What's new arround internet
| Src | Date (GMT) | Titre | Description | Tags | Stories | Notes |
 |
2023-02-23 16:15:11 | CVE-2023-0988 (lien direct) | A vulnerability, which was classified as problematic, has been found in SourceCodester Online Pizza Ordering System 1.0. This issue affects some unknown processing of the file admin/ajax.php?action=save_user. The manipulation leads to cross-site request forgery. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-221681 was assigned to this vulnerability. | Guideline | ||
|
2023-02-23 16:15:11 | CVE-2023-0987 (lien direct) | A vulnerability classified as problematic was found in SourceCodester Online Pizza Ordering System 1.0. This vulnerability affects unknown code of the file index.php?page=checkout. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-221680. | Vulnerability Guideline | ||
 |
2023-02-23 15:21:49 | Nomios Group expands in Southern Europe with the Italian Cybersecurity expert Aditinet (lien direct) | Nomios Group announced that it has completed the acquisition of a majority stake in Aditinet, a prominent cybersecurity company in the Italian market. The acquisition strengthens Nomios' European position as one of the leading cybersecurity service companies. - Business News | Guideline Industrial | ★★ | |
|
2023-02-23 12:15:10 | CVE-2023-0982 (lien direct) | A vulnerability was found in SourceCodester Yoga Class Registration System 1.0. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Add Class Entry. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The identifier VDB-221677 was assigned to this vulnerability. | Vulnerability Guideline | ||
|
2023-02-23 12:15:10 | CVE-2023-0981 (lien direct) | A vulnerability was found in SourceCodester Yoga Class Registration System 1.0. It has been classified as critical. Affected is an unknown function of the component Delete User. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. The identifier of this vulnerability is VDB-221676. | Vulnerability Guideline | ||
|
2023-02-23 12:15:09 | CVE-2023-0980 (lien direct) | A vulnerability was found in SourceCodester Yoga Class Registration System 1.0 and classified as critical. This issue affects some unknown processing of the file admin/registrations/update_status.php of the component Status Update Handler. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-221675. | Vulnerability Guideline | ||
|
2023-02-23 12:09:32 | Nomios a finalisé l\'acquisition d\'une participation majoritaire dans Aditinet (lien direct) | Nomios se développe en Europe du Sud avec le leader italien de la cybersécurité Aditinet - Business | Guideline | ★ | |
|
2023-02-23 10:24:30 | SentinelOne bolsters Singularity platform with executive appointments and Jane Wong and Lana Knop (lien direct) | SentinelOne bolsters Singularity platform with executive appointments and Jane Wong and Lana Knop Enterprise cyber security experts Jane Wong and Lana Knop join to take product leadership evolution to next level - Business News | Guideline | ★ | |
|
2023-02-22 20:15:12 | CVE-2023-0966 (lien direct) | A vulnerability classified as problematic was found in SourceCodester Online Eyewear Shop 1.0. Affected by this vulnerability is an unknown functionality of the file admin/?page=orders/view_order. The manipulation of the argument id leads to cross site scripting. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221635. | Vulnerability Guideline | ||
 |
2023-02-22 19:59:11 | 1 in 4 CISOs Wants to Say Sayonara to Security (lien direct) | Thanks to burnout and stress, Gartner predicts churn and even departure from profession among half of today's security leaders by 2025. | Studies Guideline | ★★★ | |
|
2023-02-22 19:15:11 | CVE-2023-0964 (lien direct) | A vulnerability classified as critical has been found in SourceCodester Sales Tracker Management System 1.0. Affected is an unknown function of the file admin/products/view_product.php. The manipulation of the argument id leads to sql injection. It is possible to launch the attack remotely. VDB-221634 is the identifier assigned to this vulnerability. | Vulnerability Guideline | ||
