‼ CVE-2023-40660 ‼
📖 Read
via "National Vulnerability Database".
A flaw was found in OpenSC packages that allow a potential PIN bypass. When a token/card is authenticated by one process, it can perform cryptographic operations in other processes when an empty zero-length pin is passed. This issue poses a security risk, particularly for OS logon/screen unlock and for small, permanently connected tokens to computers. Additionally, the token can internally track login status. This flaw allows an attacker to gain unauthorized access, carry out malicious actions, or compromise the system without the user's awareness.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-46728 ‼
📖 Read
via "National Vulnerability Database".
Squid is a caching proxy for the Web supporting HTTP, HTTPS, FTP, and more. Due to a NULL pointer dereference bug Squid is vulnerable to a Denial of Service attack against Squid's Gopher gateway. The gopher protocol is always available and enabled in Squid prior to Squid 6.0.1. Responses triggering this bug are possible to be received from any gopher server, even those without malicious intent. Gopher support has been removed in Squid version 6.0.1. Users are advised to upgrade. Users unable to upgrade should reject all gopher URL requests.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-40661 ‼
📖 Read
via "National Vulnerability Database".
Several memory vulnerabilities were identified within the OpenSC packages, particularly in the card enrollment process using pkcs15-init when a user or administrator enrolls cards. To take advantage of these flaws, an attacker must have physical access to the computer system and employ a custom-crafted USB device or smart card to manipulate responses to APDUs. This manipulation can potentially allow compromise key generation, certificate loading, and other card management operations during enrollment.📖 Read
via "National Vulnerability Database".
🕴 Aqua Security Introduces Industry-First Kubernetes Vulnerability Scanning With Trivy KBOM 🕴
📖 Read
via "Dark Reading".
📖 Read
via "Dark Reading".
Dark Reading
Aqua Security Introduces Industry-First Kubernetes Vulnerability Scanning With Trivy KBOM
PRESS RELEASE
🕴 Excelsior University Contends for National Cyber League Competition Title 🕴
📖 Read
via "Dark Reading".
📖 Read
via "Dark Reading".
Dark Reading
Excelsior University Contends for National Cyber League Competition Title
PRESS RELEASE
‼ CVE-2023-5719 ‼
📖 Read
via "National Vulnerability Database".
The Crimson 3.2 Windows-based configuration tool allows users with administrative access to define new passwords for users and to download the resulting security configuration to a device. If such a password contains the percent (%) character, invalid values will be included, potentially truncating the string if a NUL is encountered. If the simplified password is not detected by the administrator, the device might be left in a vulnerable state as a result of more-easily compromised credentials. Note that passwords entered via the Crimson system web server do not suffer from this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-46731 ‼
📖 Read
via "National Vulnerability Database".
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. XWiki doesn't properly escape the section URL parameter that is used in the code for displaying administration sections. This allows any user with read access to the document `XWiki.AdminSheet` (by default, everyone including unauthenticated users) to execute code including Groovy code. This impacts the confidentiality, integrity and availability of the whole XWiki instance. This vulnerability has been patched in XWiki 14.10.14, 15.6 RC1 and 15.5.1. Users are advised to upgrade. Users unablr to upgrade may apply the fix in commit `fec8e0e53f9` manually. Alternatively, to protect against attacks from unauthenticated users, view right for guests can be removed from this document (it is only needed for space and wiki admins).📖 Read
via "National Vulnerability Database".
‼ CVE-2023-39345 ‼
📖 Read
via "National Vulnerability Database".
strapi is an open-source headless CMS. Versions prior to 4.13.1 did not properly restrict write access to fielded marked as private in the user registration endpoint. As such malicious users may be able to errantly modify their user records. This issue has been addressed in version 4.13.1. Users are advised to upgrade. There are no known workarounds for this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-5777 ‼
📖 Read
via "National Vulnerability Database".
Weintek EasyBuilder Pro contains a vulnerability that, even when the private key is immediately deleted after the crash report transmission is finished, the private key is exposed to the public, which could result in obtaining remote control of the crash report server.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-48192 ‼
📖 Read
via "National Vulnerability Database".
Cross-site Scripting vulnerability in Softing smartLink SW-HT before 1.30, which allows an attacker to execute a dynamic script (JavaScript, VBScript) in the context of the application.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-46254 ‼
📖 Read
via "National Vulnerability Database".
capsule-proxy is a reverse proxy for Capsule kubernetes multi-tenancy framework. A bug in the RoleBinding reflector used by `capsule-proxy` gives ServiceAccount tenant owners the right to list Namespaces of other tenants backed by the same owner kind and name. For example consider two tenants `solar` and `wind`. Tenant `solar`, owned by a ServiceAccount named `tenant-owner` in the Namespace `solar`. Tenant `wind`, owned by a ServiceAccount named `tenant-owner` in the Namespace `wind`. The Tenant owner `solar` would be able to list the namespaces of the Tenant `wind` and vice-versa, although this is not correct. The bug introduces an exfiltration vulnerability since allows the listing of Namespace resources of other Tenants, although just in some specific conditions: 1. `capsule-proxy` runs with the `--disable-caching=false` (default value: `false`) and 2. Tenant owners are ServiceAccount, with the same resource name, but in different Namespaces. This vulnerability doesn't allow any privilege escalation on the outer tenant Namespace-scoped resources, since the Kubernetes RBAC is enforcing this. This issue has been addressed in version 0.4.5. Users are advised to upgrade. There are no known workarounds for this vulnerability.📖 Read
via "National Vulnerability Database".
