π jSQL Injection 0.95 π
π Read
via "Packet Storm Security".
jSQL Injection is a lightweight application used to find database information from a distant server. jSQL Injection is also part of the official penetration testing distribution Kali Linux and is included in various other distributions like Pentest Box, Parrot Security OS, ArchStrike and BlackArch Linux. This is the source code release.π Read
via "Packet Storm Security".
packetstorm.news
Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories, and Whitepapers
π Falco 0.36.1 π
π Read
via "Packet Storm Security".
Sysdig Falco is a behavioral activity monitoring agent that is open source and comes with native support for containers. Falco lets you define highly granular rules to check for activities involving file and network activity, process execution, IPC, and much more, using a flexible syntax. Falco will notify you when these rules are violated. You can think about Falco as a mix between snort, ossec and strace.π Read
via "Packet Storm Security".
Packetstormsecurity
Falco 0.36.1 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
βΌ CVE-2023-5575 βΌ
π Read
via "National Vulnerability Database".
Improper access control in the permission inheritance in Devolutions Server 2022.3.13.0 and earlier allows an attacker that compromised a low privileged user to access entries via a specific combination of permissions in the entry and in its parent.π Read
via "National Vulnerability Database".
βΌ CVE-2023-46087 βΌ
π Read
via "National Vulnerability Database".
Cross-Site Request Forgery (CSRF) vulnerability in Mahlamusa Who Hit The Page Γ’β¬β Hit Counter plugin <=Γ 1.4.14.3 versions.π Read
via "National Vulnerability Database".
π΄ Pro-Israeli Hacktivist Group Predatory Sparrow Reappears π΄
π Read
via "Dark Reading".
It's been a year since its last communication and attack on Iran β but the conflict with Hamas appears to have reactivated the group.π Read
via "Dark Reading".
Dark Reading
Pro-Israeli Hacktivist Group 'Predatory Sparrow' Reappears
It's been a year since its last communication and attack on Iran β but the conflict with Hamas appears to have reactivated the group.
π΄ Name That Toon: Modern Monarchy π΄
π Read
via "Dark Reading".
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.π Read
via "Dark Reading".
Dark Reading
Name That Toon: Modern Monarchy
Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card.
βΌ CVE-2023-45685 βΌ
π Read
via "National Vulnerability Database".
Insufficient path validation when extracting a zip archive in South River Technologies' Titan MFT and Titan SFTP servers on Windows and Linux allows an authenticated attacker to write a file to any location on the filesystem via path traversalπ Read
via "National Vulnerability Database".
βΌ CVE-2023-45689 βΌ
π Read
via "National Vulnerability Database".
Lack of sufficient path validation in South River Technologies' Titan MFT and Titan SFTP servers on Windows and Linux allows an authenticated attacker with administrative privileges to read any file on the filesystem via path traversalπ Read
via "National Vulnerability Database".
βΌ CVE-2023-20198 βΌ
π Read
via "National Vulnerability Database".
Cisco is aware of active exploitation of a previously unknown vulnerability in the web UI feature of Cisco IOS XE Software when exposed to the internet or to untrusted networks. This vulnerability allows a remote, unauthenticated attacker to create an account on an affected system with privilege level 15 access. The attacker can then use that account to gain control of the affected system. For steps to close the attack vector for this vulnerability, see the Recommendations section of this advisoryΓ Cisco will provide updates on the status of this investigation and when a software patch is available.π Read
via "National Vulnerability Database".
βΌ CVE-2023-45688 βΌ
π Read
via "National Vulnerability Database".
Lack of sufficient path validation in South River Technologies' Titan MFT and Titan SFTP servers on Linux allows an authenticated attacker to get the size of an arbitrary file on the filesystem using path traversal in the ftp "SIZE" commandπ Read
via "National Vulnerability Database".
βΌ CVE-2023-45687 βΌ
π Read
via "National Vulnerability Database".
A session fixation vulnerability in South River Technologies' Titan MFT and Titan SFTP servers on Linux and Windows allows an attacker to bypass the server's authentication if they can trick an administrator into authorizating a session id of their choosingπ Read
via "National Vulnerability Database".
βΌ CVE-2023-45686 βΌ
π Read
via "National Vulnerability Database".
Insufficient path validation when writing a file via WebDAV in South River Technologies' Titan MFT and Titan SFTP servers on Linux allows an authenticated attacker to write a file to any location on the filesystem via path traversalπ Read
via "National Vulnerability Database".
βΌ CVE-2023-45690 βΌ
π Read
via "National Vulnerability Database".
