βΌ CVE-2023-31019 βΌ
π Read
via "National Vulnerability Database".
NVIDIA GPU Display Driver for Windows contains a vulnerability in wksServicePlugin.dll, where the driver implementation does not restrict or incorrectly restricts access from the named pipe server to a connecting client, which may lead to potential impersonation to the client's secure context.π Read
via "National Vulnerability Database".
βΌ CVE-2023-31021 βΌ
π Read
via "National Vulnerability Database".
NVIDIA vGPU software for Windows and Linux contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a malicious user in the guest VM can cause a NULL-pointer dereference, which may lead to denial of service.π Read
via "National Vulnerability Database".
βΌ CVE-2023-31017 βΌ
π Read
via "National Vulnerability Database".
NVIDIA GPU Display Driver for Windows contains a vulnerability where an attacker may be able to write arbitrary data to privileged locations by using reparse points. A successful exploit of this vulnerability may lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering.π Read
via "National Vulnerability Database".
βΌ CVE-2023-31016 βΌ
π Read
via "National Vulnerability Database".
NVIDIA GPU Display Driver for Windows contains a vulnerability where an uncontrolled search path element may allow an attacker to execute arbitrary code, which may lead to code execution, denial of service, escalation of privileges, information disclosure, or data tampering.π Read
via "National Vulnerability Database".
βοΈ Russian Reshipping Service βSWAT USA Dropβ Exposed βοΈ
π Read
via "Krebs on Security".
One of the largest cybercrime services for laundering stolen merchandise was hacked recently, exposing its internal operations, finances and organizational structure. Hereβs a closer look at the Russia-based SWAT USA Drop Service, which currently employs more than 1,200 people across the United States who are knowingly or unwittingly involved in reshipping expensive consumer goods purchased with stolen credit cards.π Read
via "Krebs on Security".
Krebs on Security
Russian Reshipping Service βSWAT USA Dropβ Exposed
One of the largest cybercrime services for laundering stolen merchandise was hacked recently, exposing its internal operations, finances and organizational structure. Hereβs a closer look at the Russia-based SWAT USA Drop Service, which currently employsβ¦
π¦Ώ UK AI Safety Summit: Global Powers Make βLandmarkβ Pledge to AI Safety π¦Ώ
π Read
via "Tech Republic".
Global and tech leaders gathered in the U.K. for an influential summit dedicated to AI regulation and safety. Hereβs what you need to know about the Bletchley Declaration, testing of new AI models and more.π Read
via "Tech Republic".
TechRepublic
UK AI Safety Summit: Global Powers Make βLandmarkβ Pledge to AI Safety
Global leaders from 28 nations gathered in the U.K. for an influential summit dedicated to AI regulation and safety.
π΄ How Do We Truly Make Security 'Everyone's Responsibility'? π΄
π Read
via "Dark Reading".
When everybody is responsible for a task, sometimes nobody takes ownership. Here are three steps to distribute cybersecurity throughout your organization.π Read
via "Dark Reading".
Dark Reading
How Do We Truly Make Security 'Everyone's Responsibility'?
When everybody is responsible for a task, sometimes nobody takes ownership. Here are three steps to distribute cybersecurity throughout your organization.
π΄ Attackers Target Max-Severity Apache ActiveMQ Bug to Drop Ransomware π΄
π Read
via "Dark Reading".
More than 3,000 systems are exposed and vulnerable to attack on the Internet.π Read
via "Dark Reading".
Dark Reading
Attackers Target Max-Severity Apache ActiveMQ Bug to Drop Ransomware
More than 3,000 systems are exposed and vulnerable to attack on the Internet.
π΄ Okta Data Compromised Through Third-Party Vendor π΄
π Read
via "Dark Reading".
After 1Password, MGM, and Caesars, yet more cybersecurity woes mount for the identity and access management company.π Read
via "Dark Reading".