|
2023-02-22 19:15:11 | CVE-2023-0963 (lien direct) | A vulnerability was found in SourceCodester Music Gallery Site 1.0. It has been rated as critical. This issue affects some unknown processing of the file Users.php of the component POST Request Handler. The manipulation leads to improper access controls. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-221633 was assigned to this vulnerability. | Vulnerability Guideline | ||
|
2023-02-22 19:15:11 | CVE-2023-25813 (lien direct) | Sequelize is a Node.js ORM tool. In versions prior to 6.19.1 a SQL injection exploit exists related to replacements. Parameters which are passed through replacements are not properly escaped which can lead to arbitrary SQL injection depending on the specific queries in use. The issue has been fixed in Sequelize 6.19.1. Users are advised to upgrade. Users unable to upgrade should not use the `replacements` and the `where` option in the same query. | Guideline | ||
|
2023-02-22 19:15:11 | CVE-2023-0962 (lien direct) | A vulnerability was found in SourceCodester Music Gallery Site 1.0. It has been declared as critical. This vulnerability affects unknown code of the file Master.php of the component GET Request Handler. The manipulation of the argument id leads to sql injection. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-221632. | Vulnerability Guideline | ||
|
2023-02-22 19:15:11 | CVE-2023-0961 (lien direct) | A vulnerability was found in SourceCodester Music Gallery Site 1.0. It has been classified as critical. This affects an unknown part of the file view_music_details.php of the component GET Request Handler. The manipulation of the argument id leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221631. | Vulnerability Guideline | ||
 |
2023-02-22 19:12:00 | Anomali Cyber Watch: Earth Kitsune Uses Chrome Native Messaging for Persistence, WIP26 Targets Middle East Telco from Abused Clouds, Azerbaijan-Sponsored Group Geofenced Its Payloads to Armenian IPs (lien direct) | The various threat intelligence stories in this iteration of the Anomali Cyber Watch discuss the following topics: Abused cloud instances, APT, Armenia, Azerbaijan, Cyberespionage, Phishing, Social engineering, and Watering hole attacks. The IOCs related to these stories are attached to Anomali Cyber Watch and can be used to check your logs for potential malicious activity.
Figure 1 - IOC Summary Charts. These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.
Trending Cyber News and Threat Intelligence
Coinbase Cyberattack Targeted Employees with Fake SMS Alert
(published: February 20, 2023)
On February 5th, 2023, several employees at the Coinbase cryptocurrency exchange platform received a fake SMS alert on their mobile phones. The message indicated that they need to urgently log in via the link provided to receive an important message. One employee got phished by the attackers, but they failed to login due to the MFA restrictions. The attackers, likely associated with the previously-documented 0ktapus phishing campaign, proceeded to call the employee and phish him for more information by pretending to be from the corporate IT. Coinbase was able to detect the unusual activity and stop the breach, although the attackers have obtained some contact information belonging to multiple Coinbase employees in addition to the login credentials of the phished user.
Analyst Comment: Network defenders are advised to monitor for access attempts from a third-party VPN provider, such as Mullvad VPN. Monitor for download of remote desktop viewers such as AnyDesk or ISL Online. Set up monitoring for Incoming phone calls / text messages from Bandwidth dot com, Google Voice, Skype, and Vonage/Nexmo. Anomali Premium Domain Monitoring service notifies customers regarding registration of potential phishing domains. And as always with these types of social engineering attacks employee awareness is key - not just of the threat but how to independently verify the legitimacy of any contact and what to do with anything suspicious.
