βΌ CVE-2023-3935 βΌ
π Read
via "National Vulnerability Database".
A heap buffer overflow vulnerability in Wibu CodeMeter Runtime network service up to version 7.60b allows an unauthenticated, remote attacker to achieve RCE and gain full access of the host system.π Read
via "National Vulnerability Database".
βΌ CVE-2023-4701 βΌ
π Read
via "National Vulnerability Database".
A Improper Privilege Management vulnerability through an incorrect use of privileged APIs in CodeMeter Runtime versions prior to 7.60c allow a local, low privileged attacker to use an API call for escalation of privileges in order gain full admin access on the host system.π Read
via "National Vulnerability Database".
βΌ CVE-2023-38214 βΌ
π Read
via "National Vulnerability Database".
Adobe Experience Manager versions 6.5.17 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.π Read
via "National Vulnerability Database".
βΌ CVE-2023-39915 βΌ
π Read
via "National Vulnerability Database".
NLnet LabsΓ’β¬β’ Routinator up to and including version 0.12.1 may crash when trying to parse certain malformed RPKI objects. This is due to insufficient input checking in the bcder library covered by CVE-2023-39914.π Read
via "National Vulnerability Database".
βΌ CVE-2023-39916 βΌ
π Read
via "National Vulnerability Database".
NLnet LabsΓ’β¬β’ Routinator 0.9.0 up to and including 0.12.1 contains a possible path traversal vulnerability in the optional, off-by-default keep-rrdp-responses feature that allows users to store the content of responses received for RRDP requests. The location of these stored responses is constructed from the URL of the request. Due to insufficient sanitation of the URL, it is possible for an attacker to craft a URL that results in the response being stored outside of the directory specified for it.π Read
via "National Vulnerability Database".
βΌ CVE-2023-38215 βΌ
π Read
via "National Vulnerability Database".
Adobe Experience Manager versions 6.5.17 and earlier are affected by a reflected Cross-Site Scripting (XSS) vulnerability. If a low-privileged attacker is able to convince a victim to visit a URL referencing a vulnerable page, malicious JavaScript content may be executed within the context of the victim's browser.π Read
via "National Vulnerability Database".
βΌ CVE-2023-39914 βΌ
π Read
via "National Vulnerability Database".
NLnet LabsΓ’β¬β’ bcder library up to and including version 0.7.2 panics while decoding certain invalid input data rather than rejecting the data with an error. This can affect both the actual decoding stage as well as accessing content of types that utilized delayed decoding.π Read
via "National Vulnerability Database".
π΄ A 2-Week Prescription for Eliminating Supply Chain Threats π΄
π Read
via "Dark Reading".
Giving users time to detect and then update hijacked packages can help developers avoid using malicious code in software development.π Read
via "Dark Reading".
Dark Reading
A 2-Week Prescription for Eliminating Supply Chain Threats
Giving users time to detect and then update hijacked packages can help developers avoid using malicious code in software development.
π΄ When LockBit Ransomware Fails, Attackers Deploy Brand-New '3AM' π΄
π Read
via "Dark Reading".
Nothing good happens after 2 a.m., they say, especially when hackers have two kinds of ransomware at their disposal.π Read
via "Dark Reading".
Dark Reading
When LockBit Ransomware Fails, Attackers Deploy Brand-New '3AM'
Nothing good happens after 2 a.m., they say, especially when hackers have two kinds of ransomware at their disposal.
βΌ CVE-2023-3280 βΌ
π Read
via "National Vulnerability Database".
A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local user to disable the agent.π Read
via "National Vulnerability Database".
βΌ CVE-2023-4785 βΌ
π Read
via "National Vulnerability Database".
Lack of error handling in the TCP server in Google's gRPC starting version 1.23 on posix-compatible platforms (ex. Linux) allows an attacker to cause a denial of service by initiating a significant number of connections with the server. Note that gRPC C++ Python, and Ruby are affected, but gRPC Java, and Go are NOT affected.Γ π Read
via "National Vulnerability Database".
βΌ CVE-2023-20135 βΌ
π Read
via "National Vulnerability Database".
A vulnerability in Cisco IOS XR Software image verification checks could allow an authenticated, local attacker to execute arbitrary code on the underlying operating system. This vulnerability is due to a time-of-check, time-of-use (TOCTOU) race condition when an install query regarding an ISO image is performed during an install operation that uses an ISO image. An attacker could exploit this vulnerability by modifying an ISO image and then carrying out install requests in parallel. A successful exploit could allow the attacker to execute arbitrary code on an affected device.π Read
via "National Vulnerability Database".
