‼ CVE-2023-41316 ‼
📖 Read
via "National Vulnerability Database".
Tolgee is an open-source localization platform. Due to lack of validation field - Org Name, bad actor can send emails with HTML injected code to the victims. Registered users can inject HTML into unsanitized emails from the Tolgee instance to other users. This unsanitized HTML ends up in invitation emails which appear as legitimate org invitations. Bad actors may direct users to malicious website or execute javascript in the context of the users browser. This vulnerability has been addressed in version 3.29.2. Users are advised to upgrade. There are no known workarounds for this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-20194 ‼
📖 Read
via "National Vulnerability Database".
A vulnerability in the ERS API of Cisco ISE could allow an authenticated, remote attacker to read arbitrary files on the underlying operating system of an affected device. To exploit this vulnerability, an attacker must have valid Administrator-level privileges on the affected device. This vulnerability is due to improper privilege management in the ERS API. An attacker could exploit this vulnerability by sending a crafted request to an affected device. A successful exploit could allow the attacker to elevate their privileges beyond the sphere of their intended access level, which would allow them to obtain sensitive information from the underlying operating system. Note: The ERS is not enabled by default. To verify the status of the ERS API in the Admin GUI, choose Administration > Settings > API Settings > API Service Settings.📖 Read
via "National Vulnerability Database".
🕴 Microsoft ID Security Gaps That Let Threat Actor Steal Signing Key 🕴
📖 Read
via "Dark Reading".
China's Storm-0558 accessed user emails at some 25 enterprise organizations earlier this year using forged tokens.📖 Read
via "Dark Reading".
Dark Reading
Microsoft IDs Security Gaps that Let Threat Actors Steal Signing Key
China's Storm-0558 accessed user emails at some 25 enterprise organizations earlier this year using forged tokens.
‼ CVE-2023-41646 ‼
📖 Read
via "National Vulnerability Database".
Buttercup v2.20.3 allows attackers to obtain the hash of the master password for the password manager via accessing the file /vaults.json/📖 Read
via "National Vulnerability Database".
‼ CVE-2023-41161 ‼
📖 Read
via "National Vulnerability Database".
Multiple stored cross-site scripting (XSS) vulnerabilities in Usermin 2.000 allow remote attackers to inject arbitrary web script or HTML via the key comment to different pages such as public key details, Export key, sign key, send to key server page, and fetch from key server page tab.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-40029 ‼
📖 Read
via "National Vulnerability Database".
Argo CD is a declarative continuous deployment for Kubernetes. Argo CD Cluster secrets might be managed declaratively using Argo CD / kubectl apply. As a result, the full secret body is stored in`kubectl.kubernetes.io/last-applied-configuration` annotation. pull request #7139 introduced the ability to manage cluster labels and annotations. Since clusters are stored as secrets it also exposes the `kubectl.kubernetes.io/last-applied-configuration` annotation which includes full secret body. In order to view the cluster annotations via the Argo CD API, the user must have `clusters, get` RBAC access. **Note:** In many cases, cluster secrets do not contain any actually-secret information. But sometimes, as in bearer-token auth, the contents might be very sensitive. The bug has been patched in versions 2.8.3, 2.7.14, and 2.6.15. Users are advised to upgrade. Users unable to upgrade should update/deploy cluster secret with `server-side-apply` flag which does not use or rely on `kubectl.kubernetes.io/last-applied-configuration` annotation. Note: annotation for existing secrets will require manual removal.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-30908 ‼
📖 Read
via "National Vulnerability Database".
Potential security vulnerabilities have been identified in Hewlett Packard Enterprise OneView Software. These vulnerabilities could be remotely exploited to allow authentication bypass, disclosure of sensitive information, and denial of service.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-40584 ‼
📖 Read
via "National Vulnerability Database".
Argo CD is a declarative continuous deployment for Kubernetes. All versions of ArgoCD starting from v2.4 have a bug where the ArgoCD repo-server component is vulnerable to a Denial-of-Service attack vector. Specifically, the said component extracts a user-controlled tar.gz file without validating the size of its inner files. As a result, a malicious, low-privileged user can send a malicious tar.gz file that exploits this vulnerability to the repo-server, thereby harming the system's functionality and availability. Additionally, the repo-server is susceptible to another vulnerability due to the fact that it does not check the extracted file permissions before attempting to delete them. Consequently, an attacker can craft a malicious tar.gz archive in a way that prevents the deletion of its inner files when the manifest generation process is completed. A patch for this vulnerability has been released in versions 2.6.15, 2.7.14, and 2.8.3. Users are advised to upgrade. The only way to completely resolve the issue is to upgrade, however users unable to upgrade should configure RBAC (Role-Based Access Control) and provide access for configuring applications only to a limited number of administrators. These administrators should utilize trusted and verified Helm charts.📖 Read
via "National Vulnerability Database".
