🛡 Cybersecurity & Privacy 🛡 - News
@cibsecurity
25.8K subscribers
89.2K links
🗞 The finest daily news on cybersecurity and privacy.

🔔 Daily releases.

💻 Is your online life secure?

📩 lalilolalo.dev@gmail.com
Download Telegram
About
Blog
Apps
Platform
Join
🛡 Cybersecurity & Privacy 🛡 - News
25.8K subscribers
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-33268 ‼

An issue was discovered in DTS Monitoring 3.57.0. The parameter port within the SSL Certificate check function is vulnerable to OS command injection (blind).

📖 Read

via "National Vulnerability Database".
194 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-44973 ‼

An arbitrary file upload vulnerability in the component /content/templates/ of Emlog Pro v2.2.0 allows attackers to execute arbitrary code via uploading a crafted PHP file.

📖 Read

via "National Vulnerability Database".
181 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-33271 ‼

An issue was discovered in DTS Monitoring 3.57.0. The parameter common_name within the SSL Certificate check function is vulnerable to OS command injection (blind).

📖 Read

via "National Vulnerability Database".
186 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-33273 ‼

An issue was discovered in DTS Monitoring 3.57.0. The parameter url within the WGET check function is vulnerable to OS command injection (blind).

📖 Read

via "National Vulnerability Database".
224 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-43951 ‼

SSCMS 7.2.2 was discovered to contain a cross-site scripting (XSS) vulnerability via the Column Management component.

📖 Read

via "National Vulnerability Database".
226 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-43952 ‼

SSCMS 7.2.2 was discovered to contain a stored cross-site scripting (XSS) vulnerability via the Material Management component.

📖 Read

via "National Vulnerability Database".
206 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-33269 ‼

An issue was discovered in DTS Monitoring 3.57.0. The parameter options within the WGET check function is vulnerable to OS command injection (blind).

📖 Read

via "National Vulnerability Database".
189 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-40830 ‼

Tenda AC6 v15.03.05.19 is vulnerable to Buffer Overflow as the Index parameter does not verify the length.

📖 Read

via "National Vulnerability Database".
214 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-44974 ‼

An arbitrary file upload vulnerability in the component /admin/plugin.php of Emlog Pro v2.2.0 allows attackers to execute arbitrary code via uploading a crafted PHP file.

📖 Read

via "National Vulnerability Database".
213 views
🛡 Cybersecurity & Privacy 🛡 - News
🕴 Gartner Forecasts Global Security and Risk Management Spending to Grow 14% in 2024 🕴



📖 Read

via "Dark Reading".
Dark Reading
Gartner Forecasts Global Security and Risk Management Spending to Grow 14% in 2024
LONDON, U.K., September 28, 2023 – Worldwide end-user spending on security and risk management is projected to total $215 billion in 2024, an increase of 14.3% from 2023, according to new forecast from Gartner, Inc. In 2023, global security and risk management…
245 views
🛡 Cybersecurity & Privacy 🛡 - News
🕴 Russian Hacktivism Takes a Toll on Organizations in Ukraine, EU, US 🕴

Russian hacktivist attacks are mostly for show, but sometimes they cause serious damage and are poised to begin getting worse.

📖 Read

via "Dark Reading".
Dark Reading
Russian Hacktivism: Flashy Non-Events or Serious Threat?
While it's tempting to dismiss Russian hacktivist DDoSing as all sizzle and no steak, experts warn the cyberattacks can cause serious damage -- and are poised to become more and more dangerous
256 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-39648 ‼

Improper neutralization of SQL parameter in Theme Volty CMS Testimonial module for PrestaShop. In the module “Theme Volty CMS Testimonial� (tvcmstestimonial) up to version 4.0.1 from Theme Volty for PrestaShop, a guest can perform SQL injection in affected versions.

📖 Read

via "National Vulnerability Database".
259 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-39647 ‼

Improper neutralization of SQL parameter in Theme Volty CMS Category Product module for PrestaShop. In the module “Theme Volty CMS Category Product� (tvcmscategoryproduct) up to version 4.0.1 from Theme Volty for PrestaShop, a guest can perform SQL injection in affected versions.

📖 Read

via "National Vulnerability Database".
292 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-39651 ‼

Improper neutralization of SQL parameter in Theme Volty CMS BrandList module for PrestaShop In the module “Theme Volty CMS BrandList� (tvcmsbrandlist) up to version 4.0.1 from Theme Volty for PrestaShop, a guest can perform SQL injection in affected versions.

📖 Read

via "National Vulnerability Database".
377 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-39646 ‼

Improper neutralization of SQL parameter in Theme Volty CMS Category Chain Slider module for PrestaShop. In the module “Theme Volty CMS Category Chain Slide"(tvcmscategorychainslider) up to version 4.0.1 from Theme Volty for PrestaShop, a guest can perform SQL injection in affected versions.

📖 Read

via "National Vulnerability Database".
468 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-39649 ‼

Improper neutralization of SQL parameter in Theme Volty CMS Category Slider module for PrestaShop. In the module “Theme Volty CMS Category Slider� (tvcmscategoryslider) up to version 4.0.1 from Theme Volty for PrestaShop, a guest can perform SQL injection in affected versions.

📖 Read

via "National Vulnerability Database".
521 views
🛡 Cybersecurity & Privacy 🛡 - News
🦿 Quick Glossary: Cybersecurity Attacks 🦿

It doesn’t matter whether your organization is a huge multinational business enterprise or a one-person operation. At some point, your computer networks and systems will be attacked by someone with criminal intent. Cybersecurity attacks, in all their various forms, are inevitable and relentless. This quick glossary from TechRepublic Premium explains the terminology behind the most ...

📖 Read

via "Tech Republic".
TechRepublic
Quick Glossary: Cybersecurity Attacks
It doesn’t matter whether your organization is a huge multinational business enterprise or a one-person operation. At some point, your computer networks
491 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-44272 ‼

A cross-site scripting vulnerability exists in Citadel versions prior to 994. When a malicious user sends an instant message with some JavaScript code, the script may be executed on the web browser of the victim user.

📖 Read

via "National Vulnerability Database".
436 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-5375 ‼

Open Redirect in GitHub repository mosparo/mosparo prior to 1.0.2.

📖 Read

via "National Vulnerability Database".
401 views
🛡 Cybersecurity & Privacy 🛡 - News
🦿 This Top-Rated Ad Blocker is Just $25 Through October 15th 🦿

AdGuard gets rid of ads and provides an extra layer of protection on multiple devices. Through October 15th only, it's just $25 for life.

📖 Read

via "Tech Republic".
TechRepublic
Get Advanced Ad Blocking and Superior Data Privacy Tools for Just $11
Block popups, banners and video ads while also protecting yourself from activity trackers, phishing attempts, fraudulent websites and other types of malware with AdGuard.
365 views
🛡 Cybersecurity & Privacy 🛡 - News
‼ CVE-2023-1584 ‼

A flaw was found in Quarkus. Quarkus OIDC can leak both ID and access tokens in the authorization code flow when an insecure HTTP protocol is used, which can allow attackers to access sensitive user data directly from the ID token or by using the access token to access user data from OIDC provider services. Please note that passwords are not stored in access tokens.

📖 Read

via "National Vulnerability Database".
294 views