π΄ ShellBot Cracks Linux SSH Servers, Debuts New Evasion Tactic π΄
π Read
via "Dark Reading".
The botnet β built for DDoS, backdooring, and dropping malware β is evading standard URL signature detections with a novel approach.π Read
via "Dark Reading".
Dark Reading
ShellBot Cracks Linux SSH Servers, Debuts New Evasion Tactic
The botnet β built for DDoS, backdooring, and dropping malware β is evading standard URL signature detections with a novel approach involving Hex IP addresses.
βΌ CVE-2023-5449 βΌ
π Read
via "National Vulnerability Database".
A potential security vulnerability has been identified in certain HP Displays supporting the Theft Deterrence feature which may allow a monitorΓ’β¬β’s Theft Deterrence to be deactivated.π Read
via "National Vulnerability Database".
βΌ CVE-2023-4499 βΌ
π Read
via "National Vulnerability Database".
A potential security vulnerability has been identified in the HP ThinUpdate utility (also known as HP Recovery Image and Software Download Tool) which may lead to information disclosure. HP is releasing mitigation for the potential vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2023-45269 βΌ
π Read
via "National Vulnerability Database".
Cross-Site Request Forgery (CSRF) vulnerability in David Cole Simple SEO plugin <=Γ 2.0.23 versions.π Read
via "National Vulnerability Database".
βΌ CVE-2023-40682 βΌ
π Read
via "National Vulnerability Database".
IBM App Connect Enterprise 12.0.1.0 through 12.0.8.0 contains an unspecified vulnerability that could allow a local privileged user to obtain sensitive information from API logs. IBM X-Force ID: 263833.π Read
via "National Vulnerability Database".
βΌ CVE-2023-45270 βΌ
π Read
via "National Vulnerability Database".
Cross-Site Request Forgery (CSRF) vulnerability in PINPOINT.WORLD Pinpoint Booking System plugin <=Γ 2.9.9.4.0 versions.π Read
via "National Vulnerability Database".
βΌ CVE-2023-5409 βΌ
π Read
via "National Vulnerability Database".
HP is aware of a potential security vulnerability in HP t430 and t638 Thin Client PCs. These models may be susceptible to a physical attack, allowing an untrusted source to tamper with the system firmware using a publicly disclosed private key. HP is providing recommended guidance for customers to reduce exposure to the potential vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2023-45276 βΌ
π Read
via "National Vulnerability Database".
Cross-Site Request Forgery (CSRF) vulnerability in automatededitor.Com Automated Editor plugin <=Γ 1.3 versions.π Read
via "National Vulnerability Database".
π΄ Security Pros Warn that EU's Vulnerability Disclosure Rule is Risky π΄
π Read
via "Dark Reading".
The European Union's Cyber Resilience Act's requirement to disclose vulnerabilities within 24 hours of exploitation could potentially expose organizations to attacks from adversaries or government surveillance.π Read
via "Dark Reading".
Dark Reading
Security Pros Warn That EU's Vulnerability Disclosure Rule Is Risky
The European Union's Cyber Resilience Act's requirement to disclose vulnerabilities within 24 hours of exploitation could potentially expose organizations to attacks from adversaries or government surveillance.
π΄ Feds: Beware AvosLocker Ransomware Attacks on Critical Infrastructure π΄
π Read
via "Dark Reading".
CISA and FBI warn the RaaS provider's affiliates are striking critical industries, with more attacks expected to come from additional ransomware groups in the months ahead.π Read
via "Dark Reading".
Dark Reading
Feds: Beware AvosLocker Ransomware Attacks on Critical Infrastructure
CISA and FBI warn the RaaS provider's affiliates are striking critical industries, with more attacks expected to come from additional ransomware groups in the months ahead.
π΄ How MOVEit Is Likely to Shift Cyber Insurance Calculus π΄
π Read
via "Dark Reading".
Progress Software plans to collect millions in cyber insurance policy payouts after the MOVEit breaches, which will make getting coverage more expensive and harder to get for everyone else, experts say.π Read
via "Dark Reading".
Dark Reading
How MOVEit Is Likely to Shift Cyber Insurance Calculus
Progress Software plans to collect millions in cyber insurance policy payouts after the MOVEit breaches, which will make getting coverage more expensive and harder to get for everyone else, experts say.