MITRE ATT&CK: [MITRE ATT&CK] T1566.002 - Phishing: Spearphishing Link | [MITRE ATT&CK] T1204 - User Execution | [MITRE ATT&CK] T1219 - Remote Access Software
Tags: campaign:0ktapus, Coinbase, Social engineering, SMS, Typosquatting, AnyDesk, ISL Online, Mullvad VPN, Google Voice, Skype, Vonage/Nexmo, Bandwidth, Browser extension, EditThisCookie
Earth Kitsune Delivers New WhiskerSpy Backdoor via Watering Hole Attack
(published: February 17, 2023)
Since the end of 2022, a new campaign by the state-sponsored Earth Kitsune group targets visitors of pro-North Korea websites. A malicious JavaScript embedded into their video pages prompts a viewer to download a codec installer. Only visitors from particular subnets located in Nagoya, Japan and Shenyang, China, and users of a VPN provider in Brazil are receiving the malicious payload. The legitimate codec installer was patched to increase the PE image size and add an additional section. The attackers employ elliptic cryptography to protect encryption keys and use rare hashing algorithms: 32-bit Fowler-Noll-Vo hash (FNV-1) to compute machine IDs and a 32-bit Murmur3 hash of the 16-byte AES key to compute the |
Malware Tool Threat Guideline | ★★ | |
|
2023-02-22 18:15:10 | CVE-2022-43578 (lien direct) | IBM Sterling B2B Integrator Standard Edition 6.0.0.0 through 6.0.3.7 and 6.1.0.0 through 6.1.2.0 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 238683. | Vulnerability Guideline | ||
|
2023-02-22 18:15:10 | CVE-2023-0960 (lien direct) | A vulnerability was found in SeaCMS 11.6 and classified as problematic. Affected by this issue is some unknown functionality of the file /data/config.ftp.php of the component Picture Management. The manipulation leads to deserialization. The attack may be launched remotely. The exploit has been disclosed to the public and may be used. VDB-221630 is the identifier assigned to this vulnerability. | Vulnerability Guideline | ||
|
2023-02-22 14:14:38 | Bugcrowd Expands Advisory Board with the Appointment of Prabhath Karanth (lien direct) | Bugcrowd Expands Advisory Board with the Appointment of Prabhath Karanth Longtime Silicon Valley Executive and Investor to Advise Crowdsourced Cybersecurity Leader on Growth Strategy Initiatives - Business News | Guideline | ★ | |
 |
2023-02-22 12:01:42 | Vulnerability Reward Program: 2022 Year in Review (lien direct) | Posted by Sarah Jacobus, Vulnerability Rewards Team It has been another incredible year for the Vulnerability Reward Programs (VRPs) at Google! Working with security researchers throughout 2022, we have been able to identify and fix over 2,900 security issues and continue to make our products more secure for our users around the world. We are thrilled to see significant year over year growth for our VRPs, and have had yet another record breaking year for our programs! In 2022 we awarded over $12 million in bounty rewards – with researchers donating over $230,000 to a charity of their choice. As in past years, we are sharing our 2022 Year in Review statistics across all of our programs. We would like to give a special thank you to all of our dedicated researchers for their continued work with our programs - we look forward to more collaboration in the future!   AndroidThe Android VRP had an incredible record breaking year in 2022 with $4.8 million in rewards and the highest paid report in Google VRP history of $605,000! In our continued effort to ensure the security of Google device users, we have expanded the scope of Android and Google Devices in our program and are now incentivizing vulnerability research in the latest versions of Google Nest and Fitbit! For more information on the latest program version and qualifying vulnerability reports, please visit our public rules page. We are also excited to share that the invite-only Android Chipset Security Reward Program (ACSRP) - a private vulnerability reward program offered by Google in collaboration with manufacturers of Android chipsets - rewarded $486,000 in 2022 and received over 700 valid security reports. We would like to give a special shoutout to some of our top researchers, whose continued hard work helps to keep Android safe and secure: Submitting an impressive 200+ vulnerabilities to the Android VRP this year, Aman Pandey of Bugsmirror remains one of our program's top researchers. Since submitting their first report in 2019, Aman has reported more than 500 vulnerabilities to the program. Their hard work helps ensure the safety of our users; a huge thank you for all of their hard work! Zinuo Han of OPPO Amber Security Lab |
Vulnerability Guideline | ★★ | |
 |
2023-02-22 11:40:07 | Digital Transformation EXPO Manchester (DTX) (lien direct) | Digital Transformation EXPO Manchester (DTX) is the North’s biggest enterprise IT and technology event, covering the latest in cloud, infrastructure, data, DevOps and cyber security. This will be co-located with Unified Communications EXPO (UCX), the leading event on modern workplace tools and strategy. On the 17th-18th May 2023, industry tech leaders from Groupon, AJ Bell, […] | Guideline | ★★ | |
