βΌ CVE-2023-42447 βΌ
π Read
via "National Vulnerability Database".
blurhash-rs is a pure Rust implementation of Blurhash, software for encoding images into ASCII strings that can be turned into a gradient of colors representing the original image. In version 0.1.1, the blurhash parsing code may panic due to multiple panic-guarded out-of-bounds accesses on untrusted input. In a typical deployment, this may get triggered by feeding a maliciously crafted blurhashes over the network. These may include UTF-8 compliant strings containing multi-byte UTF-8 characters. A patch is available in version 0.2.0, which requires user intervention because of slight API churn. No known workarounds are available.π Read
via "National Vulnerability Database".
βΌ CVE-2023-4093 βΌ
π Read
via "National Vulnerability Database".
Reflected and persistent XSS vulnerability in Arconte ΓοΏ½urea, in its 1.5.0.0 version. The exploitation of this vulnerability could allow an attacker to inject malicious JavaScript code, compromise the victim's browser and take control of it, redirect the user to malicious domains or access information being viewed by the legitimate user.π Read
via "National Vulnerability Database".
βΌ CVE-2023-4096 βΌ
π Read
via "National Vulnerability Database".
Weak password recovery mechanism vulnerability in Fujitsu Arconte ΓοΏ½urea version 1.5.0.0,Γ which exploitation could allow an attacker to perform a brute force attack on the emailed PIN number in order to change the password of a legitimate user.π Read
via "National Vulnerability Database".
βΌ CVE-2023-42444 βΌ
π Read
via "National Vulnerability Database".
phonenumber is a library for parsing, formatting and validating international phone numbers. Prior to versions `0.3.3+8.13.9` and `0.2.5+8.11.3`, the phonenumber parsing code may panic due to a panic-guarded out-of-bounds access on the phonenumber string. In a typical deployment of `rust-phonenumber`, this may get triggered by feeding a maliciously crafted phonenumber over the network, specifically the string `.;phone-context=`. Versions `0.3.3+8.13.9` and `0.2.5+8.11.3` contain a patch for this issue. There are no known workarounds.π Read
via "National Vulnerability Database".
βΌ CVE-2023-31808 βΌ
π Read
via "National Vulnerability Database".
Technicolor TG670 10.5.N.9 devices contain multiple accounts with hard-coded passwords. One account has administrative privileges, allowing for unrestricted access over the WAN interface if Remote Administration is enabled.π Read
via "National Vulnerability Database".
βΌ CVE-2023-41890 βΌ
π Read
via "National Vulnerability Database".
Sustainsys.Saml2 library adds SAML2P support to ASP.NET web sites, allowing the web site to act as a SAML2 Service Provider. Prior to versions 1.0.3 and 2.9.2, when a response is processed, the issuer of the Identity Provider is not sufficiently validated. This could allow a malicious identity provider to craft a Saml2 response that is processed as if issued by another identity provider. It is also possible for a malicious end user to cause stored state intended for one identity provider to be used when processing the response from another provider. An application is impacted if they rely on any of these features in their authentication/authorization logic: the issuer of the generated identity and claims; or items in the stored request state (AuthenticationProperties). This issue is patched in versions 2.9.2 and 1.0.3. The `AcsCommandResultCreated` notification can be used to add the validation required if an upgrade to patched packages is not possible.π Read
via "National Vulnerability Database".
βΌ CVE-2023-4094 βΌ
π Read
via "National Vulnerability Database".
ARCONTE Aurea's authentication system, in its 1.5.0.0 version, could allow an attacker to make incorrect access requests in order to block each legitimate account and cause a denial of service. In addition, a resource has been identified that could allow circumventing the attempt limit set in the login form.π Read
via "National Vulnerability Database".
βΌ CVE-2022-47559 βΌ
π Read
via "National Vulnerability Database".
** UNSUPPPORTED WHEN ASSIGNED ** Lack of device control over web requests in ekorCCP and ekorRCI, allowing an attacker to create customised requests to execute malicious actions when a user is logged in, affecting availability, privacy and integrity.π Read
via "National Vulnerability Database".
βΌ CVE-2023-41179 βΌ
π Read
via "National Vulnerability Database".
A vulnerability in the 3rd party AV uninstaller module contained in Trend Micro Apex One (on-prem and SaaS), Worry-Free Business Security and Worry-Free Business Security Services could allow an attacker to manipulate the module to execute arbitrary commands on an affected installation.Note that an attacker must first obtain administrative console access on the target system in order to exploit this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2023-3892 βΌ
π Read
via "National Vulnerability Database".
Improper Restriction of XML External Entity Reference vulnerability in MIM Assistant and Client DICOM RTst Loading modules allows XML Entity Linking / XML External Entities Blowup.In order to take advantage of this vulnerability, an attacker must craft a malicious XML document, embed this document into specific 3rd party private RTst metadata tags, transfer the now compromised DICOM object to MIM, and force MIM to archive and load the data.Users on either version are strongly encouraged to update to an unaffected version (7.2.11+, 7.3.4+).This issue was found and analyzed by MIM Software's internal security team.Γ We are unaware of any proof of concept or actual exploit available in the wild.For more information, visit https://www.mimsoftware.com/cve-2023-3892 https://www.mimsoftware.com/cve-2023-3892 This issue affects MIM Assistant: 7.2.10, 7.3.3; MIM Client: 7.2.10, 7.3.3.π Read
via "National Vulnerability Database".
π1
βΌ CVE-2023-4095 βΌ
π Read
via "National Vulnerability Database".
User enumeration vulnerability in Arconte ΓοΏ½urea 1.5.0.0 version. The exploitation of this vulnerability could allow an attacker to obtain a list of registered users in the application, obtaining the necessary information to perform more complex attacks on the platform.π Read
via "National Vulnerability Database".
