🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-35381 ‼

Windows Fax Service Remote Code Execution Vulnerability

📖 Read

via "National Vulnerability Database".

144 views20:20

‼ CVE-2023-20562 ‼

Insufficient validation in the IOCTL (Input Output Control) input buffer in AMD uProf may allow an authenticated user to load an unsigned driver potentially leading to arbitrary kernel execution.

📖 Read

via "National Vulnerability Database".

148 views20:20

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-38184 ‼

Windows Lightweight Directory Access Protocol (LDAP) Remote Code Execution Vulnerability

📖 Read

via "National Vulnerability Database".

156 views20:20

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-38254 ‼

Microsoft Message Queuing Denial of Service Vulnerability

📖 Read

via "National Vulnerability Database".

162 views20:20

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-20555 ‼

Insufficient input validation inCpmDisplayFeatureSmm may allow an attacker to corrupt SMM memory by overwritingan arbitrary bit in an attacker-controlled pointer potentially leading toarbitrary code execution in SMM.

📖 Read

via "National Vulnerability Database".

177 views20:20

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-36911 ‼

Microsoft Message Queuing Remote Code Execution Vulnerability

📖 Read

via "National Vulnerability Database".

181 views20:20

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-29328 ‼

Microsoft Teams Remote Code Execution Vulnerability

📖 Read

via "National Vulnerability Database".

202 views20:20

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-35388 ‼

Microsoft Exchange Server Remote Code Execution Vulnerability

📖 Read

via "National Vulnerability Database".

227 views20:20

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-35371 ‼

Microsoft Office Remote Code Execution Vulnerability

📖 Read

via "National Vulnerability Database".

236 views20:20

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-36532 ‼

Buffer overflow in Zoom Clients before 5.14.5 may allow an unauthenticated user to enable a denial of service via network access.

📖 Read

via "National Vulnerability Database".

248 views20:20

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-38176 ‼

Azure Arc-Enabled Servers Elevation of Privilege Vulnerability

📖 Read

via "National Vulnerability Database".

285 views20:29

🛡 Cybersecurity & Privacy 🛡 - News

🦿 Microsoft Azure AI Adds GPT-4 and New Virtual Machines 🦿

Microsoft is working on creating guidelines for red teams making sure generative AI is secure and responsible.

📖 Read

via "Tech Republic".

TechRepublic

Microsoft Azure AI Adds GPT-4 and New Virtual Machines

Microsoft is also working on creating guidelines for red teams working on making sure generative AI is both secure and responsible.

325 views21:15

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-26961 ‼

Alteryx Server 2022.1.1.42590 does not employ file type verification for uploaded files. This vulnerability allows attackers to upload arbitrary files by changing the extension of the uploaded file.

📖 Read

via "National Vulnerability Database".

345 views22:14

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-39086 ‼

ASUS RT-AC66U B1 3.0.0.4.286_51665 was discovered to transmit sensitive information in cleartext.

📖 Read

via "National Vulnerability Database".

373 views22:14

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-36344 ‼

An issue in Diebold Nixdorf Vynamic View Console v.5.3.1 and before allows a local attacker to execute arbitrary code via not restricting the search path for required DLLs and not verifying the signature.

📖 Read

via "National Vulnerability Database".

433 views22:14

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-36482 ‼

An issue was discovered in Samsung NFC S3NRN4V, S3NSN4V, S3NSEN4, SEN82AB, and S3NRN82. A buffer copy without checking its input size can cause an NFC service restart.

📖 Read

via "National Vulnerability Database".

519 views22:14

🛡 Cybersecurity & Privacy 🛡 - News

♟️ Microsoft Patch Tuesday, August 2023 Edition ♟️

Microsoft Corp. today issued software updates to plug more than 70 security holes in its Windows operating systems and related products, including a patch that addresses multiple zero-day vulnerabilities currently being exploited in the wild.

📖 Read

via "Krebs on Security".

Krebs on Security

Microsoft Patch Tuesday, August 2023 Edition

Microsoft Corp. today issued software updates to plug more than 70 security holes in its Windows operating systems and related products, including a patch that addresses multiple zero-day vulnerabilities currently being exploited in the wild.

533 views02:32

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-3632 ‼

Use of Hard-coded Cryptographic Key vulnerability in Sifir Bes Education and Informatics Kunduz - Homework Helper App allows Authentication Abuse, Authentication Bypass.This issue affects Kunduz - Homework Helper App: before 6.2.3.

📖 Read

via "National Vulnerability Database".

462 views10:15

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-37855 ‼

In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote attacker with low privileges is able to gain limited read-access to the device-filesystem within the embedded Qt browser.

📖 Read

via "National Vulnerability Database".

419 views10:16

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-24477 ‼

In certain conditions, depending on timing and the usage of the Chrome web browser, Guardian/CMC versions before 22.6.2 do not always completely invalidate the user session upon logout. Thus an authenticated local attacker may gain acces to the original user's session.

📖 Read

via "National Vulnerability Database".

349 views10:16

🛡 Cybersecurity & Privacy 🛡 - News

‼ CVE-2023-22378 ‼

A blind SQL Injection vulnerability in Nozomi Networks Guardian and CMC, due to improper input validation in the sorting parameter, allows an authenticated attacker to execute arbitrary SQL queries on the DBMS used by the web application.Authenticated users can extract arbitrary information from the DBMS in an uncontrolled way.

📖 Read

via "National Vulnerability Database".

237 views10:16

About

Blog

Apps

Platform