|
2023-02-22 11:07:48 | Scottish cyber start-up HighGround.io launches to help IT teams to measure, manage & communicate on cybersecurity (lien direct) | A new Scottish cyber start-up call HighGround.io has launched today bringing to the security world a new user-centric cyber platform to help organisations better understand their cyber risk profile, meet compliance requirements, build out Incident Response plans and produce reports which focus on the metrics that matter to business leaders. The platform is backed and […] | Guideline | ★★★ | |
|
2023-02-22 00:15:11 | CVE-2021-4325 (lien direct) | A vulnerability, which was classified as problematic, has been found in NHN TOAST UI Chart 4.1.4. This issue affects some unknown processing of the component Legend Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. Upgrading to version 4.2.0 is able to address this issue. The name of the patch is 1a3f455d17df379e11b501bb5ba1dd1bcc41d63e. It is recommended to upgrade the affected component. The identifier VDB-221501 was assigned to this vulnerability. | Guideline | ||
|
2023-02-22 00:15:11 | CVE-2022-38779 (lien direct) | An open redirect issue was discovered in Kibana that could lead to a user being redirected to an arbitrary website if they use a maliciously crafted Kibana URL. | Guideline | ||
|
2023-02-22 00:15:11 | CVE-2023-20855 (lien direct) | VMware vRealize Orchestrator contains an XML External Entity (XXE) vulnerability. A malicious actor, with non-administrative access to vRealize Orchestrator, may be able to use specially crafted input to bypass XML parsing restrictions leading to access to sensitive information or possible escalation of privileges. | Guideline | ||
|
2023-02-21 21:15:11 | CVE-2023-0946 (lien direct) | A vulnerability has been found in SourceCodester Best POS Management System 1.0 and classified as critical. Affected by this vulnerability is an unknown functionality of the file billing/index.php?id=9. The manipulation of the argument id leads to sql injection. The attack can be launched remotely. The identifier VDB-221593 was assigned to this vulnerability. | Vulnerability Guideline | ||
|
2023-02-21 21:15:10 | CVE-2023-0945 (lien direct) | A vulnerability, which was classified as problematic, was found in SourceCodester Best POS Management System 1.0. Affected is an unknown function of the file index.php?page=add-category. The manipulation of the argument Name with the input "> |
Vulnerability Guideline | ||
|
2023-02-21 21:15:10 | CVE-2017-20179 (lien direct) | A vulnerability was found in InSTEDD Pollit 2.3.1. It has been rated as critical. This issue affects the function TourController of the file app/controllers/tour_controller.rb. The manipulation leads to an unknown weakness. The attack may be initiated remotely. Upgrading to version 2.3.2 is able to address this issue. The name of the patch is 6ef04f8b5972d5f16f8b86f8b53f62fac68d5498. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-221507. | Vulnerability Guideline | ||
|
2023-02-21 20:15:12 | CVE-2023-0943 (lien direct) | A vulnerability, which was classified as problematic, has been found in SourceCodester Best POS Management System 1.0. This issue affects some unknown processing of the file index.php?page=site_settings of the component Image Handler. The manipulation leads to unrestricted upload. The attack may be initiated remotely. The associated identifier of this vulnerability is VDB-221591. | Vulnerability Guideline | ||
|
2023-02-21 18:15:11 | CVE-2015-10085 (lien direct) | A vulnerability was found in GoPistolet. It has been declared as problematic. This vulnerability affects unknown code of the component MTA. The manipulation leads to denial of service. Continious delivery with rolling releases is used by this product. Therefore, no version details of affected nor updated releases are available. The name of the patch is b91aa4674d460993765884e8463c70e6d886bc90. It is recommended to apply a patch to fix this issue. VDB-221506 is the identifier assigned to this vulnerability. | Vulnerability Guideline | ||
|
2023-02-21 18:15:11 | CVE-2017-20178 (lien direct) | ** UNSUPPPORTED WHEN ASSIGNED **** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Codiad 2.8.0. It has been rated as problematic. Affected by this issue is the function saveJSON of the file components/install/process.php. The manipulation of the argument data leads to information disclosure. The attack may be launched remotely. Upgrading to version 2.8.1 is able to address this issue. The name of the patch is 517119de673e62547ee472a730be0604f44342b5. It is recommended to upgrade the affected component. VDB-221498 is the identifier assigned to this vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | Vulnerability Guideline | ||
|
2023-02-21 15:15:11 | CVE-2021-32858 (lien direct) | esdoc-publish-html-plugin is a plugin for the document maintenance software ESDoc. TheHTML sanitizer in esdoc-publish-html-plugin 1.1.2 and prior can be bypassed which may lead to cross-site scripting (XSS) issues. There are no known patches for this issue. | Guideline | ||