Default file permissions on South River Technologies' Titan MFT and Titan SFTP servers on Linux allows a user that's authentication to the OS to read sensitive files on the filesystemπ Read
via "National Vulnerability Database".
π΄ 'RomCom' Cyber Campaign Targets Women Political Leaders π΄
π Read
via "Dark Reading".
A threat group known as "Void Rabisu" used a spoofed Women Political Leaders Summit website to target attendees to the actual conference with espionage malware.π Read
via "Dark Reading".
Dark Reading
'RomCom' Cyber Campaign Targets Women Political Leaders
A threat group known as "Void Rabisu" used a spoofed Women Political Leaders Summit website to target attendees to the actual conference with espionage malware.
βΌ CVE-2023-45985 βΌ
π Read
via "National Vulnerability Database".
TOTOLINK X5000R V9.1.0u.6118_B20201102 and TOTOLINK A7000R V9.1.0u.6115_B20201022 were discovered to contain a stack overflow in the function setParentalRules. This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted POST request.π Read
via "National Vulnerability Database".
βΌ CVE-2023-43120 βΌ
π Read
via "National Vulnerability Database".
An issue discovered in Extreme Networks Switch Engine (EXOS) before 32.5.1.5, before 22.7 and before 31.7.1 allows attackers to gain escalated privileges via crafted HTTP request.π Read
via "National Vulnerability Database".
βΌ CVE-2023-45151 βΌ
π Read
via "National Vulnerability Database".
Nextcloud server is an open source home cloud platform. Affected versions of Nextcloud stored OAuth2 tokens in plaintext which allows an attacker who has gained access to the server to potentially elevate their privilege. This issue has been addressed and users are recommended to upgrade their Nextcloud Server to version 25.0.8, 26.0.3 or 27.0.1. There are no known workarounds for this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2023-40180 βΌ
π Read
via "National Vulnerability Database".
silverstripe-graphql is a package which serves Silverstripe data in GraphQL representations. An attacker could use a recursive graphql query to execute a Distributed Denial of Service attack (DDOS attack) against a website. This mostly affects websites with publicly exposed graphql schemas. If your Silverstripe CMS project does not expose a public facing graphql schema, a user account is required to trigger the DDOS attack. If your site is hosted behind a content delivery network (CDN), such as Imperva or CloudFlare, this may further mitigate the risk. This issue has been addressed in versions 3.8.2, 4.1.3, 4.2.5, 4.3.4, and 5.0.3. Users are advised to upgrade. There are no known workarounds for this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2023-45669 βΌ
π Read
via "National Vulnerability Database".
WebAuthn4J Spring Security provides Web Authentication specification support for Spring applications. Affected versions are subject to improper signature counter value handling. A flaw was found in webauthn4j-spring-security-core. When an authneticator returns an incremented signature counter value during authentication, webauthn4j-spring-security-core does not properly persist the value, which means cloned authenticator detection does not work. An attacker who cloned valid authenticator in some way can use the cloned authenticator without being detected. This issue has been addressed in version `0.9.1.RELEASE`. Users are advised to upgrade. There are no known workarounds for this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2023-45683 βΌ
π Read
via "National Vulnerability Database".
github.com/crewjam/saml is a saml library for the go language. In affected versions the package does not validate the ACS Location URI according to the SAML binding being parsed. If abused, this flaw allows attackers to register malicious Service Providers at the IdP and inject Javascript in the ACS endpoint definition, achieving Cross-Site-Scripting (XSS) in the IdP context during the redirection at the end of a SAML SSO Flow. Consequently, an attacker may perform any authenticated action as the victim once the victimΓ’β¬β’s browser loaded the SAML IdP initiated SSO link for the malicious service provider. Note: SP registration is commonly an unrestricted operation in IdPs, hence not requiring particular permissions or publicly accessible to ease the IdP interoperability. This issue is fixed in version 0.4.14. Users unable to upgrade may perform external validation of URLs provided in SAML metadata, or restrict the ability for end-users to upload arbitrary metadata.π Read
via "National Vulnerability Database".
βΌ CVE-2023-45660 βΌ
π Read
via "National Vulnerability Database".
Nextcloud mail is an email app for the Nextcloud home server platform. In affected versions a missing check of origin, target and cookies allows for an attacker to abuse the proxy endpoint to denial of service a third server. It is recommended that the Nextcloud Mail is upgraded to 2.2.8 or 3.3.0. There are no known workarounds for this vulnerability.π Read
via "National Vulnerability Database".