๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
@cibsecurity
25.8K subscribers
89.2K links
๐Ÿ—ž The finest daily news on cybersecurity and privacy.

๐Ÿ”” Daily releases.

๐Ÿ’ป Is your online life secure?

๐Ÿ“ฉ lalilolalo.dev@gmail.com
Download Telegram
About
Blog
Apps
Platform
Join
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
25.8K subscribers
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-38439 โ€ผ

In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges

๐Ÿ“– Read

via "National Vulnerability Database".
155 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-38441 โ€ผ

In vowifiservice, there is a possible missing permission check.This could lead to local information disclosure with no additional execution privileges

๐Ÿ“– Read

via "National Vulnerability Database".
156 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-38466 โ€ผ

In ims service, there is a possible missing permission check. This could lead to local information disclosure with no additional execution privileges

๐Ÿ“– Read

via "National Vulnerability Database".
160 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-38456 โ€ผ

In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges

๐Ÿ“– Read

via "National Vulnerability Database".
186 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-38457 โ€ผ

In vowifiservice, there is a possible missing permission check.This could lead to local denial of service with no additional execution privileges

๐Ÿ“– Read

via "National Vulnerability Database".
197 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-38461 โ€ผ

In vowifiservice, there is a possible missing permission check.This could lead to local denial of service with no additional execution privileges

๐Ÿ“– Read

via "National Vulnerability Database".
209 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-38443 โ€ผ

In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges

๐Ÿ“– Read

via "National Vulnerability Database".
226 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-38462 โ€ผ

In vowifiservice, there is a possible missing permission check.This could lead to local denial of service with no additional execution privileges

๐Ÿ“– Read

via "National Vulnerability Database".
275 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-38455 โ€ผ

In vowifiservice, there is a possible missing permission check.This could lead to local escalation of privilege with no additional execution privileges

๐Ÿ“– Read

via "National Vulnerability Database".
309 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-4745 โ€ผ

A vulnerability was found in Beijing Baichuo Smart S45F Multi-Service Secure Gateway Intelligent Management Platform up to 20230822. It has been rated as critical. Affected by this issue is some unknown functionality of the file /importexport.php. The manipulation leads to sql injection. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-238634 is the identifier assigned to this vulnerability.

๐Ÿ“– Read

via "National Vulnerability Database".
358 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
๐Ÿ•ด Facing Third-Party Threats With Non-Employee Risk Management ๐Ÿ•ด

As businesses continue to grapple with third-party threats, a revamped approach to non-employee risk management can help limit their potential exposure.

๐Ÿ“– Read

via "Dark Reading".
Dark Reading
Facing Third-Party Threats With Non-Employee Risk Management
As businesses continue to grapple with third-party threats, a revamped approach to non-employee risk management can help limit their potential exposure.
418 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
๐Ÿ“ข VMware Aria: CISA warns customers to immediately patch products ๐Ÿ“ข

The disclosure marks the third critical vulnerability in as many months for VMware

๐Ÿ“– Read

via "ITPro".
ITPro
VMware Aria: CISA warns customers to immediately patch products
The disclosure marks the third critical vulnerability in as many months for VMware
361 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-39988 โ€ผ

Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in ???(std.Cloud) WxSync plugin <=ร‚ 2.7.23 versions.

๐Ÿ“– Read

via "National Vulnerability Database".
323 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-36382 โ€ผ

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Jeffrey-WP Media Library Categories plugin <=ร‚ 2.0.0 versions.

๐Ÿ“– Read

via "National Vulnerability Database".
268 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-39164 โ€ผ

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Molongui Author Box for Authors, Co-Authors, Multiple Authors and Guest Authors รขโ‚ฌโ€œ Molongui plugin <=ร‚ 4.6.19 versions.

๐Ÿ“– Read

via "National Vulnerability Database".
235 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-31220 โ€ผ

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in WP-EXPERTS.IN TEAM WP Categories Widget plugin <=ร‚ 2.2 versions.

๐Ÿ“– Read

via "National Vulnerability Database".
212 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-39162 โ€ผ

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in XLPlugins User Email Verification for WooCommerce plugin <=ร‚ 3.5.0 versions.

๐Ÿ“– Read

via "National Vulnerability Database".
๐Ÿ‘1
187 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-25465 โ€ผ

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy wp tell a friend popup form plugin <=ร‚ 7.1 versions.

๐Ÿ“– Read

via "National Vulnerability Database".
171 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-39918 โ€ผ

Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in SAASPROJECT Booking Package Booking Package plugin <=ร‚ 1.6.01 versions.

๐Ÿ“– Read

via "National Vulnerability Database".
169 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-4614 โ€ผ

This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG LED Assistant. Authentication is not required to exploit this vulnerability. The specific flaw exists within the /api/installation/setThumbnailRc endpoint. The issue results from the lack of proper validation of a user-supplied path prior to using it in file operations. An attacker can leverage this vulnerability to execute code in the context of the current user.

๐Ÿ“– Read

via "National Vulnerability Database".
168 views
๐Ÿ›ก Cybersecurity & Privacy ๐Ÿ›ก - News
โ€ผ CVE-2023-40206 โ€ผ

Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in hwk-fr WP 404 Auto Redirect to Similar Post plugin <=ร‚ 1.0.3 versions.

๐Ÿ“– Read

via "National Vulnerability Database".
168 views