βΌ CVE-2023-4902 βΌ
π Read
via "National Vulnerability Database".
Inappropriate implementation in Input in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to spoof security UI via a crafted HTML page. (Chromium security severity: Medium)π Read
via "National Vulnerability Database".
βΌ CVE-2023-4906 βΌ
π Read
via "National Vulnerability Database".
Insufficient policy enforcement in Autofill in Google Chrome prior to 117.0.5938.62 allowed a remote attacker to bypass Autofill restrictions via a crafted HTML page. (Chromium security severity: Low)π Read
via "National Vulnerability Database".
π΄ Microsoft Patches a Pair of Actively Exploited Zero-Days π΄
π Read
via "Dark Reading".
Five critical bugs, zero-days exploited in the wild, Exchange Server, and more headline Microsoft's September 2023 Patch Tuesday release. Here's what to patch now.π Read
via "Dark Reading".
Dark Reading
Microsoft Patches a Pair of Actively Exploited Zero-Days
Five critical bugs, zero-days exploited in the wild, Exchange Server, and more headline Microsoft's September 2023 Patch Tuesday release. Here's what to patch now.
βοΈ Adobe, Apple, Google & Microsoft Patch 0-Day Bugs βοΈ
π Read
via "Krebs on Security".
Microsoft today issued software updates to fix at least five dozen security holes in Windows and supported software, including patches for two zero-day vulnerabilities that are already being exploited. Also, Adobe, Google Chrome and Apple iOS users may have their own zero-day patching to do.π Read
via "Krebs on Security".
Krebs on Security
Adobe, Apple, Google & Microsoft Patch 0-Day Bugs
Microsoft today issued software updates to fix at least five dozen security holes in Windows and supported software, including patches for two zero-day vulnerabilities that are already being exploited. Also, Adobe, Google Chrome and Apple iOS users may haveβ¦
βΌ CVE-2023-4813 βΌ
π Read
via "National Vulnerability Database".
A flaw was found in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with SUCCESS=continue or SUCCESS=merge.π Read
via "National Vulnerability Database".
β€1
βΌ CVE-2023-41423 βΌ
π Read
via "National Vulnerability Database".
Cross Site Scripting vulnerability in WP Githuber MD plugin v.1.16.2 allows a remote attacker to execute arbitrary code via a crafted payload to the new article function.π Read
via "National Vulnerability Database".
βΌ CVE-2023-39073 βΌ
π Read
via "National Vulnerability Database".
An issue in SNMP Web Pro v.1.1 allows a remote attacker to execute arbitrary code and obtain senstive information via a crafted request.π Read
via "National Vulnerability Database".
βΌ CVE-2022-47637 βΌ
π Read
via "National Vulnerability Database".
The installer in XAMPP through 8.1.12 allows local users to write to the C:\xampp directory. Common use cases execute files under C:\xampp with administrative privileges.π Read
via "National Vulnerability Database".
π1
βΌ CVE-2023-29305 βΌ
π Read
via "National Vulnerability Database".
Adobe Connect versions 12.3 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.π Read
via "National Vulnerability Database".
π1
βΌ CVE-2023-29306 βΌ
π Read
via "National Vulnerability Database".
Adobe Connect versions 12.3 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If an attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.π Read
via "National Vulnerability Database".
βΌ CVE-2023-4039 βΌ
π Read
via "National Vulnerability Database".
A failure in the -fstack-protector feature in GCC-based toolchains that target AArch64 allows an attacker to exploit an existing buffer overflow in dynamically-sized local variables in your application without this being detected. This stack-protector failure only applies to C99-style dynamically-sized local variables or those created using alloca(). The stack-protector operates as intended for statically-sized local variables.The default behavior when the stack-protector detects an overflow is to terminate your application, resulting in controlled loss of availability. An attacker who can exploit a buffer overflow without triggering the stack-protector might be able to change program flow control to cause an uncontrolled loss of availability or to go further and affect confidentiality or integrity.π Read
via "National Vulnerability Database".
βΌ CVE-2023-4400 βΌ
π Read
via "National Vulnerability Database".
A password management vulnerability in Skyhigh Secure Web Gateway (SWG) in main releases 11.x prior to 11.2.14, 10.x prior to 10.2.25 and controlled release 12.x prior to 12.2.1, allows some authentication information stored in configuration files to be extracted through SWG REST API. This was possible due to SWG storing the password in plain text in some configuration files.π Read
via "National Vulnerability Database".
