โผ CVE-2023-37860 โผ
๐ Read
via "National Vulnerability Database".
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 a remote unauthenticated attacker can obtain the r/w community string of the SNMPv2 daemon.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-37859 โผ
๐ Read
via "National Vulnerability Database".
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 the SNMP daemon is running with root privileges allowing a remote attacker with knowledge of the SNMPv2 r/w community string to execute system commands as root.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-38213 โผ
๐ Read
via "National Vulnerability Database".
Adobe Dimension version 3.4.9 is affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-37858 โผ
๐ Read
via "National Vulnerability Database".
In PHOENIX CONTACTs WP 6xxx series web panels in versions prior to 4.0.10 an authenticated, remote attacker with admin privileges is able to read hardcoded cryptographic keys allowing to decrypt an encrypted web application login password.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-38209 โผ
๐ Read
via "National Vulnerability Database".
Adobe Commerce versions 2.4.6-p1 (and earlier), 2.4.5-p3 (and earlier) and 2.4.4-p4 (and earlier) are affected by an Incorrect Authorization vulnerability that could lead to a Security feature bypass. A low-privileged attacker could leverage this vulnerability to access other user's data. Exploitation of this issue does not require user interaction.๐ Read
via "National Vulnerability Database".
๐ด Closing Coverage Gaps Where Customer Resources Meet Cloud Environments ๐ด
๐ Read
via "Dark Reading".
Protecting the spaces where private, public, and hybrid clouds meet users' technologies requires a cloud-centric approach.๐ Read
via "Dark Reading".
Dark Reading
Closing Coverage Gaps Where Customer Resources Meet Cloud Environments
Protecting the spaces where private, public, and hybrid clouds meet users' technologies requires a cloud-centric approach.
โค1
โผ CVE-2023-31448 โผ
๐ Read
via "National Vulnerability Database".
An issue was discovered in Paessler PRTG Network Monitor 23.2.83.1760 x64. To exploit the vulnerability, a authenticated user can create a HL7 Sensor. When creating this sensor, the user can set the HL7 message that should be sent from the PRTG device. This input parameter contains a path traversal vulnerability that allows an attacker to choose arbitrary files from the system.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-32781 โผ
๐ Read
via "National Vulnerability Database".
An issue was discovered in Paessler PRTG Network Monitor 23.2.83.1760. Due to command-line parameter injection and an undocumented debug feature flag, an attacker can utilize the HL7 sensor to write arbitrary data to the disk. This can be utilized to write a custom EXE(.bat) sensor, that will then run. This primitive gives remote code execution.๐ Read
via "National Vulnerability Database".
๐1
โผ CVE-2023-31452 โผ
๐ Read
via "National Vulnerability Database".
An issue was discovered in Paessler PRTG Network Monitor 23.2.83.1760 x64. The NetApp Volume Sensor transmits cleartext credentials over the network when the HTTP protocol is selected. This can be triggered remotely via a CSRF by simply sending a controls/addsensor3.htm link to a logged-in victim.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-32782 โผ
๐ Read
via "National Vulnerability Database".
An issue was discovered in Paessler PRTG Network Monitor 23.2.83.1760. Due to command-line parameter injection and an undocumented debug feature flag, an attacker can utilize the DICOM sensor to write arbitrary data to the disk. This can be utilized to write a custom EXE(.bat) sensor, that will then run. This primitive gives remote code execution.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-31449 โผ
๐ Read
via "National Vulnerability Database".
An issue was discovered in Paessler PRTG Network Monitor 23.2.83.1760 x64. To exploit the vulnerability, a authenticated user can create a WMI Custom Sensor. When creating this sensor, the user can set the WQL message that should be sent from the PRTG device. This input parameter contains a path traversal vulnerability that allows an attacker to choose arbitrary files from the system.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-33953 โผ
๐ Read
via "National Vulnerability Database".
gRPC contains a vulnerability that allows hpack table accounting errors could lead to unwanted disconnects between clients and servers in exceptional cases/ร Three vectors were found that allow the following DOS attacks:- Unbounded memory buffering in the HPACK parser- Unbounded CPU consumption in the HPACK parserThe unbounded CPU consumption is down to a copy that occurred per-input-block in the parser, and because that could be unbounded due to the memory copy bug we end up with an O(n^2) parsing loop, with n selected by the client.The unbounded memory buffering bugs:- The header size limit check was behind the string reading code, so we needed to first buffer up to a 4 gigabyte string before rejecting it as longer than 8 or 16kb.- HPACK varints have an encoding quirk whereby an infinite number of 0รขโฌโขs can be added at the start of an integer. gRPCรขโฌโขs hpack parser needed to read all of them before concluding a parse.- gRPCรขโฌโขs metadata overflow check was performed per frame, so that the following sequence of frames could cause infinite buffering: HEADERS: containing a: 1 CONTINUATION: containing a: 2 CONTINUATION: containing a: 3 etcรขโฌยฆ๐ Read
via "National Vulnerability Database".
