🛡 Cybersecurity & Privacy 🛡 - News

🕴 Industrial Defender Risk Signal, a Risk-Based Vulnerability Management Solution for OT Security 🕴

📖 Read

via "Dark Reading".

Darkreading

Industrial Defender Risk Signal, a Risk-Based Vulnerability Management Solution for OT Security

429 views22:35

🛡 Cybersecurity & Privacy 🛡 - News

🕴 C3 Complete Acquires Information Security Business Unit of Compliance Solutions Inc. 🕴

📖 Read

via "Dark Reading".

Darkreading

C3 Complete Acquires Information Security Business Unit of Compliance Solutions Inc.

394 views23:05

🛡 Cybersecurity & Privacy 🛡 - News

🕴 Driven Technologies Expands Expertise With Acquisition of ieMentor 🕴

📖 Read

via "Dark Reading".

Darkreading

Driven Technologies Expands Expertise With Acquisition of ieMentor

388 views23:05

🛡 Cybersecurity & Privacy 🛡 - News

‼️CVE-2024-20802‼️

Improper access control vulnerability in Samsung DeX prior to SMR Jan2024 Release 1 allows owner to access other users' notification in a multiuser environment.

338 views00:30

🛡 Cybersecurity & Privacy 🛡 - News

‼️CVE-2024-20803‼️

Improper authentication vulnerability in Bluetooth pairing process prior to SMR Jan2024 Release 1 allows remote attackers to establish pairing process without user interaction.

327 views00:30

🛡 Cybersecurity & Privacy 🛡 - News

‼️CVE-2024-20804‼️

Path traversal vulnerability in FileUriConverter of MyFiles prior to SMR Jan2024 Release 1 in Android 11 and Android 12, and version 14.5.00.21 in Android 13 allows attackers to write arbitrary file.

308 views00:31

🛡 Cybersecurity & Privacy 🛡 - News

‼️CVE-2024-20805‼️

Path traversal vulnerability in ZipCompressor of MyFiles prior to SMR Jan2024 Release 1 in Android 11 and Android 12, and version 14.5.00.21 in Android 13 allows attackers to write arbitrary file.

293 views00:31

🛡 Cybersecurity & Privacy 🛡 - News

‼️CVE-2024-20806‼️

Improper access control in Notification service prior to SMR Jan2024 Release 1 allows local attacker to access notification data.

287 views00:31

🛡 Cybersecurity & Privacy 🛡 - News

‼️CVE-2024-20807‼️

Implicit intent hijacking vulnerability in Samsung Email prior to version 6.1.90.16 allows attacker to get sensitive information.

263 views00:31

🛡 Cybersecurity & Privacy 🛡 - News

‼️CVE-2024-20808‼️

Improper access control vulnerability in Nearby device scanning prior version 11.1.14.7 allows local attacker to access data.

268 views00:31

🛡 Cybersecurity & Privacy 🛡 - News

‼️CVE-2024-20809‼️

Improper access control vulnerability in Nearby device scanning prior version 11.1.14.7 allows local attacker to access data.

276 views00:31

🛡 Cybersecurity & Privacy 🛡 - News

‼️CVE-2024-0222‼️

Use after free in ANGLE in Google Chrome prior to 120.0.6099.199 allowed a remote attacker who had compromised the renderer process to potentially exploit heap corruption via a crafted HTML page. Chromium security severity High

278 views00:31

🛡 Cybersecurity & Privacy 🛡 - News

‼️CVE-2024-0223‼️

Heap buffer overflow in ANGLE in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity High

248 views00:31

🛡 Cybersecurity & Privacy 🛡 - News

‼️CVE-2024-0224‼️

Use after free in WebAudio in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity High

239 views00:31

🛡 Cybersecurity & Privacy 🛡 - News

‼️CVE-2024-0225‼️

Use after free in WebGPU in Google Chrome prior to 120.0.6099.199 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page. Chromium security severity High

👍1

231 views00:31

🛡 Cybersecurity & Privacy 🛡 - News

‼️CVE-2023-6498‼️

The Complianz  GDPRCCPA Cookie Consent plugin for WordPress is vulnerable to Stored CrossSite Scripting via admin settings in all versions up to and including 6.5.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administratorlevel permissions and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multisite installations and installations where unfilteredhtml has been disabled.

235 views00:31

🛡 Cybersecurity & Privacy 🛡 - News

‼️CVE-2023-6733‼️

The WPMembers Membership Plugin plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 3.4.8 via the wpmemfield shortcode. This makes it possible for authenticated attackers, with contributor access and above, to extract sensitive data including user emails, password hashes, usernames, and more.

212 views00:32

🛡 Cybersecurity & Privacy 🛡 - News

‼️CVE-2023-6738‼️

The Page Builder Pagelayer  Drag and Drop website builder plugin for WordPress is vulnerable to Stored CrossSite Scripting via the 'pagelayerheadercode', 'pagelayerbodyopencode', and 'pagelayerfootercode' meta fields in all versions up to, and including, 1.7.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributorlevel and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This appears to be a reintroduction of a vulnerability patched in version 1.7.7.

❤1

247 views00:32

🛡 Cybersecurity & Privacy 🛡 - News

‼️CVE-2023-29962‼️

SCMS v5.0 was discovered to contain an arbitrary file read vulnerability.

📖 Read more

Via "National Vulnerability Database"

211 views00:32

🛡 Cybersecurity & Privacy 🛡 - News

‼️CVE-2023-52322‼️

ecrirepublicassembler.php in SPIP before 4.1.3 and 4.2.x before 4.2.7 allows XSS because input from request is not restricted to safe characters such as alphanumerics.

221 views00:32

🛡 Cybersecurity & Privacy 🛡 - News

‼️CVE-2023-41784‼️

Permissions and Access Control Vulnerability in ZTE Red Magic 8 Pro

📖 Read more

Via "National Vulnerability Database"

211 views00:32

About

Blog

Apps

Platform