βΌ CVE-2023-26369 βΌ
π Read
via "National Vulnerability Database".
Acrobat Reader versions 23.003.20284 (and earlier), 20.005.30516 (and earlier) and 20.005.30514 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.π Read
via "National Vulnerability Database".
βΌ CVE-2023-41081 βΌ
π Read
via "National Vulnerability Database".
The mod_jk component of Apache Tomcat ConnectorsΓ in some circumstances, such as when a configuration includedΓ "JkOptions +ForwardDirectories" but the configuration did not provide explicit mounts for all possible proxied requests, mod_jk would use an implicit mapping and map the request to the first defined worker.Γ Such an implicit mapping could result in the unintended exposure of theΓ status worker and/or bypass security constraints configured in httpd. AsΓ of JK 1.2.49, the implicit mapping functionality has been removed and allΓ mappings must now be via explicit configuration.Γ Only mod_jk is affectedΓ by this issue. The ISAPI redirector is not affected.This issue affects Apache Tomcat Connectors (mod_jk only): from 1.2.0 through 1.2.48.Users are recommended to upgrade to version 1.2.49, which fixes the issue.π Read
via "National Vulnerability Database".
π΄ Recent Rhysida Attacks Show Focus on Healthcare By Ransomware Actors π΄
π Read
via "Dark Reading".
The operators of the Rhysida ransomware-as-a-service have claimed credit for a crippling attack on Mississippi's Singing River health system.π Read
via "Dark Reading".
Dark Reading
Recent Rhysida Attacks Show Focus on Healthcare by Ransomware Actors
The operators of the Rhysida ransomware-as-a-service have claimed credit for a crippling attack on Mississippi's Singing River health system.
βΌ CVE-2023-36551 βΌ
π Read
via "National Vulnerability Database".
A exposure of sensitive information to an unauthorized actor in Fortinet FortiSIEM version 6.7.0 through 6.7.5 allows attacker to information disclosure via a crafted http request.π Read
via "National Vulnerability Database".
βΌ CVE-2023-27998 βΌ
π Read
via "National Vulnerability Database".
A lack of custom error pages vulnerability [CWE-756] in FortiPresence versions 1.2.0 through 1.2.1 and all versions of 1.1 and 1.0 may allow an unauthenticated attacker with the ability to navigate to the login GUI to gain sensitive information via navigating to specific HTTP(s) paths.π Read
via "National Vulnerability Database".
βΌ CVE-2023-40715 βΌ
π Read
via "National Vulnerability Database".
A cleartext storage of sensitive information vulnerability [CWE-312] inΓ FortiTesterΓ 2.3.0 through 7.2.3 may allowΓ an attacker with access to the DB contents to retrieve the plaintext password of external servers configured in the device.π Read
via "National Vulnerability Database".
βΌ CVE-2023-40717 βΌ
π Read
via "National Vulnerability Database".
A use of hard-coded credentials vulnerability [CWE-798] inΓ FortiTesterΓ 2.3.0 through 7.2.3 may allow an attacker who managed to get a shell on the device to access the database via shell commands.π Read
via "National Vulnerability Database".
βΌ CVE-2023-34984 βΌ
π Read
via "National Vulnerability Database".
A protection mechanism failure in Fortinet FortiWeb 7.2.0 through 7.2.1, 7.0.0 through 7.0.6, 6.4.0 through 6.4.3, 6.3.6 through 6.3.23 allows attacker to execute unauthorized code or commands via specially crafted HTTP requests.π Read
via "National Vulnerability Database".
βΌ CVE-2023-36638 βΌ
π Read
via "National Vulnerability Database".
An improper privilege management vulnerability [CWE-269] in FortiManager 7.2.0 through 7.2.2, 7.0.0 through 7.0.7, 6.4.0 through 6.4.11, 6.2 all versions, 6.0 all versions and FortiAnalyzer 7.2.0 through 7.2.2, 7.0.0 through 7.0.7, 6.4.0 through 6.4.11, 6.2 all versions, 6.0 all versions API may allow a remote and authenticated API admin user to access some system settings such as the mail server settings through the API via a stolen GUI session ID.π Read
via "National Vulnerability Database".