βΌ CVE-2023-4400 βΌ
π Read
via "National Vulnerability Database".
A password management vulnerability in Skyhigh Secure Web Gateway (SWG) in main releases 11.x prior to 11.2.14, 10.x prior to 10.2.25 and controlled release 12.x prior to 12.2.1, allows some authentication information stored in configuration files to be extracted through SWG REST API. This was possible due to SWG storing the password in plain text in some configuration files.π Read
via "National Vulnerability Database".
βΌ CVE-2023-26369 βΌ
π Read
via "National Vulnerability Database".
Acrobat Reader versions 23.003.20284 (and earlier), 20.005.30516 (and earlier) and 20.005.30514 (and earlier) are affected by an out-of-bounds write vulnerability that could result in arbitrary code execution in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open a malicious file.π Read
via "National Vulnerability Database".
βΌ CVE-2023-41081 βΌ
π Read
via "National Vulnerability Database".
The mod_jk component of Apache Tomcat ConnectorsΓ in some circumstances, such as when a configuration includedΓ "JkOptions +ForwardDirectories" but the configuration did not provide explicit mounts for all possible proxied requests, mod_jk would use an implicit mapping and map the request to the first defined worker.Γ Such an implicit mapping could result in the unintended exposure of theΓ status worker and/or bypass security constraints configured in httpd. AsΓ of JK 1.2.49, the implicit mapping functionality has been removed and allΓ mappings must now be via explicit configuration.Γ Only mod_jk is affectedΓ by this issue. The ISAPI redirector is not affected.This issue affects Apache Tomcat Connectors (mod_jk only): from 1.2.0 through 1.2.48.Users are recommended to upgrade to version 1.2.49, which fixes the issue.π Read
via "National Vulnerability Database".
π΄ Recent Rhysida Attacks Show Focus on Healthcare By Ransomware Actors π΄
π Read
via "Dark Reading".
The operators of the Rhysida ransomware-as-a-service have claimed credit for a crippling attack on Mississippi's Singing River health system.π Read
via "Dark Reading".
Dark Reading
Recent Rhysida Attacks Show Focus on Healthcare by Ransomware Actors
The operators of the Rhysida ransomware-as-a-service have claimed credit for a crippling attack on Mississippi's Singing River health system.
βΌ CVE-2023-36551 βΌ
π Read
via "National Vulnerability Database".
A exposure of sensitive information to an unauthorized actor in Fortinet FortiSIEM version 6.7.0 through 6.7.5 allows attacker to information disclosure via a crafted http request.π Read
via "National Vulnerability Database".
βΌ CVE-2023-27998 βΌ
π Read
via "National Vulnerability Database".
A lack of custom error pages vulnerability [CWE-756] in FortiPresence versions 1.2.0 through 1.2.1 and all versions of 1.1 and 1.0 may allow an unauthenticated attacker with the ability to navigate to the login GUI to gain sensitive information via navigating to specific HTTP(s) paths.π Read
via "National Vulnerability Database".
βΌ CVE-2023-40715 βΌ
π Read
via "National Vulnerability Database".
A cleartext storage of sensitive information vulnerability [CWE-312] inΓ FortiTesterΓ 2.3.0 through 7.2.3 may allowΓ an attacker with access to the DB contents to retrieve the plaintext password of external servers configured in the device.π Read
via "National Vulnerability Database".
βΌ CVE-2023-40717 βΌ
π Read
via "National Vulnerability Database".
A use of hard-coded credentials vulnerability [CWE-798] inΓ FortiTesterΓ 2.3.0 through 7.2.3 may allow an attacker who managed to get a shell on the device to access the database via shell commands.π Read
via "National Vulnerability Database".
βΌ CVE-2023-34984 βΌ
π Read
via "National Vulnerability Database".
A protection mechanism failure in Fortinet FortiWeb 7.2.0 through 7.2.1, 7.0.0 through 7.0.6, 6.4.0 through 6.4.3, 6.3.6 through 6.3.23 allows attacker to execute unauthorized code or commands via specially crafted HTTP requests.π Read
via "National Vulnerability Database".
βΌ CVE-2023-36638 βΌ
π Read
via "National Vulnerability Database".
An improper privilege management vulnerability [CWE-269] in FortiManager 7.2.0 through 7.2.2, 7.0.0 through 7.0.7, 6.4.0 through 6.4.11, 6.2 all versions, 6.0 all versions and FortiAnalyzer 7.2.0 through 7.2.2, 7.0.0 through 7.0.7, 6.4.0 through 6.4.11, 6.2 all versions, 6.0 all versions API may allow a remote and authenticated API admin user to access some system settings such as the mail server settings through the API via a stolen GUI session ID.π Read
via "National Vulnerability Database".
βΌ CVE-2023-25608 βΌ
π Read
via "National Vulnerability Database".
