βΌ CVE-2023-38242 βΌ
π Read
via "National Vulnerability Database".
Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.π Read
via "National Vulnerability Database".
βΌ CVE-2023-38237 βΌ
π Read
via "National Vulnerability Database".
Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an out-of-bounds read vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.π Read
via "National Vulnerability Database".
βΌ CVE-2023-29303 βΌ
π Read
via "National Vulnerability Database".
Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by a Use After Free vulnerability that could lead to disclosure of sensitive memory. An attacker could leverage this vulnerability to bypass mitigations such as ASLR. Exploitation of this issue requires user interaction in that a victim must open a malicious file.π Read
via "National Vulnerability Database".
βΌ CVE-2023-38245 βΌ
π Read
via "National Vulnerability Database".
Adobe Acrobat Reader versions 23.003.20244 (and earlier) and 20.005.30467 (and earlier) are affected by an Information Disclosure vulnerability. An unauthenticated attacker could leverage this vulnerability to obtain NTLMv2 credentials. Exploitation of this issue requires user interaction in that a victim must open a maliciously crafted Microsoft Office file, or visit an attacker controlled web page.π Read
via "National Vulnerability Database".
βΌ CVE-2023-38210 βΌ
π Read
via "National Vulnerability Database".
Adobe XMP Toolkit versions 2022.06 is affected by a Uncontrolled Resource Consumption vulnerability. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.π Read
via "National Vulnerability Database".
βΌ CVE-2023-38397 βΌ
π Read
via "National Vulnerability Database".
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Eggemplo Gestion-Pymes plugin <=Γ 1.5.6 versions.π Read
via "National Vulnerability Database".
π΄ Cybersecurity: It's Time to Trust the Machines π΄
π Read
via "Dark Reading".
When it comes to cybersecurity automation, the pluses outweigh the minuses.π Read
via "Dark Reading".
Dark Reading
Cybersecurity: It's Time to Trust the Machines
When it comes to cybersecurity automation, the pluses outweigh the minuses.
π¦Ώ 5 Best Encryption Key Management Software for 2023 π¦Ώ
π Read
via "Tech Republic".
What is the best encryption key management software for your business? Use our guide to compare the features of our top picks.π Read
via "Tech Republic".
TechRepublic
The 5 Best Encryption Key Management Software for 2024
What is the best encryption key management software for your business? Use our guide to compare the features of our top picks.
βΌ CVE-2023-36313 βΌ
π Read
via "National Vulnerability Database".
PHPJabbers Document Creator v1.0 is vulnerable to Cross Site Scripting (XSS) via all post parameters of "Export Requests" aside from "request_feed".π Read
via "National Vulnerability Database".
βΌ CVE-2023-36309 βΌ
π Read
via "National Vulnerability Database".
There is a Cross Site Scripting (XSS) vulnerability in the "action" parameter of index.php in PHPJabbers Document Creator v1.0.π Read
via "National Vulnerability Database".
βΌ CVE-2023-36311 βΌ
π Read
via "National Vulnerability Database".
There is a SQL injection (SQLi) vulnerability in the "column" parameter of index.php in PHPJabbers Document Creator v1.0.π Read
via "National Vulnerability Database".
βΌ CVE-2023-36310 βΌ
π Read
via "National Vulnerability Database".
There is a Cross Site Scripting (XSS) vulnerability in the "column" parameter of index.php in PHPJabbers Document Creator v1.0.π Read
via "National Vulnerability Database".
βΌ CVE-2023-36314 βΌ
π Read
via "National Vulnerability Database".
There is a Cross Site Scripting (XSS) vulnerability in the value-text-o_sms_email_request_message parameters of index.php in PHPJabbers Callback Widget v1.0.π Read
via "National Vulnerability Database".
βΌ CVE-2023-36315 βΌ
π Read
via "National Vulnerability Database".
There is a Cross Site Scripting (XSS) vulnerability in the "action" parameter of index.php in PHPJabbers Callback Widget v1.0.π Read
via "National Vulnerability Database".
βΌ CVE-2023-39957 βΌ
π Read
via "National Vulnerability Database".
Nextcloud Talk Android allows users to place video and audio calls through Nextcloud on Android. Prior to version 17.0.0, an unprotected intend allowed malicious third party apps to trick the Talk Android app into writing files outside of its intended cache directory. Nextcloud Talk Android version 17.0.0 has a patch for this issue. No known workarounds are available.π Read
via "National Vulnerability Database".
βΌ CVE-2023-36312 βΌ
π Read
via "National Vulnerability Database".
There is a Cross Site Scripting (XSS) vulnerability in the value-enum-o_bf_include_timezone parameter of index.php in PHPJabbers Callback Widget v1.0.π Read
via "National Vulnerability Database".
βΌ CVE-2023-40216 βΌ
π Read
via "National Vulnerability Database".
OpenBSD 7.3 before errata 014 is missing an argument-count bounds check in console terminal emulation. This could cause incorrect memory access and a kernel crash after receiving crafted DCS or CSI terminal escape sequences.π Read
via "National Vulnerability Database".
βΌ CVE-2022-47636 βΌ
π Read
via "National Vulnerability Database".
A DLL hijacking vulnerability has been discovered in OutSystems Service Studio 11 11.53.30 build 61739. When a user open a .oml file (OutSystems Modeling Language), the application will load the following DLLs from the same directory av_libGLESv2.dll, libcef.DLL, user32.dll, and d3d10warp.dll. Using a crafted DLL, it is possible to execute arbitrary code in the context of the current logged in user.π Read
via "National Vulnerability Database".
βΌ CVE-2023-4128 βΌ
π Read
via "National Vulnerability Database".
A use-after-free flaw was found in net/sched/cls_fw.c in classifiers (cls_fw, cls_u32, and cls_route) in the Linux Kernel. This flaw allows a local attacker to perform a local privilege escalation due to incorrect handling of the existing filter, leading to a kernel information leak issue.π Read
via "National Vulnerability Database".
π΄ Rootly Raises $12M to Help Enterprise IT Teams Resolve Incidents 80 Percent Faster π΄
π Read
via "Dark Reading".
π Read
via "Dark Reading".
Dark Reading
Rootly Raises $12M to Help Enterprise IT Teams Resolve Incidents 80 Percent Faster
San Francisco, Calif. β Aug. 10, 2023 β Rootly, which offers the first and only enterprise-grade incident management platform, announced today that it has raised a $12M Series A round of financing led by Renegade Partners with participation from Google Gradientβ¦