CISA: Drupal Releases Security Advisory to Address Vulnerability in Drupal Core
Drupal Releases Security Advisory to Address Vulnerability in Drupal Core Drupal has released a security advisory to address a vulnerability...
CISA: Atlassian Releases September Security Bulletin
Atlassian Releases September Security Bulletin Atlassian has released its security bulletin for September 2023 to address vulnerabilities in multiple products....
CISA: CISA Releases Six Industrial Control Systems Advisories
CISA Releases Six Industrial Control Systems Advisories CISA released six Industrial Control Systems (ICS) advisories on September 21, 2023. These...
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
US-CERT Vulnerability Summary for the Week of September 11, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infowibu -- codemeter_runtime A heap buffer overflow vulnerability in Wibu CodeMeter Runtime...
EDRaser – Tool For Remotely Deleting Access Logs, Windows Event Logs, Databases, And Other Files
EDRaser is a powerful tool for remotely deleting access logs, Windows event logs, databases, and other files on remote machines....
Ivanti Endpoint Manager information disclosure | CVE-2023-38343
NAME__________Ivanti Endpoint Manager information disclosurePlatforms Affected:Ivanti Endpoint Manager 2022Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Ivanti Endpoint Manager could allow a remote attacker to...
Ivanti Endpoint Manager file disclosure | CVE-2023-38344
NAME__________Ivanti Endpoint Manager file disclosurePlatforms Affected:Ivanti Endpoint Manager 2022Risk Level:4.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Ivanti Endpoint Manager could allow a remote authenticated attacker...
Contribsys faktory denial of service | CVE-2023-37279
NAME__________Contribsys faktory denial of servicePlatforms Affected:contribsys faktory 1.7.0Risk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Contribsys faktory is vulnerable to a denial of service,...
Mobile Security Framework information disclosure | CVE-2023-42261
NAME__________Mobile Security Framework information disclosurePlatforms Affected:MobSF MobSF 3.7.8Risk Level:5.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Mobile Security Framework could allow a remote attacker to obtain...
Samsung Mobile Processor Exynos 2200 denial of service | CVE-2023-42482
NAME__________Samsung Mobile Processor Exynos 2200 denial of servicePlatforms Affected:Samsung Mobile Processor Exynos 2200Risk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Samsung Mobile Processor Exynos...
Prossimo sudo-rs directory traversal | CVE-2023-42456
NAME__________Prossimo sudo-rs directory traversalPlatforms Affected:Prossimo sudo-rs 0.2.0Risk Level:4.9Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Prossimo sudo-rs could allow a local authenticated attacker to traverse...
Input Output Hydra security bypass | CVE-2023-42806
NAME__________Input Output Hydra security bypassPlatforms Affected:Input Output Hydra 0.12.0Risk Level:6.5Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Input Output Hydra could allow a remote authenticated attacker...
Plone plone.rest denial of service | CVE-2023-42457
NAME__________Plone plone.rest denial of servicePlatforms Affected:Plone plone.rest 2.0.0 Plone plone.rest 3.0.0Risk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Plone plone.rest is vulnerable to a...
CoreCode MacUpdater privilege escalation | CVE-2023-41902
NAME__________CoreCode MacUpdater privilege escalationPlatforms Affected:CoreCode MacUpdater 2.3.7 CoreCode MacUpdater 3.1.1Risk Level:7.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________CoreCode MacUpdater could allow a local authenticated attacker...
DataEase information disclosure | CVE-2023-40183
NAME__________DataEase information disclosurePlatforms Affected:DataEase DataEase 1.18.10Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________DataEase could allow a remote attacker to obtain sensitive information, caused by...
quinn-rs quinn-proto denial of service | CVE-2023-42805
NAME__________quinn-rs quinn-proto denial of servicePlatforms Affected:quinn-rs quinn-proto 0.9.4 quinn-rs quinn-proto 0.10.4Risk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________quinn-rs quinn-proto is vulnerable to a...
Zopefoundation Zope cross-site scripting | CVE-2023-42458
NAME__________Zopefoundation Zope cross-site scriptingPlatforms Affected:Zope Zope 4.8.9 Zope Zope 5.8.4Risk Level:3.7Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Zopefoundation Zope is vulnerable to cross-site scripting, caused...
Unveiling the Power and Beast Practices of Data Encryption – Your Weekly Cybersecurity Tip
Data is the lifeblood of operations in today's digital age. It helps improve operations and make informed decisions. However, with...
New stealthy and modular Deadglyph malware used in govt attacks
A novel and sophisticated backdoor malware named 'Deadglyph' was seen used in a cyberespionage attack against a government agency in...
Air Canada discloses data breach of employee and ‘certain records’
Image Credit: John McArthur (Unsplash) Air Canada, the flag carrier and the largest airline of Canada, disclosed a cyber security incident...
National Student Clearinghouse data breach impacts 890 schools
U.S. educational nonprofit National Student Clearinghouse has disclosed a data breach affecting 890 schools using its services across the United...
Evasive Gelsemium hackers spotted in attack against Asian govt
A stealthy advanced persistent threat (APT) tracked as Gelsemium was observed in attacks targeting a Southeast Asian government that spanned...
CISA: FBI and CISA Release Advisory on Snatch Ransomware
FBI and CISA Release Advisory on Snatch Ransomware Today, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure...
