Webinar: Identity Threat Detection & Response (ITDR) – Rips in Your Identity Fabric
In today's digital age, SaaS applications have become the backbone of modern businesses. They streamline operations, enhance productivity, and foster...
Microsoft Warns of New Phishing Campaign Targeting Corporations via Teams Messages
Microsoft is warning of a new phishing campaign undertaken by an initial access broker that involves using Teams messages as...
Apple macOS Monterey information disclosure | CVE-2023-40440
NAME__________Apple macOS Monterey information disclosurePlatforms Affected:Apple macOS Monterey 12.6.7Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Apple macOS Monterey could allow a remote attacker to...
Simple Download Counter plugin for WordPress cross-site scripting | CVE-2023-4838
NAME__________Simple Download Counter plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Simple Download Counter Plugin for WordPress 1.6Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Simple Download...
Cockpit CMS file upload | CVE-2023-41564
NAME__________Cockpit CMS file uploadPlatforms Affected:Cockpit-HQ Cockpit 2.6.3Risk Level:5.3Exploitability:UnprovenConsequences:File Manipulation DESCRIPTION__________Cockpit CMS could allow a remote attacker to upload arbitrary files,...
Argo CD denial of service | CVE-2023-40584
NAME__________Argo CD denial of servicePlatforms Affected:Argo Project Argo CD 2.6.13 Argo Project Argo CD 2.7.11 Argo Project Argo CD 2.8.0...
Apple iOS and iPadOS code execution | CVE-2023-41990
NAME__________Apple iOS and iPadOS code executionPlatforms Affected:Apple iOS 16.2 Apple iPadOS 16.2Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Apple iOS and iPadOS could allow...
Samsung Exynos Mobile Processor and Wearable Processor denial of service | CVE-2023-37377
NAME__________Samsung Exynos Mobile Processor and Wearable Processor denial of servicePlatforms Affected:Samsung Exynos Mobile Processor Samsung Exynos Wearable ProcessorRisk Level:2Exploitability:UnprovenConsequences:Denial of...
Apple macOS Big Sur information disclosure | CVE-2023-40442
NAME__________Apple macOS Big Sur information disclosurePlatforms Affected:Apple macOS Big Sur 11.7.8Risk Level:3.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Apple macOS Big Sur could allow a...
Microsoft Visual Studio privilege escalation | CVE-2023-36759
NAME__________Microsoft Visual Studio privilege escalationPlatforms Affected:Microsoft Visual Studio 2019 16.11 Microsoft Visual Studio 2022 17.2 Microsoft Visual Studio 2022 17.4...
Samsung Exynos Mobile Processor, Automotive Processor, and Modem denial of service | CVE-2023-37368
NAME__________Samsung Exynos Mobile Processor, Automotive Processor, and Modem denial of servicePlatforms Affected:Samsung Exynos Mobile Processor Samsung Automotive Processor Samsung ModemRisk...
Adobe Experience Manager cross-site scripting | CVE-2023-38215
NAME__________Adobe Experience Manager cross-site scriptingPlatforms Affected:Adobe Experience Manager Cloud Service (CS) Adobe Experience Manager 6.5.18.0Risk Level:5.4Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Adobe Experience Manager...
NVIDIA BlueField Data Processing Unit privilege escalation | CVE-2023-25519
NAME__________NVIDIA BlueField Data Processing Unit privilege escalationPlatforms Affected:NVIDIA BlueField Data Processing UnitRisk Level:7.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________NVIDIA BlueField Data Processing Unit could...
SAP BusinessObjects Business Intelligence Platform information disclosure | CVE-2023-37489
NAME__________SAP BusinessObjects Business Intelligence Platform information disclosurePlatforms Affected:SAP BusinessObjects Business Intelligence Platform 430Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________SAP BusinessObjects Business Intelligence Platform...
SAP NetWeaver information disclosure | CVE-2023-41367
NAME__________SAP NetWeaver information disclosurePlatforms Affected:SAP NetWeaver 7.50Risk Level:5.8Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________SAP NetWeaver could allow a remote attacker to obtain sensitive information,...
Blood Bank & Donor Management cross-site scripting | CVE-2023-41575
NAME__________Blood Bank & Donor Management cross-site scriptingPlatforms Affected:PHPGurukul Blood Bank & Donor Management 2.2Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Blood Bank & Donor...
Crow response splitting | CVE-2023-26142
NAME__________Crow response splittingPlatforms Affected:Crow Crow 1.0+5Risk Level:6.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Crow is vulnerable to HTTP response splitting attacks, caused by a CRLF...
Siemens QMS Automotive security bypass | CVE-2023-40728
NAME__________Siemens QMS Automotive security bypassPlatforms Affected:Siemens QMS AutomotiveRisk Level:7.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Siemens QMS Automotive could allow a local attacker to bypass...
Microsoft Windows Kernel privilege escalation | CVE-2023-38139
NAME__________Microsoft Windows Kernel privilege escalationPlatforms Affected:Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows 10 x32 Microsoft Windows...
Microsoft Defender Attack Surface Reduction security bypass | CVE-2023-38163
NAME__________Microsoft Defender Attack Surface Reduction security bypassPlatforms Affected:Microsoft Malware Protection EngineRisk Level:7.8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Microsoft Defender could allow a local authenticated...
Microsoft Windows GDI privilege escalation | CVE-2023-36804
NAME__________Microsoft Windows GDI privilege escalationPlatforms Affected:Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows 10 x32 Microsoft Windows...
Google Chrome security bypass | CVE-2023-4904
NAME__________Google Chrome security bypassPlatforms Affected:Google Chrome 117.0Risk Level:6.5Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Google Chrome could allow a remote attacker to bypass security restrictions,...
Microsoft Windows Kernel information disclosure | CVE-2023-38140
NAME__________Microsoft Windows Kernel information disclosurePlatforms Affected:Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows 10 1809 for x64-based Systems...
Microsoft Windows GDI privilege escalation | CVE-2023-38161
NAME__________Microsoft Windows GDI privilege escalationPlatforms Affected:Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows 10 x32 Microsoft Windows...
