‼ CVE-2023-4584 ‼
📖 Read
via "National Vulnerability Database".
Memory safety bugs present in Firefox 116, Firefox ESR 102.14, Firefox ESR 115.1, Thunderbird 102.14, and Thunderbird 115.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 117, Firefox ESR < 102.15, Firefox ESR < 115.2, and Thunderbird < 115.2.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-36161 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Qubo Smart Plug 10A version HSP02_01_01_14_SYSTEM-10A, allows attackers to cause a denial of service (DoS) via Wi-Fi deauthentication.📖 Read
via "National Vulnerability Database".
🕴 Overcoming the Rising Threat of Session Hijacking 🕴
📖 Read
via "Dark Reading".
Passkeys and multifactor authentication aren't enough for combating infostealer malware, which can exfiltrate corporate data before anyone knows an attack happened.📖 Read
via "Dark Reading".
Dark Reading
Overcoming the Rising Threat of Session Hijacking
Passkeys and multifactor authentication aren't enough for combating infostealer malware, which can exfiltrate corporate data before anyone knows an attack happened.
🕴 Navigating Rwanda's New Data Protection Law 🕴
📖 Read
via "Dark Reading".
As the law's October 2023 transition deadline approaches, it's critical for organizations doing business in Rwanda to understand its requirements and implications.📖 Read
via "Dark Reading".
Dark Reading
Navigating Rwanda's New Data Protection Law
As the law's October 2023 transition deadline approaches, it's critical for organizations doing business in Rwanda to understand its requirements and implications.
‼ CVE-2023-30058 ‼
📖 Read
via "National Vulnerability Database".
novel-plus 3.6.2 is vulnerable to SQL Injection.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-4881 ‼
📖 Read
via "National Vulnerability Database".
A stack based out-of-bounds write flaw was found in the netfilter subsystem in the Linux kernel. If the expression length is a multiple of 4 (register size), the `nft_exthdr_eval` family of functions writes 4 NULL bytes past the end of the `regs` argument, leading to stack corruption and potential information disclosure or a denial of service.📖 Read
via "National Vulnerability Database".
🕴 Iranian APT Hits US Aviation Org via ManageEngine, Fortinet Bugs 🕴
📖 Read
via "Dark Reading".
Known security vulnerabilities in the enterprise products allowed unauthorized access through a public-facing application, US Cyber Command said.📖 Read
via "Dark Reading".
Dark Reading
Iranian APT Hits US Aviation Org via ManageEngine, Fortinet Bugs
Known security vulnerabilities in the enterprise products allowed unauthorized access through a public-facing application, US Cyber Command said.
🦿 OneTrust Data Governance Review (2023): Features & Pricing 🦿
📖 Read
via "Tech Republic".
This is a comprehensive OneTrust data governance review, covering features, pricing and more. Use this guide to find out if it is the best solution for you.📖 Read
via "Tech Republic".
TechRepublic
OneTrust Data Governance Review (2023): Features & Pricing
This is a comprehensive OneTrust data governance review, covering features, pricing and more. Use this guide to find out if it is the best solution for you.
🕴 Being Flexible Can Improve Your Security Posture 🕴
📖 Read
via "Dark Reading".
Changing your approach when you realize you could be more efficient pays dividends, especially in six areas of your cybersecurity program.📖 Read
via "Dark Reading".
Dark Reading
Being Flexible Can Improve Your Security Posture
Changing your approach when you realize you could be more efficient pays dividends, especially in six areas of your cybersecurity program.
‼ CVE-2020-19318 ‼
📖 Read
via "National Vulnerability Database".
Buffer Overflow vulnerability in D-Link DIR-605L, hardware version AX, firmware version 1.17beta and below, allows authorized attackers execute arbitrary code via sending crafted data to the webserver service program.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-31067 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in TSplus Remote Access through 16.0.2.14. There are Full Control permissions for Everyone on some directories under %PROGRAMFILES(X86)%\TSplus\Clients\www.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-31068 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in TSplus Remote Access through 16.0.2.14. There are Full Control permissions for Everyone on some directories under %PROGRAMFILES(X86)%\TSplus\UserDesktop\themes.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-41593 ‼
📖 Read
via "National Vulnerability Database".
Multiple cross-site scripting (XSS) vulnerabilities in Dairy Farm Shop Management System Using PHP and MySQL v1.1 allow attackers to execute arbitrary web scripts and HTML via a crafted payload injected into the Category and Category Field parameters.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-41256 ‼
📖 Read
via "National Vulnerability Database".
Dover Fueling Solutions MAGLINK LX Web Console Configuration versions 2.5.1, 2.5.2, 2.5.3, 2.6.1, 2.11, 3.0, 3.2, and 3.3 are vulnerable to authentication bypass that could allow an unauthorized attacker to obtain user access.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-40032 ‼
📖 Read
via "National Vulnerability Database".
libvips is a demand-driven, horizontally threaded image processing library. A specially crafted SVG input can cause libvips versions 8.14.3 or earlier to segfault when attempting to parse a malformed UTF-8 character. Users should upgrade to libvips version 8.14.4 (or later) when processing untrusted input.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-31069 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in TSplus Remote Access through 16.0.2.14. Credentials are stored as cleartext within the HTML source code of the login page.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-19323 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in /bin/mini_upnpd on D-Link DIR-619L 2.06beta devices. There is a heap buffer overflow allowing remote attackers to restart router via the M-search request ST parameter. No authentication required📖 Read
via "National Vulnerability Database".
‼ CVE-2023-39068 ‼
📖 Read
via "National Vulnerability Database".
Buffer Overflow vulnerability in NBD80S09S-KLC v.YK_HZXM_NBD80S09S-KLC_V4.03.R11.7601.Nat.OnvifC.20230414.bin and NBD80N32RA-KL-V3 v.YK_HZXM_NBD80N32RA-KL_V4.03.R11.7601.Nat.OnvifC.20220120.bin allows a remote attacker to casue a denial of service via a crafted request to the service.XM component.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-31468 ‼
📖 Read
via "National Vulnerability Database".
An issue was discovered in Inosoft VisiWin 7 through 2022-2.1 (Runtime RT7.3 RC3 20221209.5). The "%PROGRAMFILES(X86)%\INOSOFT GmbH" folder has weak permissions for Everyone, allowing an attacker to insert a Trojan horse file that runs as SYSTEM.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-39067 ‼
📖 Read
via "National Vulnerability Database".
Cross Site Scripting vulnerability in ZLMediaKiet v.4.0 and v.5.0 allows an attacker to execute arbitrary code via a crafted script to the URL.📖 Read
via "National Vulnerability Database".
‼ CVE-2020-19320 ‼
📖 Read
via "National Vulnerability Database".
Buffer overflow vulnerability in DLINK 619L version B 2.06beta via the curTime parameter on login.📖 Read
via "National Vulnerability Database".