๐ด Vendors Training AI With Customer Data is an Enterprise Risk ๐ด
๐ Read
via "Dark Reading".
While Zoom has scrapped plans to harvest customer content for use in its AI and ML models, the incident should raise concerns for enterprises and consumers a like.๐ Read
via "Dark Reading".
Dark Reading
Vendors Training AI With Customer Data Is an Enterprise Risk
While Zoom has scrapped plans to harvest customer content for use in its AI and ML models, the incident should raise concerns for enterprises and consumers alike.
โผ CVE-2023-4555 โผ
๐ Read
via "National Vulnerability Database".
A vulnerability has been found in SourceCodester Inventory Management System 1.0 and classified as problematic. Affected by this vulnerability is an unknown functionality of the file suppliar_data.php. The manipulation of the argument name/company leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-238153 was assigned to this vulnerability.๐ Read
via "National Vulnerability Database".
๐1
โผ CVE-2023-4556 โผ
๐ Read
via "National Vulnerability Database".
A vulnerability was found in SourceCodester Online Graduate Tracer System 1.0 and classified as critical. Affected by this issue is the function mysqli_query of the file sexit.php. The manipulation of the argument id leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-238154 is the identifier assigned to this vulnerability.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-30436 โผ
๐ Read
via "National Vulnerability Database".
IBM Security Guardium 11.3, 11.4, and 11.5 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 252292.๐ Read
via "National Vulnerability Database".
โผ CVE-2022-43907 โผ
๐ Read
via "National Vulnerability Database".
IBM Security Guardium 11.4 could allow a remote authenticated attacker to execute arbitrary commands on the system by sending a specially crafted request. IBM X-Force ID: 240901.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-4557 โผ
๐ Read
via "National Vulnerability Database".
A vulnerability classified as critical has been found in SourceCodester Inventory Management System 1.0. Affected is an unknown function of the file app/ajax/search_purchase_paymen_report.php. The manipulation of the argument customer leads to sql injection. It is possible to launch the attack remotely. The exploit has been disclosed to the public and may be used. VDB-238158 is the identifier assigned to this vulnerability.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-4558 โผ
๐ Read
via "National Vulnerability Database".
A vulnerability classified as critical was found in SourceCodester Inventory Management System 1.0. Affected by this vulnerability is an unknown functionality of the file staff_data.php. The manipulation of the argument columns[0][data] leads to sql injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-238159.๐ Read
via "National Vulnerability Database".
๐1
โผ CVE-2022-43909 โผ
๐ Read
via "National Vulnerability Database".
IBM Security Guardium 11.4 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 240905.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-30435 โผ
๐ Read
via "National Vulnerability Database".
IBM Security Guardium 11.3, 11.4, and 11.5 is vulnerable to stored cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 252291.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-38730 โผ
๐ Read
via "National Vulnerability Database".
IBM Storage Copy Data Management 2.2.0.0 through 2.2.19.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information. IBM X-Force ID: 262268.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-30437 โผ
๐ Read
via "National Vulnerability Database".
IBM Security Guardium 11.3, 11.4, and 11.5 could allow an unauthorized user to enumerate usernames by sending a specially crafted HTTP request. IBM X-Force ID: 252293.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-4559 โผ
๐ Read
via "National Vulnerability Database".
A vulnerability, which was classified as critical, has been found in Bettershop LaikeTui. Affected by this issue is some unknown functionality of the file index.php?module=api&action=user&m=upload of the component POST Request Handler. The manipulation leads to unrestricted upload. The attack may be launched remotely. This product is using a rolling release to provide continious delivery. Therefore, no version details for affected nor updated releases are available. The identifier of this vulnerability is VDB-238160.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-33852 โผ
๐ Read
via "National Vulnerability Database".
IBM Security Guardium 11.4 is vulnerable to SQL injection. A remote attacker could send specially crafted SQL statements, which could allow the attacker to view, add, modify or delete information in the back-end database. IBM X-Force ID: 257614.๐ Read
via "National Vulnerability Database".
โค1
โผ CVE-2022-43904 โผ
๐ Read
via "National Vulnerability Database".
IBM Security Guardium 11.3 and 11.4 could disclose sensitive information to an attacker due to improper restriction of excessive authentication attempts. IBM X-Force ID: 240895.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-38024 โผ
๐ Read
via "National Vulnerability Database".
SpotCam Co., Ltd. SpotCam FHD 2รขโฌโขs hidden Telnet function has a vulnerability of using hard-coded Telnet credentials. An remote unauthenticated attacker can exploit this vulnerability to access the system to perform arbitrary system operations or disrupt service.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-23473 โผ
๐ Read
via "National Vulnerability Database".
IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 245400.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-24959 โผ
๐ Read
via "National Vulnerability Database".
IBM InfoSphere Information Systems 11.7 could expose information about the host system and environment configuration. IBM X-Force ID: 246332.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-38026 โผ
๐ Read
via "National Vulnerability Database".
SpotCam Co., Ltd. SpotCam FHD 2 has a vulnerability of using hard-coded uBoot credentials. An remote attacker can exploit this vulnerability to access the system to perform arbitrary system operations or disrupt service.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-22877 โผ
๐ Read
via "National Vulnerability Database".
IBM InfoSphere Information Server 11.7 is potentially vulnerable to CSV Injection. A remote attacker could execute arbitrary commands on the system, caused by improper validation of csv file contents. IBM X-Force ID: 244368.๐ Read
via "National Vulnerability Database".
โผ CVE-2023-26270 โผ
๐ Read
via "National Vulnerability Database".
IBM Security Guardium Data Encryption (IBM Guardium Cloud Key Manager (GCKM) 1.10.3)) could allow a remote attacker to execute arbitrary code on the system, caused by an angular template injection flaw. By sending specially crafted request, an attacker could exploit this vulnerability to execute arbitrary code on the system. IBM X-Force ID: 248119.๐ Read
via "National Vulnerability Database".