EUVD-2023-25660

Malicious code in bioql PyPI...

EUVD-2023-25671

Malicious code in bioql PyPI...

EUVD-2023-25664

Malicious code in bioql PyPI...

CVE-2023-21494

Potential buffer overflow vulnerability in auth api in mmAuthentication.c in Shannon baseband prior to SMR May-2023 Release 1 allows remote attackers to cause invalid memory access...

CVE-2023-21493

Improper access control vulnerability in SemShareFileProvider prior to SMR May-2023 Release 1 allows local attackers to access protected data...

CVE-2023-21485

Improper export of android application components vulnerability in VideoPreviewActivity in Call Settings to SMR May-2023 Release 1 allows physical attackers to access some media data stored in sandbox...

CVE-2023-21489

Heap out-of-bounds write vulnerability in bootloader prior to SMR May-2023 Release 1 allows a physical attacker to execute arbitrary code...

CVE-2023-21492

Kernel pointers are printed in the log file prior to SMR May-2023 Release 1 allows a privileged local attacker to bypass ASLR...

CVE-2024-43688

cron/entry.c in vixie cron before 9cc8ab1, as used in OpenBSD 7.4 and 7.5, allows a heap-based buffer underflow and memory corruption. NOTE: this issue was introduced during a May 2023 refactoring...

CVE-2024-43688

cron/entry.c in vixie cron before 9cc8ab1, as used in OpenBSD 7.4 and 7.5, allows a heap-based buffer underflow and memory corruption. NOTE: this issue was introduced during a May 2023 refactoring...

Bitcoin: Denial of Service

Background Bitcoin Core consists of both "full-node" software for fully validating the blockchain as well as a bitcoin wallet. Description Please review the CVE identifier referenced below for details. Impact Bitcoin Core, when debug mode is not used, allows attackers to cause a denial of service...

Security Updates for Microsoft Office Online Server (May 2023)

The Microsoft Office Web Apps installation on the remote host is missing a security update. It is, therefore, affected by the following: - Microsoft Excel is affected by a remote code execution vulnerability. CVE-2024-30042 Note that Nessus has not tested for this issue but has instead relied onl...

Qlik Qlikview 安全漏洞

Qlik QlikView is Qlik's for rapid development and delivery of interactive guided analytics applications and dashboards. A security vulnerability exists in Qlik Qlikview May 2022 SR3 prior to 12.70.20300, and in Qlikview May 2023 SR2 prior to 12,80.20200 versions, which stems from a race condition...

SAP Enable Now Manager 10.6.5 Build 2804 Cloud Edition CSRF / XSS / Redirect

SEC Consult Vulnerability Lab Security Advisory ======================================================================= title: Multiple Vulnerabilities product: SAP® Enable Now Manager vulnerable version: 10.6.5 Build 2804 Cloud Edition fixed version: May 2023 Release CVE number: N/A cloud impact...

CVE-2023-41265

An HTTP Request Tunneling vulnerability found in Qlik Sense Enterprise for Windows for versions May 2023 Patch 3 and earlier, February 2023 Patch 7 and earlier, November 2022 Patch 10 and earlier, and August 2022 Patch 12 and earlier allows a remote attacker to elevate their privilege by tunnelin...

CVE-2023-41266

A path traversal vulnerability found in Qlik Sense Enterprise for Windows for versions May 2023 Patch 3 and earlier, February 2023 Patch 7 and earlier, November 2022 Patch 10 and earlier, and August 2022 Patch 12 and earlier allows an unauthenticated remote attacker to generate an anonymous...

Path traversal

A path traversal vulnerability found in Qlik Sense Enterprise for Windows for versions May 2023 Patch 3 and earlier, February 2023 Patch 7 and earlier, November 2022 Patch 10 and earlier, and August 2022 Patch 12 and earlier allows an unauthenticated remote attacker to generate an anonymous...

Discord Notifies Users of Data Breach Impacting 180 Accounts

By Habiba Rashid Discord acknowledged the data breach in May 2023. This is a post from HackRead.com Read the original post: Discord Notifies Users of Data Breach Impacting 180 Accounts...

NodeStealer 2.0 Poses as ‘Microsoft’ to Hack Facebook and Browser Data

By Deeba Ahmed NodeStealer 2.0 is a variant of the NodeStealer infostealing malware, which was taken down by Meta in May 2023. This is a post from HackRead.com Read the original post: NodeStealer 2.0 Poses as Microsoft to Hack Facebook and Browser Data...

Amazon Files Lawsuits Against Fraudsters Peddling Fake Reviews

By Waqas According to Amazon, it has already taken significant action against 94 fraudsters operating in the United States, China, and Europe in May 2023. This is a post from HackRead.com Read the original post: Amazon Files Lawsuits Against Fraudsters Peddling Fake Reviews...