โผ CVE-2023-31450 โผ
๐ Read
via "National Vulnerability Database".
An issue was discovered in Paessler PRTG Network Monitor 23.2.83.1760 x64. To exploit the vulnerability, a authenticated user can create a SQL Sensor. When creating this sensor, the user can set the SQL message that should be sent from the PRTG device. This input parameter contains a path traversal vulnerability that allows an attacker to choose arbitrary files from the system. They will be transmitted over the internet to the attacker's machine.๐ Read
via "National Vulnerability Database".
๐ด Why Shellshock Remains a Cybersecurity Threat After 9 Years ๐ด
๐ Read
via "Dark Reading".
Nearly a decade after it was disclosed, the Shellshock vulnerability still plagues organizations. Learn how to protect yourself.๐ Read
via "Dark Reading".
Dark Reading
Why Shellshock Remains a Cybersecurity Threat After 9 Years
Nearly a decade after it was disclosed, the Shellshock vulnerability still plagues organizations. Learn how to protect yourself.
๐ด AI Risk Database Tackles AI Supply Chain Risks ๐ด
๐ Read
via "Dark Reading".
The open source tool โ a collaboration between Robust Intelligence, MITRE, and Indiana University โ assesses heavily shared, public machine learning models for risk.๐ Read
via "Dark Reading".
Dark Reading
AI Risk Database Tackles AI Supply Chain Risks
The open source tool โ a collaboration between Robust Intelligence, MITRE, and Indiana University โ assesses heavily shared, public machine learning models for risk.
โผ CVE-2023-3953 โผ
๐ Read
via "National Vulnerability Database".
A CWE-119: Improper Restriction of Operations within the Bounds of a MemoryBuffer vulnerability exists that could cause memory corruption when an authenticated useropens a tampered log file from GP-Pro EX.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-34545 โผ
๐ Read
via "National Vulnerability Database".
A SQL injection vulnerability in CSZCMS 1.3.0 allows remote attackers to run arbitrary SQL commands via p parameter or the search URL.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-4273 โผ
๐ Read
via "National Vulnerability Database".
A flaw was found in the exFAT driver of the Linux kernel. The vulnerability exists in the implementation of the file name reconstruction function, which is responsible for reading file name entries from a directory index and merging file name parts belonging to one file into a single long file name. Since the file name characters are copied into a stack variable, a local privileged attacker could use this flaw to overflow the kernel stack.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-40012 โผ
๐ Read
via "National Vulnerability Database".
uthenticode is a small cross-platform library for partially verifying Authenticode digital signatures. Versions of uthenticode prior to the 2.x series did not check Extended Key Usages in certificates, in violation of the Authenticode X.509 certificate profile. As a result, a malicious user could produce a "signed" PE file that uthenticode would verify and consider valid using an X.509 certificate that isn't entitled to produce code signatures (e.g., a SSL certificate). By design, uthenticode does not perform full-chain validation. However, the absence of EKU validation was an unintended oversight. The 2.0.0 release series includes EKU checks. There are no workarounds to this vulnerability.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-3518 โผ
๐ Read
via "National Vulnerability Database".
HashiCorp Consul and Consul Enterprise 1.16.0 when using JWT Auth for service mesh incorrectly allows/denies access regardless of service identities. Fixed in 1.16.1.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-39969 โผ
๐ Read
via "National Vulnerability Database".
uthenticode is a small cross-platform library for partially verifying Authenticode digital signatures. Version 1.0.9 of uthenticode hashed the entire file rather than hashing sections by virtual address, in violation of the Authenticode specification. As a result, an attacker could modify code within a binary without changing its Authenticode hash, making it appear valid from uthenticode's perspective. Versions of uthenticode prior to 1.0.9 are not vulnerable to this attack, nor are versions in the 2.x series. By design, uthenticode does not perform full-chain validation. However, the malleability of signature verification introduced in 1.0.9 was an unintended oversight. The 2.x series addresses the vulnerability. Versions prior to 1.0.9 are also not vulnerable, but users are encouraged to upgrade rather than downgrade. There are no workarounds to this vulnerability.๐ Read
via "National Vulnerability Database".