Dark Reading
Okta Data Compromised Through Third-Party Vendor
After 1Password, MGM, and Caesars, yet more cybersecurity woes mount for the identity and access management company.
βΌ CVE-2023-39284 βΌ
π Read
via "National Vulnerability Database".
An issue was discovered in IhisiServicesSmm in Insyde InsydeH2O with kernel 5.0 through 5.5. There are arbitrary calls to SetVariable with unsanitized arguments in the SMI handler.π Read
via "National Vulnerability Database".
βΌ CVE-2023-5925 βΌ
π Read
via "National Vulnerability Database".
A vulnerability, which was classified as critical, has been found in Campcodes Simple Student Information System 1.0. This issue affects some unknown processing of the file /classes/Master.php. The manipulation of the argument f leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier VDB-244325 was assigned to this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2023-5926 βΌ
π Read
via "National Vulnerability Database".
A vulnerability, which was classified as critical, was found in Campcodes Simple Student Information System 1.0. Affected is an unknown function of the file /admin/students/update_status.php. The manipulation of the argument student_id leads to sql injection. The exploit has been disclosed to the public and may be used. VDB-244326 is the identifier assigned to this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2023-5928 βΌ
π Read
via "National Vulnerability Database".
A vulnerability was found in Campcodes Simple Student Information System 1.0 and classified as critical. Affected by this issue is some unknown functionality of the file /admin/departments/manage_department.php. The manipulation of the argument id leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-244328.π Read
via "National Vulnerability Database".
βΌ CVE-2023-5930 βΌ
π Read
via "National Vulnerability Database".
A vulnerability was found in Campcodes Simple Student Information System 1.0. It has been declared as problematic. This vulnerability affects unknown code of the file /admin/students/manage_academic.php. The manipulation of the argument student_id leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. VDB-244330 is the identifier assigned to this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2023-5927 βΌ
π Read
via "National Vulnerability Database".
A vulnerability has been found in Campcodes Simple Student Information System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file /admin/courses/manage_course.php. The manipulation of the argument id leads to sql injection. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-244327.π Read
via "National Vulnerability Database".
βΌ CVE-2023-5929 βΌ
π Read
via "National Vulnerability Database".
A vulnerability was found in Campcodes Simple Student Information System 1.0. It has been classified as critical. This affects an unknown part of the file /admin/students/manage_academic.php. The manipulation of the argument id leads to sql injection. The exploit has been disclosed to the public and may be used. The identifier VDB-244329 was assigned to this vulnerability.π Read
via "National Vulnerability Database".
βΌ CVE-2023-46176 βΌ
π Read
via "National Vulnerability Database".
IBM MQ Appliance 9.3 CD could allow a local attacker to gain elevated privileges on the system, caused by improper validation of security keys. IBM X-Force ID: 269535.π Read
via "National Vulnerability Database".
βΌ CVE-2023-31102 βΌ
π Read
via "National Vulnerability Database".
7-Zip through 22.01 on Linux allows an integer underflow and code execution via a crafted 7Z archive.π Read
via "National Vulnerability Database".
βΌ CVE-2020-28407 βΌ
π Read
via "National Vulnerability Database".
In swtpm before 0.4.2 and 0.5.x before 0.5.1, a local attacker may be able to overwrite arbitrary files via a symlink attack against a temporary file such as TMP2-00.permall.π Read
via "National Vulnerability Database".
βΌ CVE-2023-36029 βΌ
π Read
via "National Vulnerability Database".
Microsoft Edge (Chromium-based) Spoofing Vulnerabilityπ Read
via "National Vulnerability Database".
βΌ CVE-2023-34261 βΌ
π Read
via "National Vulnerability Database".
Kyocera TASKalfa 4053ci printers through 2VG_S000.002.561 allow identification of valid user accounts via username enumeration because they lead to a "nicht einloggen" error rather than a falsch error.π Read
via "National Vulnerability Database".