βΌ CVE-2023-40611 βΌ
π Read
via "National Vulnerability Database".
Apache Airflow, versions before 2.7.1, is affected by a vulnerability that allowsΓ authenticated and DAG-view authorized Users to modify some DAG run detail values when submitting notes. This could have them alter details such as configuration parameters, start date, etc.Users should upgrade to version 2.7.1 or later which has removed the vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2023-27169 βΌ
π Read
via "National Vulnerability Database".
Xpand IT Write-back manager v2.3.1 uses a hardcoded salt in license class configuration which leads to the generation of a hardcoded and predictable symmetric encryption keys for license generation and validation.π Read
via "National Vulnerability Database".
βΌ CVE-2023-39637 βΌ
π Read
via "National Vulnerability Database".
D-Link DIR-816 A2 1.10 B05 was discovered to contain a command injection vulnerability via the component /goform/Diagnosis.π Read
via "National Vulnerability Database".
βΌ CVE-2023-41013 βΌ
π Read
via "National Vulnerability Database".
Cross Site Scripting (XSS) in Webmail Calendar in IceWarp 10.3.1 allows remote attackers to inject arbitrary web script or HTML via the "p4" field.π Read
via "National Vulnerability Database".
π¦Ώ Dreamforce 2023: Salesforce Expands Einstein AI and Data Cloud Platform π¦Ώ
π Read
via "Tech Republic".
The Einstein 1 platform links Salesforce CRM data and generative AI. Plus, Trust Layer allows organizations to have control over their own data.π Read
via "Tech Republic".
TechRepublic
Dreamforce 2023: Salesforce Expands Einstein AI and Data Cloud Platform
The Einstein 1 platform links Salesforce CRM data and generative AI. Plus, Trust Layer allows organizations control over their own data.
π1
βΌ CVE-2023-4863 βΌ
π Read
via "National Vulnerability Database".
Heap buffer overflow in WebP in Google Chrome prior to 116.0.5845.187 allowed a remote attacker to perform an out of bounds memory write via a crafted HTML page. (Chromium security severity: Critical)π Read
via "National Vulnerability Database".
βΌ CVE-2023-4914 βΌ
π Read
via "National Vulnerability Database".
Relative Path Traversal in GitHub repository cecilapp/cecil prior to 7.47.1.π Read
via "National Vulnerability Database".
βΌ CVE-2023-40784 βΌ
π Read
via "National Vulnerability Database".
DedeCMS 5.7.102 has a File Upload vulnerability via uploads/dede/module_make.php.π Read
via "National Vulnerability Database".
βΌ CVE-2023-4913 βΌ
π Read
via "National Vulnerability Database".
Cross-site Scripting (XSS) - Reflected in GitHub repository cecilapp/cecil prior to 7.47.1.π Read
via "National Vulnerability Database".
βΌ CVE-2023-2071 βΌ
π Read
via "National Vulnerability Database".
Rockwell Automation FactoryTalk View Machine Edition on the PanelView Plus, improperly verifies userΓ’β¬β’s input, which allows unauthenticated attacker to achieve remote code executed via crafted malicious packets. Γ The device has the functionality, through a CIP class, to execute exported functions from libraries. Γ There is a routine that restricts it to execute specific functions from two dynamic link library files. Γ By using a CIP class, an attacker can upload a self-made library to the device which allows the attacker to bypass the security check and execute any code written in the function.π Read
via "National Vulnerability Database".
βΌ CVE-2023-40218 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in the NPU kernel driver in Samsung Exynos Mobile Processor 9820, 980, 2100, 2200, 1280, and 1380. An integer overflow can bypass detection of error cases via a crafted application.π Read
via "National Vulnerability Database".
βΌ CVE-2023-40834 βΌ
π Read
via "National Vulnerability Database".
OpenCart v4.0.2.2 is vulnerable to Brute Force Attack.π Read
via "National Vulnerability Database".
π¦Ώ Check Point: Hackers Dropping Physical USB Drives at Watering Holes π¦Ώ
π Read
via "Tech Republic".
Check Point's Global CISO discusses the firm's 2023 threat intelligence, including new AI malice and threat actors spreading malware by dropping flash drives.π Read
via "Tech Republic".
TechRepublic
Check Point: Hackers Are Dropping USB Drives at Watering Holes
Check Point's CISO discusses 2023 threat intelligence, including AI malice and threat actors spreading malware by dropping flash drives.
π΄ Millions of Facebook Business Accounts Bitten by Python Malware π΄
π Read
via "Dark Reading".
The "MrTonyScam" has a surprisingly high success rate, spreading a Python-based stealer to some 100,000 business accounts per week.π Read
via "Dark Reading".
Dark Reading
Millions of Facebook Business Accounts Bitten by Python Malware
The "MrTonyScam" has a surprisingly high success rate, spreading a Python-based stealer to some 100,000 business accounts per week.
π΄ ChatGPT Jailbreaking Forums Proliferate in Dark Web Communities π΄
π Read
via "Dark Reading".
By code or by command, cybercriminals are circumventing ethical and safety restrictions to use generative AI chatbots in the way that they want.π Read
via "Dark Reading".
Dark Reading
ChatGPT Jailbreaking Forums Proliferate in Dark Web Communities
By code or by command, cybercriminals are circumventing ethical and safety restrictions to use generative AI chatbots in the way that they want.
βΌ CVE-2023-36739 βΌ
π Read
via "National Vulnerability Database".
3D Viewer Remote Code Execution Vulnerabilityπ Read
via "National Vulnerability Database".
βΌ CVE-2023-36763 βΌ
π Read
via "National Vulnerability Database".
Microsoft Outlook Information Disclosure Vulnerabilityπ Read
via "National Vulnerability Database".
βΌ CVE-2023-36764 βΌ
π Read
via "National Vulnerability Database".
Microsoft SharePoint Server Elevation of Privilege Vulnerabilityπ Read
via "National Vulnerability Database".
βΌ CVE-2023-38141 βΌ
π Read
via "National Vulnerability Database".
Windows Kernel Elevation of Privilege Vulnerabilityπ Read
via "National Vulnerability Database".
βΌ CVE-2023-36757 βΌ
π Read
via "National Vulnerability Database".
Microsoft Exchange Server Spoofing Vulnerabilityπ Read
via "National Vulnerability Database".
βΌ CVE-2023-36771 βΌ
π Read
via "National Vulnerability Database".
3D Builder Remote Code Execution Vulnerabilityπ Read
via "National Vulnerability Database".