An incomplete filtering of one or more instances of special elements vulnerability [CWE-792] in the command line interpreter of FortiAP-W2 7.2.0 through 7.2.1, 7.0.3 through 7.0.5, 7.0.0 through 7.0.1, 6.4 all versions, 6.2 all versions, 6.0 all versions; FortiAP-C 5.4.0 through 5.4.4, 5.2 all versions; FortiAP 7.2.0 through 7.2.1, 7.0.0 through 7.0.5, 6.4 all versions, 6.0 all versions; FortiAP-U 7.0.0, 6.2.0 through 6.2.5, 6.0 all versions, 5.4 all versions may allow an authenticated attacker to read arbitrary files via specially crafted command arguments.π Read
via "National Vulnerability Database".
βΌ CVE-2023-29183 βΌ
π Read
via "National Vulnerability Database".
An improper neutralization of input during web page generation ('Cross-site Scripting') vulnerability [CWE-79] in FortiProxy 7.2.0 through 7.2.4, 7.0.0 through 7.0.10 and FortiOS 7.2.0 through 7.2.4, 7.0.0 through 7.0.11, 6.4.0 through 6.4.12, 6.2.0 through 6.2.14 GUI may allow an authenticated attacker to trigger malicious JavaScript code execution via crafted guest management setting.π Read
via "National Vulnerability Database".
βΌ CVE-2021-44172 βΌ
π Read
via "National Vulnerability Database".
An exposure of sensitive information to an unauthorized actor vulnerability [CWE-200] in FortiClientEMS versions 7.0.0 through 7.0.4, 7.0.6 through 7.0.7, in all 6.4 and 6.2 version management interface may allow an unauthenticated attacker to gain information on environment variables such as the EMS installation path.π Read
via "National Vulnerability Database".
βΌ CVE-2023-36634 βΌ
π Read
via "National Vulnerability Database".
An incomplete filtering of one or more instances of special elements vulnerability [CWE-792] in the command line interpreter of FortiAP-U 7.0.0, 6.2.0 through 6.2.5, 6.0 all versions, 5.4 all versions may allow an authenticated attacker to list and delete arbitrary files and directory via specially crafted command arguments.π Read
via "National Vulnerability Database".
βΌ CVE-2023-36642 βΌ
π Read
via "National Vulnerability Database".
An improper neutralization of special elements used in an OS command vulnerability [CWE-78]Γ in the management interface of FortiTester 3.0.0 through 7.2.3 may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments to existing commands.π Read
via "National Vulnerability Database".
βΌ CVE-2022-35849 βΌ
π Read
via "National Vulnerability Database".
An improper neutralization of special elements used in an OS command vulnerability [CWE-78]Γ in the management interface of FortiADC 7.1.0 through 7.1.1, 7.0.0 through 7.0.3, 6.2.0 through 6.2.5 and 6.1.0 all versions may allow an authenticated attacker to execute unauthorized commands via specifically crafted arguments to existing commands.π Read
via "National Vulnerability Database".
π¦Ώ IBM, Salesforce and More Pledge to White House List of Eight AI Safety Assurances π¦Ώ
π Read
via "Tech Republic".
Assurances include watermarking, reporting about capabilities and risks, investing in safeguards to prevent bias and more. π Read
via "Tech Republic".
TechRepublic
IBM, Salesforce Pledge to White House List of Eight AI Safety Assurances
Assurances include watermarking, reporting about capabilities and risks and investing in safeguards to prevent bias.
π Zeek 6.0.1 π
π Read
via "Packet Storm Security".
Zeek is a powerful network analysis framework that is much different from the typical IDS you may know. While focusing on network security monitoring, Zeek provides a comprehensive platform for more general network traffic analysis as well. Well grounded in more than 15 years of research, Zeek has successfully bridged the traditional gap between academia and operations since its inception. Today, it is relied upon operationally in particular by many scientific environments for securing their cyber-infrastructure. Zeek's user community includes major universities, research labs, supercomputing centers, and open-science communities. This is the source code release.π Read
via "Packet Storm Security".
Packetstormsecurity
Zeek 6.0.1 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
βΌ CVE-2023-3935 βΌ
π Read
via "National Vulnerability Database".
A heap buffer overflow vulnerability in Wibu CodeMeter Runtime network service up to version 7.60b allows an unauthenticated, remote attacker to achieve RCE and gain full access of the host system.π Read
via "National Vulnerability Database".
βΌ CVE-2023-4701 βΌ
π Read
via "National Vulnerability Database".
A Improper Privilege Management vulnerability through an incorrect use of privileged APIs in CodeMeter Runtime versions prior to 7.60c allow a local, low privileged attacker to use an API call for escalation of privileges in order gain full admin access on the host system.π Read
via "National Vulnerability Database".
βΌ CVE-2023-38214 βΌ
π Read
via "National Vulnerability Database".
Adobe Experience Manager versions 6.5.17 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.π Read
via "National Vulnerability Database".