Fuji Xerox Co.,Ltd. Security Vulnerabilities

Stable Channel Update for ChromeOS / ChromeOS Flex

Hello All, The Stable channel is being updated to 120.0.6099.203 (Platform version: 15662.64.0) for most ChromeOS devices and will be rolled out over the next few days. If you find new issues, please let us know one of the following ways: File a bug Visit our Chrome OS communities General:...

CVE-2023-51419

Unrestricted Upload of File with Dangerous Type vulnerability in Bertha.Ai BERTHA AI. Your AI co-pilot for WordPress and Chrome.This issue affects BERTHA AI. Your AI co-pilot for WordPress and Chrome: from n/a through...

CVE-2023-51419

Unrestricted Upload of File with Dangerous Type vulnerability in Bertha.Ai BERTHA AI. Your AI co-pilot for WordPress and Chrome.This issue affects BERTHA AI. Your AI co-pilot for WordPress and Chrome: from n/a through...

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

On Jan. 9, 2024, U.S. authorities arrested a 19-year-old Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIM-swapping to steal cryptocurrency. Sources close to the investigation tell KrebsOnSecurity the accused was a key member of a criminal...

Weak Password Vulnerability in the Application Basic Service Management System of Xiamen Nalon Health Technology Co.

Founded in 2002, Xiamen Nalon Health Science & Technology Co., Ltd. is a high-tech enterprise integrating the research and development, production, sales and software service of medical electronic instruments and equipment. A weak password vulnerability exists in the application infrastructure...

CVE-2023-50837

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WebFactory Ltd Login Lockdown – Protect Login Form.This issue affects Login Lockdown – Protect Login Form: from n/a through...

CVE-2023-50837

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WebFactory Ltd Login Lockdown – Protect Login Form.This issue affects Login Lockdown – Protect Login Form: from n/a through...

OWASP.AntiSamy mXSS when preserving comments

Impact There is a potential for a mutation XSS (mXSS) vulnerability in AntiSamy caused by flawed parsing of the HTML being sanitized. To be subject to this vulnerability the preserveComments directive must be enabled in your policy file and also allow for certain tags at the same time. As a...

Command Execution Vulnerability in Electronic Document Security Management System of Beijing Yisaitong Technology Development Co., Ltd (CNVD-2023-99981)

Ltd. is a leading provider of Data Leakage Protection (DLP) products, solutions and security services in China. A command execution vulnerability exists in the electronic document security management system of Beijing Yisetong Technology Development Co., