βΌ CVE-2022-47554 βΌ
π Read
via "National Vulnerability Database".
** UNSUPPPORTED WHEN ASSIGNED ** Exposure of sensitive information in ekorCCP and ekorRCI, potentially allowing a remote attacker to obtain critical information from various .xml files, including .xml files containing credentials, without being authenticated within the web server.π Read
via "National Vulnerability Database".
βΌ CVE-2022-47553 βΌ
π Read
via "National Vulnerability Database".
** UNSUPPPORTED WHEN ASSIGNED ** Incorrect authorisation in ekorCCP and ekorRCI, which could allow a remote attacker to obtain resources with sensitive information for the organisation, without being authenticated within the web server.π Read
via "National Vulnerability Database".
βΌ CVE-2023-23957 βΌ
π Read
via "National Vulnerability Database".
An authenticated user can see and modify the value for Γ’β¬ΛnextΓ’β¬β’ query parameter in Symantec Identity Portal 14.4π Read
via "National Vulnerability Database".
βΌ CVE-2022-47555 βΌ
π Read
via "National Vulnerability Database".
** UNSUPPPORTED WHEN ASSIGNED ** Operating system command injection in ekorCCP and ekorRCI, which could allow an authenticated attacker to execute commands, create new users with elevated privileges or set up a backdoor.π Read
via "National Vulnerability Database".
βΌ CVE-2023-4092 βΌ
π Read
via "National Vulnerability Database".
SQL injection vulnerability in Arconte ΓοΏ½urea, in its 1.5.0.0 version. The exploitation of this vulnerability could allow an attacker to read sensitive data from the database, modify data (insert/update/delete), perform database administration operations and, in some cases, execute commands on the operating system.π Read
via "National Vulnerability Database".
βΌ CVE-2022-47558 βΌ
π Read
via "National Vulnerability Database".
** UNSUPPPORTED WHEN ASSIGNED ** Devices ekorCCP and ekorRCI are vulnerable due to access to the FTP service using default credentials. Exploitation of this vulnerability can allow an attacker to modify critical files that could allow the creation of new users, delete or modify existing users, modify configuration files, install rootkits or backdoors.π Read
via "National Vulnerability Database".
βΌ CVE-2022-47556 βΌ
π Read
via "National Vulnerability Database".
** UNSUPPPORTED WHEN ASSIGNED ** Uncontrolled resource consumption in ekorRCI, allowing an attacker with low-privileged access to the web server to send continuous legitimate web requests to a functionality that is not properly validated, in order to cause a denial of service (DoS) on the device.π Read
via "National Vulnerability Database".
βΌ CVE-2023-41834 βΌ
π Read
via "National Vulnerability Database".
Improper Neutralization of CRLF Sequences in HTTP Headers in Apache Flink Stateful Functions 3.1.0, 3.1.1 and 3.2.0 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via crafted HTTP requests.Γ Attackers could potentially inject malicious content into the HTTP response that is sent to the user's browser. Users should upgrade to Apache Flink Stateful Functions version 3.3.0.π Read
via "National Vulnerability Database".
π΄ CapraRAT Impersonates YouTube to Hijack Android Devices π΄
π Read
via "Dark Reading".
Pakistani threat group Transparent Tribe targets military and diplomatic personnel in India and Pakistan with romance-themed lures in the latest spyware campaign.π Read
via "Dark Reading".
Dark Reading
CapraRAT Impersonates YouTube to Hijack Android Devices
Pakistani threat group Transparent Tribe targets military and diplomatic personnel in India and Pakistan with romance-themed lures in the latest spyware campaign.
π’ Novel China-linked Linux backdoor exploits organizations that fail to patch old vulnerabilities π’
π Read
via "ITPro".
The threat should serve as a βwake-up callβ for organizations running Linux, an expert has said π Read
via "ITPro".
ITPro
Novel China-linked Linux backdoor exploits organizations that fail to patch old vulnerabilities
The threat should serve as a βwake-up callβ for organizations running Linux, an expert has said
π TOR Virtual Network Tunneling Tool 0.4.8.6 π
π Read
via "Packet Storm Security".
Tor is a network of virtual tunnels that allows people and groups to improve their privacy and security on the Internet. It also enables software developers to create new communication tools with built-in privacy features. It provides the foundation for a range of applications that allow organizations and individuals to share information over public networks without compromising their privacy. Individuals can use it to keep remote Websites from tracking them and their family members. They can also use it to connect to resources such as news sites or instant messaging services that are blocked by their local Internet service providers (ISPs). This is the source code release.π Read
via "Packet Storm Security".
Packetstormsecurity
TOR Virtual Network Tunneling Tool 0.4.8.6 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
π΄ Clorox Sees Product Shortages Amid Cyberattack Cleanup π΄
π Read
via "Dark Reading".