|
2023-02-21 15:15:11 | CVE-2021-32859 (lien direct) | The Baremetrics date range picker is a solution for selecting both date ranges and single dates from a single calender view. Versions 1.0.14 and prior are prone to cross-site scripting (XSS) when handling untrusted `placeholder` entries. An attacker who is able to influence the field `placeholder` when creating a `Calendar` instance is able to supply arbitrary `html` or `javascript` that will be rendered in the context of a user leading to XSS. There are no known patches for this issue. | Guideline | ||
|
2023-02-21 15:15:11 | CVE-2021-32857 (lien direct) | Cockpit is a content management system that allows addition of content management functionality to any site. In versions 0.12.2 and prior, bad HTML sanitization in `htmleditor.js` may lead to cross-site scripting (XSS) issues. There are no known patches for this issue. | Guideline | ||
|
2023-02-21 15:15:11 | CVE-2021-32860 (lien direct) | iziModal is a modal plugin with jQuery. Versions prior to 1.6.1 are vulnerable to cross-site scripting (XSS) when handling untrusted modal titles. An attacker who is able to influence the field `title` when creating a `iziModal` instance is able to supply arbitrary `html` or `javascript` code that will be rendered in the context of a user, potentially leading to `XSS`. Version 1.6.1 contains a patch for this issue | Guideline | ||
|
2023-02-21 15:15:10 | CVE-2015-10083 (lien direct) | A vulnerability has been found in harrystech Dynosaur-Rails and classified as critical. Affected by this vulnerability is the function basic_auth of the file app/controllers/application_controller.rb. The manipulation leads to improper authentication. This product does not use versioning. This is why information about affected and unaffected releases are unavailable. The name of the patch is 04b223813f0e336aab50bff140d0f5889c31dbec. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-221503. | Vulnerability Guideline | ||
|
2023-02-21 15:15:10 | CVE-2015-10084 (lien direct) | A vulnerability was found in irontec klear-library chloe and classified as critical. Affected by this issue is the function _prepareWhere of the file Controller/Rest/BaseController.php. The manipulation leads to sql injection. Upgrading to version marla is able to address this issue. The name of the patch is b25262de52fdaffde2a4434fc2a84408b304fbc5. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-221504. | Vulnerability Guideline | ||
|
2023-02-21 14:15:13 | CVE-2023-25928 (lien direct) | IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 247646. | Vulnerability Guideline | ||
 |
2023-02-21 14:00:00 | CyberheistNews Vol 13 #08 [Heads Up] Reddit Is the Latest Victim of a Spear Phishing Attack Resulting in a Data Breach (lien direct) |
CyberheistNews Vol 13 #08 | February 21st, 2023
[Heads Up] Reddit Is the Latest Victim of a Spear Phishing Attack Resulting in a Data Breach
There is a lot to learn from Reddit's recent data breach, which was the result of an employee falling for a "sophisticated and highly-targeted" spear phishing attack.
I spend a lot of time talking about phishing attacks and the specifics that closely surround that pivotal action taken by the user once they are duped into believing the phishing email was legitimate.
However, there are additional details about the attack we can analyze to see what kind of access the attacker was able to garner from this attack. But first, here are the basics:
According to Reddit, an attacker set up a website that impersonated the company's intranet gateway, then sent targeted phishing emails to Reddit employees. The site was designed to steal credentials and two-factor authentication tokens.
There are only a few details from the breach, but the notification does mention that the threat actor was able to access "some internal docs, code, as well as some internal dashboards and business systems."
Since the notice does imply that only a single employee fell victim, we have to make a few assumptions about this attack:
The attacker had some knowledge of Reddit's internal workings – The fact that the attacker can spoof an intranet gateway shows they had some familiarity with the gateway's look and feel, and its use by Reddit employees.
The targeting of victims was limited to users with specific desired access – Given the knowledge about the intranet, it's reasonable to believe that the attacker(s) targeted users with specific roles within Reddit. From the use of the term "code," I'm going to assume the target was developers or someone on the product side of Reddit.
The attacker may have been an initial access broker – Despite the access gained that Reddit is making out to be not a big deal, they do also mention that no production systems were accessed. This makes me believe that this attack may have been focused on gaining a foothold within Reddit versus penetrating more sensitive systems and data.