βΌ CVE-2023-3255 βΌ
π Read
via "National Vulnerability Database".
A flaw was found in the QEMU built-in VNC server while processing ClientCutText messages. A wrong exit condition may lead to an infinite loop when inflating an attacker controlled zlib buffer in the `inflate_buffer` function. This could allow a remote authenticated client who is able to send a clipboard to the VNC server to trigger a denial of service.π Read
via "National Vulnerability Database".
βΌ CVE-2023-4801 βΌ
π Read
via "National Vulnerability Database".
An improper certification validation vulnerability in the Insider Threat Management (ITM) Agent for MacOS could be used by an anonymous actor on an adjacent network to establish a man-in-the-middle position between the agent and the ITM server after the agent has registered. All versions prior to 7.14.3.69 are affected. Agents for Windows, Linux, and Cloud are unaffected.π Read
via "National Vulnerability Database".
βΌ CVE-2023-20191 βΌ
π Read
via "National Vulnerability Database".
A vulnerability in the access control list (ACL) processing on MPLS interfaces in the ingress direction of Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass a configured ACL. This vulnerability is due to incomplete support for this feature. An attacker could exploit this vulnerability by attempting to send traffic through an affected device. A successful exploit could allow the attacker to bypass an ACL on the affected device. There are workarounds that address this vulnerability. This advisory is part of the September 2023 release of the Cisco IOS XR Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: September 2023 Semiannual Cisco IOS XR Software Security Advisory Bundled Publication .π Read
via "National Vulnerability Database".
βΌ CVE-2023-20236 βΌ
π Read
via "National Vulnerability Database".
A vulnerability in the iPXE boot function of Cisco IOS XR software could allow an authenticated, local attacker to install an unverified software image on an affected device. This vulnerability is due to insufficient image verification. An attacker could exploit this vulnerability by manipulating the boot parameters for image verification during the iPXE boot process on an affected device. A successful exploit could allow the attacker to boot an unverified software image on the affected device.π Read
via "National Vulnerability Database".
βΌ CVE-2023-3301 βΌ
π Read
via "National Vulnerability Database".
A flaw was found in QEMU. The async nature of hot-unplug enables a race scenario where the net device backend is cleared before the virtio-net pci frontend has been unplugged. A malicious guest could use this time window to trigger an assertion and cause a denial of service.π Read
via "National Vulnerability Database".
βΌ CVE-2023-20190 βΌ
π Read
via "National Vulnerability Database".
A vulnerability in the classic access control list (ACL) compression feature of Cisco IOS XR Software could allow an unauthenticated, remote attacker to bypass the protection that is offered by a configured ACL on an affected device. This vulnerability is due to incorrect destination address range encoding in the compression module of an ACL that is applied to an interface of an affected device. An attacker could exploit this vulnerability by sending traffic through the affected device that should be denied by the configured ACL. A successful exploit could allow the attacker to bypass configured ACL protections on the affected device, allowing the attacker to access trusted networks that the device might be protecting. There are workarounds that address this vulnerability. This advisory is part of the September 2023 release of the Cisco IOS XR Software Security Advisory Bundled Publication. For a complete list of the advisories and links to them, see Cisco Event Response: September 2023 Semiannual Cisco IOS XR Software Security Advisory Bundled Publication .π Read
via "National Vulnerability Database".
βΌ CVE-2023-4828 βΌ
π Read
via "National Vulnerability Database".
An improper check for an exceptional condition in the Insider Threat Management (ITM) Server could be used by an attacker to change the configuration of any already-registered agent so that all future agent communications are sent to an attacker-chosen URL. An attacker must first successfully obtain valid agent credentials and target agent hostname. All versions prior to 7.14.3.69 are affected.π Read
via "National Vulnerability Database".
βΌ CVE-2023-4802 βΌ
π Read
via "National Vulnerability Database".
A reflected cross-site scripting vulnerability in the UpdateInstalledSoftware endpoint of the Insider Threat Management (ITM) Server's web console could be used by an authenticated administrator to run arbitrary javascript within another web console administrator's browser. All versions prior to 7.14.3.69 are affected.π Read
via "National Vulnerability Database".
π1
βΌ CVE-2023-4803 βΌ
π Read
via "National Vulnerability Database".
A reflected cross-site scripting vulnerability in the WriteWindowTitle endpoint of the Insider Threat Management (ITM) Server's web console could be used by an authenticated administrator to run arbitrary javascript within another web console administrator's browser. All versions prior to 7.14.3.69 are affected.π Read
via "National Vulnerability Database".