βΌ CVE-2023-4257 βΌ
π Read
via "National Vulnerability Database".
Unchecked user input length in /subsys/net/l2/wifi/wifi_shell.c can cause buffer overflows.π Read
via "National Vulnerability Database".
βΌ CVE-2023-45853 βΌ
π Read
via "National Vulnerability Database".
MiniZip in zlib through 1.3 has an integer overflow and resultant heap-based buffer overflow in zipOpenNewFileInZip4_64 via a long filename, comment, or extra field. NOTE: MiniZip is not a supported part of the zlib product.π Read
via "National Vulnerability Database".
βΌ CVE-2023-30148 βΌ
π Read
via "National Vulnerability Database".
Multiple Stored Cross Site Scripting (XSS) vulnerabilities in Opart opartmultihtmlblock before version 2.0.12 and Opart multihtmlblock* version 1.0.0, allows remote authenticated users to inject arbitrary web script or HTML via the body_text or body_text_rude field in /sourcefiles/BlockhtmlClass.php and /sourcefiles/blockhtml.php.π Read
via "National Vulnerability Database".
βΌ CVE-2023-45674 βΌ
π Read
via "National Vulnerability Database".
Farmbot-Web-App is a web control interface for the Farmbot farm automation platform. An SQL injection vulnerability was found in FarmBot's web app that allows authenticated attackers to extract arbitrary data from its database (including the user table). This issue may lead to Information Disclosure. This issue has been patched in version 15.8.4. Users are advised to upgrade. There are no known workarounds for this issue.π Read
via "National Vulnerability Database".
βΌ CVE-2023-30154 βΌ
π Read
via "National Vulnerability Database".
Multiple improper neutralization of SQL parameters in module AfterMail (aftermailpresta) for PrestaShop, before version 2.2.1, allows remote attackers to perform SQL injection attacks via `id_customer`, `id_conf`, `id_product` and `token` parameters in `aftermailajax.php via the 'id_product' parameter in hooks DisplayRightColumnProduct and DisplayProductButtons.π Read
via "National Vulnerability Database".
βΌ CVE-2023-45852 βΌ
π Read
via "National Vulnerability Database".
In Vitogate 300 2.1.3.0, /cgi-bin/vitogate.cgi allows an unauthenticated attacker to bypass authentication and execute arbitrary commands via shell metacharacters in the ipaddr params JSON data for the put method.π Read
via "National Vulnerability Database".
βΌ CVE-2023-45348 βΌ
π Read
via "National Vulnerability Database".
Apache Airflow, versions 2.7.0 and 2.7.1, is affected by a vulnerability that allows an authenticated user to retrieve sensitive configuration information when the "expose_config" option is set to "non-sensitive-only". The `expose_config` option is False by default.It is recommended to upgrade to a version that is not affected.π Read
via "National Vulnerability Database".
βΌ CVE-2023-5578 βΌ
π Read
via "National Vulnerability Database".
A vulnerability was found in PortΓΒ‘bilis i-Educar up to 2.7.5. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the file \intranet\agenda_imprimir.php of the component HTTP GET Request Handler. The manipulation of the argument cod_agenda with the input ");'> <script>alert(document.cookie)</script> leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-242143. NOTE: The vendor was contacted early about this disclosure but did not respond in any way.π Read
via "National Vulnerability Database".
βΌ CVE-2023-42792 βΌ
π Read
via "National Vulnerability Database".
Apache Airflow, in versions prior to 2.7.2, contains a security vulnerability that allows an authenticated user with limited access to some DAGs, to craft a request that could give the user write access to various DAG resources for DAGs that the user had no access to, thus, enabling the user to clear DAGs they shouldn't.Users of Apache Airflow are strongly advised to upgrade to version 2.7.2 or newer to mitigate the risk associated with this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2023-42663 βΌ
π Read
via "National Vulnerability Database".
Apache Airflow, versions before 2.7.2, has a vulnerability that allows an authorized user who has access to read specific DAGs only, to read information about task instances in other DAGs.Users of Apache Airflow are advised to upgrade to version 2.7.2 or newer to mitigate the risk associated with this vulnerability.π Read
via "National Vulnerability Database".