trick clients into communicating with a malicious server can include especially crafted objects in its responses that, once deserialized by the client, force it to execute arbitrary code. This can be abused to take control of the machine the client is running on. Version 7.0.0 contains a patch for this issue.π Read
via "National Vulnerability Database".
βΌ CVE-2023-29689 βΌ
π Read
via "National Vulnerability Database".
PyroCMS 3.9 contains a remote code execution (RCE) vulnerability that can be exploited through a server-side template injection (SSTI) flaw. This vulnerability allows a malicious attacker to send customized commands to the server and execute arbitrary code on the affected system.π Read
via "National Vulnerability Database".
βΌ CVE-2023-4135 βΌ
π Read
via "National Vulnerability Database".
A heap out-of-bounds memory read flaw was found in the virtual nvme device in QEMU. The QEMU process does not validate an offset provided by the guest before computing a host heap pointer, which is used for copying data back to the guest. Arbitrary heap memory relative to an allocated buffer can be disclosed.π Read
via "National Vulnerability Database".
βΌ CVE-2023-29505 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in Zoho ManageEngine Network Configuration Manager 12.6.165. The WebSocket endpoint allows Cross-site WebSocket hijacking.π Read
via "National Vulnerability Database".
β βCrocodile of Wall Streetβ and her husband plead guilty to giant-sized cryptocrimes β
π Read
via "Naked Security".
Sentences still to be decided, but she could get up to 10 years and he could get as many as 20. π Read
via "Naked Security".
Sophos News
Naked Security β Sophos News
βΌ CVE-2023-39143 βΌ
π Read
via "National Vulnerability Database".
PaperCut NG and PaperCut MF before 22.1.3 are vulnerable to path traversal which enables attackers to read, delete, and upload arbitrary files.π Read
via "National Vulnerability Database".
π1
βΌ CVE-2023-37470 βΌ
π Read
via "National Vulnerability Database".
Metabase is an open-source business intelligence and analytics platform. Prior to versions 0.43.7.3, 0.44.7.3, 0.45.4.3, 0.46.6.4, 1.43.7.3, 1.44.7.3, 1.45.4.3, and 1.46.6.4, a vulnerability could potentially allow remote code execution on one's Metabase server. The core issue is that one of the supported data warehouses (an embedded in-memory database H2), exposes a number of ways for a connection string to include code that is then executed by the process running the embedded database. Because Metabase allows users to connect to databases, this means that a user supplied string can be used to inject executable code. Metabase allows users to validate their connection string before adding a database (including on setup), and this validation API was the primary vector used as it can be called without validation. Versions 0.43.7.3, 0.44.7.3, 0.45.4.3, 0.46.6.4, 1.43.7.3, 1.44.7.3, 1.45.4.3, and 1.46.6.4 fix this issue by removing the ability of users to add H2 databases entirely. As a workaround, it is possible to block these vulnerabilities at the network level by blocking the endpoints `POST /api/database`, `PUT /api/database/:id`, and `POST /api/setup/validateuntil`. Those who use H2 as a file-based database should migrate to SQLite.π Read
via "National Vulnerability Database".
βΌ CVE-2023-38691 βΌ
π Read
via "National Vulnerability Database".
matrix-appservice-bridge provides an API for setting up bridges. Starting in version 4.0.0 and prior to versions 8.1.2 and 9.0.1, a malicious Matrix server can use a foreign user's MXID in an OpenID exchange, allowing a bad actor to impersonate users when using the provisioning API. The library does not check that the servername part of the `sub` parameter (containing the user's *claimed* MXID) is the the same as the servername we are talking to. A malicious actor could spin up a server on any given domain, respond with a `sub` parameter according to the user they want to act as and use the resulting token to perform provisioning requests. Versions 8.1.2 and 9.0.1 contain a patch. As a workaround, disable the provisioning API.π Read
via "National Vulnerability Database".
βΌ CVE-2022-41401 βΌ
π Read
via "National Vulnerability Database".
OpenRefine <= v3.5.2 contains a Server-Side Request Forgery (SSRF) vulnerability, which permits unauthorized users to exploit the system, potentially leading to unauthorized access to internal resources and sensitive file disclosure.π Read
via "National Vulnerability Database".
βΌ CVE-2023-38497 βΌ
π Read
via "National Vulnerability Database".
Cargo downloads the Rust projectΓ’β¬β’s dependencies and compiles the project. Cargo prior to version 0.72.2, bundled with Rust prior to version 1.71.1, did not respect the umask when extracting crate archives on UNIX-like systems. If the user downloaded a crate containing files writeable by any local user, another local user could exploit this to change the source code compiled and executed by the current user. To prevent existing cached extractions from being exploitable, the Cargo binary version 0.72.2 included in Rust 1.71.1 or later will purge caches generated by older Cargo versions automatically. As a workaround, configure one's system to prevent other local users from accessing the Cargo directory, usually located in `~/.cargo`.π Read
via "National Vulnerability Database".
βΌ CVE-2023-38688 βΌ
π Read
via "National Vulnerability Database".
twitch-tui provides Twitch chat in a terminal. Prior to version 2.4.1, the connection is not using TLS for communication. In the configuration of the irc connection, the software disables TLS, which makes all communication to Twitch IRC servers unencrypted. As a result, communication, including auth tokens, can be sniffed. Version 2.4.1 has a patch for this issue.π Read
via "National Vulnerability Database".
βΌ CVE-2023-38487 βΌ
π Read
via "National Vulnerability Database".
HedgeDoc is software for creating real-time collaborative markdown notes. Prior to version 1.9.9, the API of HedgeDoc 1 can be used to create notes with an alias matching the ID of existing notes. The affected existing note can then not be accessed anymore and is effectively hidden by the new one.When the freeURL feature is enabled (by setting the `allowFreeURL` config option or the `CMD_ALLOW_FREEURL` environment variable to `true`), any user with the appropriate permissions can create a note by making a POST request to the `/new/<ALIAS>` API endpoint. The `<ALIAS>` parameter can be set to the ID of an existing note. HedgeDoc did not verify whether the provided `<ALIAS>` value corresponds to a valid ID of an existing note and always allowed creation of the new note. When a visitor tried to access the existing note, HedgeDoc will first search for a note with a matching alias before it searches using the ID, therefore only the new note can be accessed.Depending on the permission settings of the HedgeDoc instance, the issue can be exploited only by logged-in users or by all (including non-logged-in) users. The exploit requires knowledge of the ID of the target note. Attackers could use this issue to present a manipulated copy of the original note to the user, e.g. by replacing the links with malicious ones. Attackers can also use this issue to prevent access to the original note, causing a denial of service. No data is lost, as the original content of the affected notes is still present in the database.This issue was fixed in version 1.9.9. As a workaround, disabling freeURL mode prevents the exploitation of this issue. The impact can be limited by restricting freeURL note creation to trusted, logged-in users by enabling `requireFreeURLAuthentication`/`CMD_REQUIRE_FREEURL_AUTHENTICATION`.π Read
via "National Vulnerability Database".