‼ CVE-2022-48193 ‼
📖 Read
via "National Vulnerability Database".
Weak ciphers in Softing smartLink SW-HT before 1.30 are enabled during secure communication (SSL).📖 Read
via "National Vulnerability Database".
‼ CVE-2023-46732 ‼
📖 Read
via "National Vulnerability Database".
XWiki Platform is a generic wiki platform offering runtime services for applications built on top of it. XWiki is vulnerable to reflected cross-site scripting (RXSS) via the `rev` parameter that is used in the content of the content menu without escaping. If an attacker can convince a user to visit a link with a crafted parameter, this allows the attacker to execute arbitrary actions in the name of the user, including remote code (Groovy) execution in the case of a user with programming right, compromising the confidentiality, integrity and availability of the whole XWiki installation. This has been patched in XWiki 15.6 RC1, 15.5.1 and 14.10.14. The patch in commit `04e325d57` can be manually applied without upgrading (or restarting) the instance. Users are advised to upgrade or to manually apply the patch. There are no known workarounds for this vulnerability.📖 Read
via "National Vulnerability Database".
🕴 Novel Google Cloud RAT Uses Calendar Events for C2 🕴
📖 Read
via "Dark Reading".
Cybercriminals are abusing legitimate functions within cloud services, and providers can't totally stop them, especially when it comes to innovative approaches like this.📖 Read
via "Dark Reading".
Dark Reading
Novel Google Cloud RAT Uses Calendar Events for C2
Cybercriminals are abusing legitimate functions within cloud services, and providers can't totally stop them, especially when it comes to innovative approaches like this.
🕴 Virtual Kidnapping: AI Tools Are Enabling IRL Extortion Scams 🕴
📖 Read
via "Dark Reading".
With AI and publicly available data, cybercriminals have the resources they need to fake a real-life kidnapping and make you believe it.📖 Read
via "Dark Reading".
Dark Reading
Virtual Kidnapping: AI Tools Are Enabling IRL Extortion Scams
With AI and publicly available data, cybercriminals have the resources they need to fake a real-life kidnapping and make you believe it.
🕴 Gootloader Aims Malicious, Custom Bot Army at Enterprise Networks 🕴
📖 Read
via "Dark Reading".
Previously limited to initial access brokering, the Gootloader group has pivoted to a nasty post-compromise "GootBot" attack, each implant with its own C2. 📖 Read
via "Dark Reading".
Dark Reading
Gootloader Aims Malicious, Custom Bot Army at Enterprise Networks
Previously limited to initial access brokering, the Gootloader group has pivoted to a nasty post-compromise "GootBot" attack, each implant with its own C2.
🕴 Kinsing Cyberattackers Debut 'Looney Tunables' Cloud Exploits 🕴
📖 Read
via "Dark Reading".
Admins need to patch immediately, as the prolific cybercrime group pivots from cryptomining to going after cloud secrets and credentials.📖 Read
via "Dark Reading".
Dark Reading
Kinsing Cyberattackers Debut 'Looney Tunables' Cloud Exploits
Admins need to patch immediately, as the prolific cybercrime group pivots from cryptomining to going after cloud secrets and credentials.
‼ CVE-2023-4858 ‼
📖 Read
via "National Vulnerability Database".
The Simple Table Manager WordPress plugin through 1.5.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).📖 Read
via "National Vulnerability Database".
‼ CVE-2023-5354 ‼
📖 Read
via "National Vulnerability Database".
The Awesome Support WordPress plugin before 6.1.5 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.📖 Read
via "National Vulnerability Database".
‼ CVE-2023-5530 ‼
📖 Read
via "National Vulnerability Database".
The Ninja Forms Contact Form WordPress plugin before 3.6.34 does not sanitize and escape its label fields, which could allow high privilege users such as admin to perform Stored XSS attacks. Only users with the unfiltered_html capability can perform this, and such users are already allowed to use JS in posts/comments etc however the vendor acknowledged and fixed the issue📖 Read
via "National Vulnerability Database".
‼ CVE-2023-45556 ‼
📖 Read
via "National Vulnerability Database".
Cross Site Scripting vulnerability in Mybb Mybb Forums v.1.8.33 allows a local attacker to execute arbitrary code via the theme Name parameter in the theme management component.📖 Read
via "National Vulnerability Database".