πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
@cibsecurity
25.8K subscribers
89.2K links
πŸ—ž The finest daily news on cybersecurity and privacy.

πŸ”” Daily releases.

πŸ’» Is your online life secure?

πŸ“© lalilolalo.dev@gmail.com
Download Telegram
About
Blog
Apps
Platform
Join
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
25.8K subscribers
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-38525 β€Ό

A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.171), Teamcenter Visualization V14.1 (All versions), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process.

πŸ“– Read

via "National Vulnerability Database".
156 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-38526 β€Ό

A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.171), Teamcenter Visualization V14.1 (All versions), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process.

πŸ“– Read

via "National Vulnerability Database".
152 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-38527 β€Ό

A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Teamcenter Visualization V14.1 (All versions), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions). The affected applications contain an out of bounds read past the end of an allocated structure while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process.

πŸ“– Read

via "National Vulnerability Database".
151 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-37372 β€Ό

A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.4). The affected applications is vulnerable to SQL injection. This could allow an unauthenticated remote attackers to execute arbitrary SQL queries on the server database.

πŸ“– Read

via "National Vulnerability Database".
154 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-38528 β€Ό

A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.197), Parasolid V35.1 (All versions < V35.1.184), Teamcenter Visualization V14.1 (All versions), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions). The affected application contains an out of bounds write past the end of an allocated buffer while parsing a specially crafted X_T file. This could allow an attacker to execute code in the context of the current process.

πŸ“– Read

via "National Vulnerability Database".
175 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-36692 β€Ό

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Christian Kramer & Hendrik Thole WP-Cirrus plugin <=Γ‚ 0.6.11 versions.

πŸ“– Read

via "National Vulnerability Database".
174 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-38524 β€Ό

A vulnerability has been identified in Parasolid V34.1 (All versions < V34.1.258), Parasolid V35.0 (All versions < V35.0.254), Parasolid V35.1 (All versions < V35.1.171), Teamcenter Visualization V14.1 (All versions), Teamcenter Visualization V14.2 (All versions < V14.2.0.6), Teamcenter Visualization V14.3 (All versions). The affected applications contain null pointer dereference while parsing specially crafted X_T files. This could allow an attacker to execute code in the context of the current process.

πŸ“– Read

via "National Vulnerability Database".
186 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-3717 β€Ό

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Farmakom Remote Administration Console allows SQL Injection.This issue affects Remote Administration Console: before 1.02.

πŸ“– Read

via "National Vulnerability Database".
192 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-32503 β€Ό

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in GTmetrix GTmetrix for WordPress plugin <=Γ‚ 0.4.6 versions.

πŸ“– Read

via "National Vulnerability Database".
208 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ•΄ Dark Reading News Desk: Live at Black Hat USA 2023 πŸ•΄

On Wed Aug 9, Dark Reading News Desk will return to Black Hat USA 2023.

πŸ“– Read

via "Dark Reading".
Dark Reading
Dark Reading News Desk at Black Hat USA 2023
Dark Reading News Desk was on air for two whole days during Black Hat USA 2023.
224 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ“’ GDPR fines just 6% of the total cost of data breaches πŸ“’

Costs are surging as tickbox compliance distracts organizations from proper security

πŸ“– Read

via "ITPro".
IT Pro
GDPR fines just 6% of the total cost of data breaches
Costs are surging as tickbox compliance distracts organizations from proper security
282 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
πŸ“’ Royal, Hive, Black Basta ransomware gangs β€˜collaborating on cyber attacks’ πŸ“’

Affiliates from the now-defunct Hive ransomware group could be seeking opportunities with other major dark web players

πŸ“– Read

via "ITPro".
ITPro
Royal, Hive, Black Basta ransomware gangs β€˜collaborating on cyber attacks’
Affiliates from the now-defunct Hive ransomware group could be seeking opportunities with other major dark web players
309 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-37686 β€Ό

Online Nurse Hiring System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the Add Nurse Page in the Admin portal.

πŸ“– Read

via "National Vulnerability Database".
282 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-25063 β€Ό

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Anadnet Quick Page/Post Redirect Plugin plugin <=Γ‚ 5.2.3 versions.

πŸ“– Read

via "National Vulnerability Database".
270 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-27415 β€Ό

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Themeqx LetterPress plugin <=Γ‚ 1.1.2 versions.

πŸ“– Read

via "National Vulnerability Database".
254 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-37685 β€Ό

Online Nurse Hiring System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the Search Report Page of the Admin portal.

πŸ“– Read

via "National Vulnerability Database".
205 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-37683 β€Ό

Online Nurse Hiring System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the Profile Page of the Admin.

πŸ“– Read

via "National Vulnerability Database".
166 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-37684 β€Ό

Online Nurse Hiring System v1.0 was discovered to contain a cross-site scripting (XSS) vulnerability in the Search Report Details of the Admin portal.

πŸ“– Read

via "National Vulnerability Database".
158 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-28773 β€Ό

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Kolja Nolte Secondary Title plugin <=Γ‚ 2.0.9.1 versions.

πŸ“– Read

via "National Vulnerability Database".
155 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-25984 β€Ό

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Rigorous & Factory Pattern Dovetail plugin <=Γ‚ 1.2.13 versions.

πŸ“– Read

via "National Vulnerability Database".
158 views
πŸ›‘ Cybersecurity & Privacy πŸ›‘ - News
β€Ό CVE-2023-37690 β€Ό

Maid Hiring Management System v1.0 was discovered to contain a SQL injection vulnerability in the Search Maid page.

πŸ“– Read

via "National Vulnerability Database".
155 views