π΄ Name That Toon: Somewhere in Sleepy Hollow π΄
π Read
via "Dark Reading".
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.π Read
via "Dark Reading".
Dark Reading
Name That Toon: Somewhere in Sleepy Hollow
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.
π΄ Qatar Cyber Chiefs Warn on Mozilla RCE Bugs π΄
π Read
via "Dark Reading".
The WebP vulnerability affects multiple browsers besides Firefox and Thunderbird, with active exploitation ongoing.π Read
via "Dark Reading".
Dark Reading
Qatar Cyber Chiefs Warn on Mozilla RCE Bugs
The WebP vulnerability affects multiple browsers besides Firefox and Thunderbird, with active exploitation ongoing.
βΌ CVE-2023-22513 βΌ
π Read
via "National Vulnerability Database".
This High severity RCE (Remote Code Execution) vulnerability was introduced in version 8.0.0 of Bitbucket Data Center and Server. This RCE (Remote Code Execution) vulnerability, with a CVSS Score of 8.5, allows an authenticated attacker to execute arbitrary code which has high impact to confidentiality, high impact to integrity, high impact to availability, and requires no user interaction. Atlassian recommends that Bitbucket Data Center and Server customers upgrade to latest version, if you are unable to do so, upgrade your instance to one of the specified supported fixed versions: Bitbucket Data Center and Server 8.9: Upgrade to a release greater than or equal to 8.9.5 Bitbucket Data Center and Server 8.10: Upgrade to a release greater than or equal to 8.10.5 Bitbucket Data Center and Server 8.11: Upgrade to a release greater than or equal to 8.11.4 Bitbucket Data Center and Server 8.12: Upgrade to a release greater than or equal to 8.12.2 Bitbucket Data Center and Server 8.13: Upgrade to a release greater than or equal to 8.13.1 Bitbucket Data Center and Server 8.14: Upgrade to a release greater than or equal to 8.14.0 Bitbucket Data Center and Server version >= 8.0 and < 8.9: Upgrade to any of the listed fix versions. See the release notes ([https://confluence.atlassian.com/bitbucketserver/release-notes]). You can download the latest version of Bitbucket Data Center and Server from the download center ([https://www.atlassian.com/software/bitbucket/download-archives]). This vulnerability was discovered by a private user and reported via our Bug Bounty programπ Read
via "National Vulnerability Database".
βΌ CVE-2023-42451 βΌ
π Read
via "National Vulnerability Database".
Mastodon is a free, open-source social network server based on ActivityPub. Prior to versions 3.5.14, 4.0.10, 4.1.8, and 4.2.0-rc2, under certain circumstances, attackers can exploit a flaw in domain name normalization to spoof domains they do not own. Versions 3.5.14, 4.0.10, 4.1.8, and 4.2.0-rc2 contain a patch for this issue.π Read
via "National Vulnerability Database".
βΌ CVE-2023-38353 βΌ
π Read
via "National Vulnerability Database".
MiniTool Power Data Recovery 11.5 contains an insecure in-app payment system that allows attackers to steal highly sensitive information through a man in the middle attack.π Read
via "National Vulnerability Database".
βΌ CVE-2023-32182 βΌ
π Read
via "National Vulnerability Database".
A Improper Link Resolution Before File Access ('Link Following') vulnerability in SUSE SUSE Linux Enterprise Desktop 15 SP5 postfix, SUSE SUSE Linux Enterprise High Performance Computing 15 SP5 postfix, SUSE openSUSE Leap 15.5 postfix.This issue affects SUSE Linux Enterprise Desktop 15 SP5: before 3.7.3-150500.3.5.1; SUSE Linux Enterprise High Performance Computing 15 SP5: before 3.7.3-150500.3.5.1; openSUSE Leap 15.5 : before 3.7.3-150500.3.5.1.π Read
via "National Vulnerability Database".
βΌ CVE-2023-42793 βΌ
π Read
via "National Vulnerability Database".
In JetBrains TeamCity before 2023.05.4 authentication bypass leading to RCE on TeamCity Server was possibleπ Read
via "National Vulnerability Database".
βΌ CVE-2023-42452 βΌ
π Read
via "National Vulnerability Database".
Mastodon is a free, open-source social network server based on ActivityPub. In versions on the 4.x branch prior to versions 4.0.10, 4.2.8, and 4.2.0-rc2, under certain conditions, attackers can abuse the translation feature to bypass the server-side HTML sanitization, allowing unescaped HTML to execute in the browser. The impact is limited thanks to Mastodon's strict Content Security Policy, blocking inline scripts, etc. However a CSP bypass or loophole could be exploited to execute malicious XSS. Furthermore, it requires user interaction, as this can only occur upon clicking the Γ’β¬ΕTranslateΓ’β¬οΏ½ button on a malicious post. Versions 4.0.10, 4.2.8, and 4.2.0-rc2 contain a patch for this issue.π Read
via "National Vulnerability Database".
βΌ CVE-2023-38352 βΌ
π Read
via "National Vulnerability Database".
MiniTool Partition Wizard 12.8 contains an insecure update mechanism that allows attackers to achieve remote code execution through a man in the middle attack.π Read
via "National Vulnerability Database".
βΌ CVE-2023-42450 βΌ
π Read
via "National Vulnerability Database".
Mastodon is a free, open-source social network server based on ActivityPub. Starting in version 4.2.0-beta1 and prior to version 4.2.0-rc2, by crafting specific input, attackers can inject arbitrary data into HTTP requests issued by Mastodon. This can be used to perform confused deputy attacks if the server configuration includes `ALLOWED_PRIVATE_ADDRESSES` to allow access to local exploitable services. Version 4.2.0-rc2 has a patch for the issue.π Read
via "National Vulnerability Database".