🕴 Software Supply Chain Strategies to Parry Dependency Confusion Attacks 🕴
📖 Read
via "Dark Reading".
Bad actors practice to deceive package managers with a tangled web of methods. Here's how to hoist them by their own petard.📖 Read
via "Dark Reading".
Dark Reading
Software Supply Chain Strategies to Parry Dependency Confusion Attacks
Bad actors practice to deceive package managers with a tangled web of methods. Here's how to hoist them by their own petard.
‼ CVE-2023-40353 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Exynos Mobile Processor 980 and 2100. An integer overflow at a buffer index can prevent the execution of requested services via a crafted application.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-41594 ‼
📖 Read
via "National Vulnerability Database".
Dairy Farm Shop Management System Using PHP and MySQL v1.1 was discovered to contain multiple SQL injection vulnerabilities in the Login function via the Username and Password parameters.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-40271 ‼
📖 Read
via "National Vulnerability Database".
In Trusted Firmware-M through TF-Mv1.8.0, for platforms that integrate the CryptoCell accelerator, when the CryptoCell PSA Driver software Interface is selected, and the Authenticated Encryption with Associated Data Chacha20-Poly1305 algorithm is used, with the single-part verification function (defined during the build-time configuration phase) implemented with a dedicated function (i.e., not relying on usage of multipart functions), the buffer comparison during the verification of the authentication tag does not happen on the full 16 bytes but just on the first 4 bytes, thus leading to the possibility that unauthenticated payloads might be identified as authentic. This affects TF-Mv1.6.0, TF-Mv1.6.1, TF-Mv1.7.0, and TF-Mv1.8.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-40953 ‼
📖 Read
via "National Vulnerability Database".
icms 7.0.16 is vulnerable to Cross Site Request Forgery (CSRF).📖 Read
via "National Vulnerability Database".
‼ CVE-2023-37368 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor, and Modem (Exynos Mobile Processor, Automotive Processor, and Modem - Exynos 9810, Exynos 9610, Exynos 9820, Exynos 980, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos 9110, Exynos W920, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123). In the Shannon MM Task, Missing validation of a NULL pointer can cause abnormal termination via a malformed NR MM packet.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-27599 ‼
📖 Read
via "National Vulnerability Database".
An insertion of sensitive information into Log file vulnerability has been reported to affect product. If exploited, the vulnerability possibly provides local authenticated administrators with an additional, less-protected path to acquiring the information via unspecified vectors.We have already fixed the vulnerability in the following version:Windows 10 SP1, Windows 11, Mac OS, and Mac M1: QVR Pro Client 2.3.0.0420 and later📖 Read
via "National Vulnerability Database".
‼ CVE-2021-45811 ‼
📖 Read
via "National Vulnerability Database".
A SQL injection vulnerability in the "Search" functionality of "tickets.php" page in osTicket 1.15.x allows authenticated attackers to execute arbitrary SQL commands via the "keywords" and "topic_id" URL parameters combination.📖 Read
via "National Vulnerability Database".
‼ CVE-2014-5329 ‼
📖 Read
via "National Vulnerability Database".
GIGAPOD file servers (Appliance model and Software model) provide two web interfaces, 80/tcp and 443/tcp for user operation, and 8001/tcp for administrative operation.8001/tcp is served by a version of Apache HTTP server containing a flaw in handling HTTP requests (CVE-2011-3192), which may lead to a denial-of-service (DoS) condition.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-37367 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Samsung Exynos Mobile Processor, Automotive Processor, and Modem (Exynos 9820, Exynos 980, Exynos 850, Exynos 1080, Exynos 2100, Exynos 2200, Exynos 1280, Exynos 1380, Exynos 1330, Exynos Modem 5123, Exynos Modem 5300, and Exynos Auto T5123. In the NAS Task, an improperly implemented security check for standard can disallow desired services for a while via consecutive NAS messages.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-37377 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Samsung Exynos Mobile Processor and Wearable Processor (Exynos 980, Exynos 850, Exynos 2100, and Exynos W920). Improper handling of length parameter inconsistency can cause incorrect packet filtering.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-37759 ‼
📖 Read
via "National Vulnerability Database".
Incorrect access control in the User Registration page of Crypto Currency Tracker (CCT) before v9.5 allows unauthenticated attackers to register as an Admin account via a crafted POST request.📖 Read
via "National Vulnerability Database".
‼ CVE-2021-33834 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in iscflashx64.sys 3.9.3.0 in Insyde H2OFFT 6.20.00. When handling IOCTL 0x22229a, the input used to allocate a buffer and copy memory is mishandled. This could cause memory corruption or a system crash.📖 Read
via "National Vulnerability Database".