Everyone's favorite pandemic-era brand is experiencing store shortages in the wake of a cyberattack that impacted its global production lines β and there's no timeline for normal operations to resume.π Read
via "Dark Reading".
Dark Reading
Clorox Sees Product Shortages Amid Cyberattack Cleanup
Everyone's favorite pandemic-era brand is experiencing store shortages in the wake of a cyberattack that impacted its global production lines β and there's no timeline for normal operations to resume.
βΌ CVE-2023-42447 βΌ
π Read
via "National Vulnerability Database".
blurhash-rs is a pure Rust implementation of Blurhash, software for encoding images into ASCII strings that can be turned into a gradient of colors representing the original image. In version 0.1.1, the blurhash parsing code may panic due to multiple panic-guarded out-of-bounds accesses on untrusted input. In a typical deployment, this may get triggered by feeding a maliciously crafted blurhashes over the network. These may include UTF-8 compliant strings containing multi-byte UTF-8 characters. A patch is available in version 0.2.0, which requires user intervention because of slight API churn. No known workarounds are available.π Read
via "National Vulnerability Database".
βΌ CVE-2023-4093 βΌ
π Read
via "National Vulnerability Database".
Reflected and persistent XSS vulnerability in Arconte ΓοΏ½urea, in its 1.5.0.0 version. The exploitation of this vulnerability could allow an attacker to inject malicious JavaScript code, compromise the victim's browser and take control of it, redirect the user to malicious domains or access information being viewed by the legitimate user.π Read
via "National Vulnerability Database".
βΌ CVE-2023-4096 βΌ
π Read
via "National Vulnerability Database".
Weak password recovery mechanism vulnerability in Fujitsu Arconte ΓοΏ½urea version 1.5.0.0,Γ which exploitation could allow an attacker to perform a brute force attack on the emailed PIN number in order to change the password of a legitimate user.π Read
via "National Vulnerability Database".
βΌ CVE-2023-42444 βΌ
π Read
via "National Vulnerability Database".
phonenumber is a library for parsing, formatting and validating international phone numbers. Prior to versions `0.3.3+8.13.9` and `0.2.5+8.11.3`, the phonenumber parsing code may panic due to a panic-guarded out-of-bounds access on the phonenumber string. In a typical deployment of `rust-phonenumber`, this may get triggered by feeding a maliciously crafted phonenumber over the network, specifically the string `.;phone-context=`. Versions `0.3.3+8.13.9` and `0.2.5+8.11.3` contain a patch for this issue. There are no known workarounds.π Read
via "National Vulnerability Database".
βΌ CVE-2023-31808 βΌ
π Read
via "National Vulnerability Database".
Technicolor TG670 10.5.N.9 devices contain multiple accounts with hard-coded passwords. One account has administrative privileges, allowing for unrestricted access over the WAN interface if Remote Administration is enabled.π Read
via "National Vulnerability Database".
βΌ CVE-2023-41890 βΌ
π Read
via "National Vulnerability Database".
Sustainsys.Saml2 library adds SAML2P support to ASP.NET web sites, allowing the web site to act as a SAML2 Service Provider. Prior to versions 1.0.3 and 2.9.2, when a response is processed, the issuer of the Identity Provider is not sufficiently validated. This could allow a malicious identity provider to craft a Saml2 response that is processed as if issued by another identity provider. It is also possible for a malicious end user to cause stored state intended for one identity provider to be used when processing the response from another provider. An application is impacted if they rely on any of these features in their authentication/authorization logic: the issuer of the generated identity and claims; or items in the stored request state (AuthenticationProperties). This issue is patched in versions 2.9.2 and 1.0.3. The `AcsCommandResultCreated` notification can be used to add the validation required if an upgrade to patched packages is not possible.π Read
via "National Vulnerability Database".
βΌ CVE-2023-4094 βΌ
π Read
via "National Vulnerability Database".
ARCONTE Aurea's authentication system, in its 1.5.0.0 version, could allow an attacker to make incorrect access requests in order to block each legitimate account and cause a denial of service. In addition, a resource has been identified that could allow circumventing the attempt limit set in the login form.π Read
via "National Vulnerability Database".
βΌ CVE-2022-47559 βΌ
π Read
via "National Vulnerability Database".
** UNSUPPPORTED WHEN ASSIGNED ** Lack of device control over web requests in ekorCCP and ekorRCI, allowing an attacker to create customised requests to execute malicious actions when a user is logged in, affecting availability, privacy and integrity.π Read
via "National Vulnerability Database".
βΌ CVE-2023-41179 βΌ
π Read
via "National Vulnerability Database".
A vulnerability in the 3rd party AV uninstaller module contained in Trend Micro Apex One (on-prem and SaaS), Worry-Free Business Security and Worry-Free Business Security Services could allow an attacker to manipulate the module to execute arbitrary commands on an affected installation.Note that an attacker must first obtain administrative console access on the target system in order to exploit this vulnerability.π Read
via "National Vulnerability Database".