Multiple Matter products denial of service | CVE-2023-42189
NAME__________Multiple Matter products denial of servicePlatforms Affected:Connectivity Standards Alliance Matter Official SDK 1.1.0.0 Nanoleaf Light strip 3.5.10 Govee LED Strip...
vantage6 information disclosure | CVE-2023-41881
NAME__________vantage6 information disclosurePlatforms Affected:vantage6 vantage6 3.11.1Risk Level:3.7Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________vantage6 could allow a local authenticated attacker to obtain sensitive information, caused...
IBM Security Verify Access information disclosure | CVE-2022-43739
NAME__________IBM Security Verify Access information disclosurePlatforms Affected:IBM Security Verify Access OIDC ProviderRisk Level:4.1Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________IBM Security Verify Access OIDC could...
Tencent Enterprise Wechat Privatization information disclosure | CVE-2023-40829
NAME__________Tencent Enterprise Wechat Privatization information disclosurePlatforms Affected:Tencent Enterprise Wechat Privatization 2.5 Tencent Enterprise Wechat Privatization 2.6.930000Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Tencent Enterprise...
IBM QRadar SIEM cross-site scripting | CVE-2023-40367
NAME__________IBM QRadar SIEM cross-site scriptingPlatforms Affected:IBM QRadar SIEM 7.5.0Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________IBM QRadar SIEM 7.5.0 is vulnerable to cross-site scripting....
IBM Security Verify Access denial of service | CVE-2022-43740
NAME__________IBM Security Verify Access denial of servicePlatforms Affected:IBM Security Verify Access OIDC ProviderRisk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________IBM Security Verify Access...
IBM Security Verify Access information disclosure | CVE-2022-43868
NAME__________IBM Security Verify Access information disclosurePlatforms Affected:IBM Security Verify Access OIDC ProviderRisk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________IBM Security Verify Access OIDC Provider...
Fortinet FortiSandbox cross-site scripting | CVE-2023-41836
NAME__________Fortinet FortiSandbox cross-site scriptingPlatforms Affected:Fortinet FortiSandbox 4.0.0 Fortinet FortiSandbox 3.1.0 Fortinet FortiSandbox 3.2.0 Fortinet FortiSandbox 4.2.0 Fortinet FortiSandbox 3.0.7 Fortinet...
vantage6 unspecified | CVE-2023-41882
NAME__________vantage6 unspecifiedPlatforms Affected:vantage6 vantage6 3.11.1Risk Level:6.4Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________An unspecified error not checking task permission in vantage6 has an unknown impact...
Lenovo Desktop, Smart Edge and ThinkStation products privilege escalation | CVE-2023-45076
NAME__________Lenovo Desktop, Smart Edge and ThinkStation products privilege escalationPlatforms Affected:Lenovo ThinkStation Lenovo Desktop Lenovo Smart EdgeRisk Level:7.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Lenovo Desktop,...
IBM App Connect Enterprise and IBM Integration Bus denial of service | CVE-2023-45176
NAME__________IBM App Connect Enterprise and IBM Integration Bus denial of servicePlatforms Affected:IBM App Connect Enterprise 11.0.0.1 IBM App Connect Enterprise...
AI algorithm detects MitM attacks on unmanned military vehicles
Professors at the University of South Australia and Charles Sturt University have developed an algorithm to detect and intercept man-in-the-middle...
Ubuntu discovers ‘hate speech’ in release 23.10 — how to upgrade?
Ubuntu, the most popular Linux distribution, has pulled its Desktop release 23.10 after its Ukrainian translations were discovered to contain...
DarkGate malware spreads through compromised Skype accounts
Between July and September, DarkGate malware attacks have used compromised Skype accounts to infect targets through messages containing VBA loader...
US-CERT Vulnerability Summary for the Week of October 2, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoacronis -- agentLocal privilege escalation due to improper soft link handling. The...
HackerOne Bug Bounty Disclosure: b-client-side-string-length-check-b-tomh
Company Name: b'Khan Academy' Company HackerOne URL: https://hackerone.com/khanacademy Submitted By:b'tomh'Link to Submitters Profile:https://hackerone.com/b'tomh' Report Title:b'Client Side string length check'Report Link:https://hackerone.com/reports/1244798Date...
Sante DICOM Viewer Pro code execution | CVE-2023-39431
NAME__________Sante DICOM Viewer Pro code executionPlatforms Affected:Santesoft Sante DICOM Viewer 12.2.5Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Sante DICOM Viewer Pro could allow a...
Lenovo Desktop, Smart Edge and ThinkStation products privilege escalation | CVE-2023-45075
NAME__________Lenovo Desktop, Smart Edge and ThinkStation products privilege escalationPlatforms Affected:Lenovo ThinkStation Lenovo Desktop Lenovo Smart EdgeRisk Level:7.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Lenovo Desktop,...
Koha Library Software information disclosure | CVE-2023-44962
NAME__________Koha Library Software information disclosurePlatforms Affected:Koha Koha Library Software 23.05.04Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Koha Library Software could allow a remote attacker...
Siemens SICAM PAS/PQS privilege escalation | CVE-2023-45205
NAME__________Siemens SICAM PAS/PQS privilege escalationPlatforms Affected:Siemens SICAM PAS 8.00 Siemens SICAM PAS 8.21 Siemens SICAM PQS 8.00 Siemens SICAM PQS...
Microsoft Windows TCP/IP denial of service | CVE-2023-36603
NAME__________Microsoft Windows TCP/IP denial of servicePlatforms Affected:Microsoft Windows Server 2019 Microsoft Windows 10 1809 for x64-based Systems Microsoft Windows 10...
SAP S/4HANA Core information disclosure | CVE-2023-42475
NAME__________SAP S/4HANA Core information disclosurePlatforms Affected:SAP S/4Hana Core S4CORE 102 SAP S/4Hana Core S4CORE 103 SAP S/4Hana Core S4CORE 104...
Lenovo Desktop, Smart Edge and ThinkStation products privilege escalation | CVE-2023-45076
NAME__________Lenovo Desktop, Smart Edge and ThinkStation products privilege escalationPlatforms Affected:Lenovo ThinkStation Lenovo Desktop Lenovo Smart EdgeRisk Level:7.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Lenovo Desktop,...