There are also a few takeaways from this attack that you can learn from:
2FA is an important security measure – Despite the fact that the threat actor collected and (I'm guessing) passed the credentials and 2FA details onto the legitimate Intranet gateway-a classic man-in-the |
Data Breach Hack Threat Guideline | ChatGPT | ★★ |
|
2023-02-21 10:15:11 | CVE-2023-0938 (lien direct) | A vulnerability classified as critical has been found in SourceCodester Music Gallery Site 1.0. This affects an unknown part of the file music_list.php of the component GET Request Handler. The manipulation of the argument cid leads to sql injection. It is possible to initiate the attack remotely. The exploit has been disclosed to the public and may be used. The identifier VDB-221553 was assigned to this vulnerability. | Vulnerability Guideline | ||
|
2023-02-21 10:15:11 | CVE-2023-0935 (lien direct) | A vulnerability was found in DolphinPHP up to 1.5.1. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the file common.php of the component Incomplete Fix CVE-2021-46097. The manipulation of the argument id leads to os command injection. The attack can be launched remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-221551. | Vulnerability Guideline | ||
|
2023-02-21 10:15:11 | CVE-2023-0936 (lien direct) | A vulnerability was found in TP-Link Archer C50 V2_160801. It has been rated as problematic. Affected by this issue is some unknown functionality of the component Web Management Interface. The manipulation leads to denial of service. The attack can only be initiated within the local network. The exploit has been disclosed to the public and may be used. The identifier of this vulnerability is VDB-221552. | Vulnerability Guideline | ||
|
2023-02-21 09:15:12 | CVE-2023-0428 (lien direct) | The Watu Quiz WordPress plugin before 3.3.8.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin. | Guideline | ||
|
2023-02-21 09:15:12 | CVE-2023-0232 (lien direct) | The ShopLentor WordPress plugin before 2.5.4 unserializes user input from cookies in order to track viewed products and user data, which could lead to PHP Object Injection. | Guideline | ||
|
2023-02-21 09:15:11 | CVE-2022-4897 (lien direct) | The BackupBuddy WordPress plugin before 8.8.3 does not sanitise and escape some parameters before outputting them back in various places, leading to Reflected Cross-Site Scripting | Guideline | ||
|
2023-02-21 07:15:10 | CVE-2015-10082 (lien direct) | A vulnerability classified as problematic has been found in UIKit0 libplist 1.12. This affects the function plist_from_xml of the file src/xplist.c of the component XML Handler. The manipulation leads to xml external entity reference. The name of the patch is c086cb139af7c82845f6d565e636073ff4b37440. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-221499. | Vulnerability Guideline | ||
|
2023-02-21 03:15:10 | CVE-2014-125089 (lien direct) | A vulnerability was found in cention-chatserver 3.8.0-rc1. It has been declared as problematic. Affected by this vulnerability is the function _formatBody of the file lib/InternalChatProtocol.fe. The manipulation of the argument body leads to cross site scripting. The attack can be launched remotely. Upgrading to version 3.9 is able to address this issue. The name of the patch is c4c0258bbd18f6915f97f91d5fee625384096a26. It is recommended to upgrade the affected component. The identifier VDB-221497 was assigned to this vulnerability. | Vulnerability Guideline | ||
|
2023-02-21 02:15:10 | CVE-2023-26249 (lien direct) | Knot Resolver before 5.6.0 enables attackers to consume its resources, launching amplification attacks and potentially causing a denial of service. Specifically, a single client query may lead to a hundred TCP connection attempts if a DNS server closes connections without providing a response. | Guideline | ||
|
2023-02-20 18:15:10 | CVE-2019-25104 (lien direct) | A vulnerability has been found in rtcwcoop 1.0.2 and classified as problematic. Affected by this vulnerability is the function AICast_ScriptLoad of the file code/game/ai_cast_script.c of the component Team Command Handler. The manipulation leads to denial of service. The name of the patch is f2cd18bc2e1cbca8c4b78bee9c392272bd5f42ac. It is recommended to apply a patch to fix this issue. The identifier VDB-221485 was assigned to this vulnerability. | Vulnerability Guideline | ||
|
2023-02-20 17:15:12 | CVE-2022-48318 (lien direct) | No authorisation controls in the RestAPI documentation for Tribe29's Checkmk | Guideline |
To see everything:
Our RSS (filtrered)
