89 matches found
GHSA-32RX-XVVR-4XV9 easyadmin-extension-bundle action case insensitivity
In alterphp/easyadmin-extension-bundle, role based access rules do not handle action name case sensitivity which may lead to unauthorized access...
ALPHV is singling out healthcare sector, say FBI and CISA
In an updated StopRansomware security advisory, the Cybersecurity and Infrastructure Security Agency CISA, the Federal Bureau of Investigation FBI, and the Department of Health and Human Services HHS has warned the healthcare industry about the danger of the ALPHV ransomware group, also known as...
CVE-2023-42765
An attacker with access to the vulnerable software could introduce arbitrary JavaScript by injecting a cross-site scripting payload into the "username" parameter in the SNMP configuration...
CVE-2023-31069
An issue was discovered in TSplus Remote Access through 16.0.2.14. Credentials are stored as cleartext within the HTML source code of the login page...
PT-2023-25323 · Safe · Fme Server +1
Name of the Vulnerable Software and Affected Versions: Safe Software FME Server versions prior to 2022.2.5 FME Flow versions prior to 2023.0 Description: A directory traversal issue allows an attacker to bypass validation when editing a network-based resource connection, resulting in unauthorized...
CISA and Partners Release Joint Guide to Securing Remote Access Software
Today, CISA, Federal Bureau of Investigation FBI, the National Security Agency NSA, Multi-State Information Sharing and Analysis Center MS-ISAC, and the Israel National Cyber Directorate INCD released the Guide to Securing Remote Access Software. This new joint guide is the result of a...
CERT-UA Alerts Ukrainian State Authorities of Remcos Software-Fueled Cyber Attacks
The Computer Emergency Response Team of Ukraine CERT-UA has issued an alert warning of cyber attacks against state authorities in the country that deploy a legitimate remote access software named Remcos. The mass phishing campaign has been attributed to a threat actor it tracks as UAC-0050, with...
IBM i 代码问题漏洞
IBM i is a suite of operating systems from International Business Machines IBM running on IBM Power Systems and IBM PureSystems. A security vulnerability exists in IBM i Access Family versions 1.1.2 through 1.1.4 and 1.1.4.3 through 1.1.9.0, which stems from a vulnerability that could allow a...
The vulnerability of the RealVNC remote access software lies in the ability to execute files located at %TEMP%, as they are owned by the SYSTEM account. This allows attackers to gain higher privileges.
The vulnerability of the RealVNC remote access software is related to the possibility of executing files located at %TEMP% as SYSTEM. Exploiting this vulnerability can allow an attacker to increase their privileges...
Welcart eCommerce < 2.7.8 - Unauthenticated Arbitrary File Access
The plugin does not validate user input used in a path, which could allow unauthenticated users to read arbitrary files via a traversal attack...
Hackers Behind Twilio Breach Also Targeted Cloudflare Employees
Web infrastructure company Cloudflare on Tuesday disclosed at least 76 employees and their family members received text messages on their personal and work phones bearing similar characteristics as that of the sophisticated phishing attack against Twilio. The attack, which transpired around the...
GHSA-7G5J-Q8QJ-8984 Magento Insecure Direct Object Reference (IDOR) vulnerability
An insecure direct object reference IDOR vulnerability exists in Magento 2.1 prior to 2.1.18, Magento 2.2 prior to 2.2.9, Magento 2.3 prior to 2.3.2. This can be exploited by an administrator with limited privileges to delete the downloadable products folder...
TYPO3 allows remote attackers to obtain the database name via a direct request
The Command Line Interface CLI script in TYPO3 4.4.0 through 4.4.13, 4.5.0 through 4.5.13, 4.6.0 through 4.6.6, 4.7, and 6.0 allows remote attackers to obtain the database name via a direct request...
Iranian state-sponsored APT group MuddyWater targeting organizations via malicious executables
THREAT LEVEL: Red. United States Cyber Command USCYBERCOM has warned of an ongoing cyber attack by Iranian state sponsored actor named as MuddyWater. This APT group is currently targeting Middle Eastern countries and has also targeted European and North American nations. The Iranian-backed...
Teradici PCOIP Software Agent 安全漏洞
The Teradici PCoIP Software Agent is part of the Teradici Cloud Access Software from Teradici Canada. A PCoIP client can be used to connect to virtual desktops either directly or through a connection agent. A security vulnerability exists in the Teradici PCOIP Software Agent that could be exploit...
`Frame::copy_from_raw_parts` can lead to segfault without `unsafe`
fn Frame::copyfromrawparts is a safe API that can take a raw pointer and dereference it. It is possible to read arbitrary memory address with an arbitrarily fed pointer. This allows the safe API to access & read arbitrary address in memory. Feeding an invalid memory address pointer to the API may...
Black Hat 2020: In a Turnaround, Voting Machine Vendor Embraces Ethical Hackers
Voting machine-maker Election Systems & Software ES&S has formally announced a vulnerability disclosure policy, Wednesday, during a Black Hat USA 2020 session. The move, which comes with the U.S. presidential elections looming in November, shows that voting-machine vendors are beginning to take t...
Description of the security update for Office 2016: April 14, 2020
Description of the security update for Office 2016: April 14, 2020 Summary This security update resolves remote code execution vulnerabilities that exist in Microsoft Access software when the software fails to properly handle objects in memory. To learn more about these vulnerabilities, see...
Elasticsearch files access
snapshot API files access...
PCI DSS Compliance : Remote Access Software Has Been Detected
Due to increased risk to the cardholder data environment when remote access software is present, 1 justify the business need for this software to the ASV and confirm it is implemented securely, or 2 confirm it is disabled/ removed. Consult your ASV if you have questions about this Special Note...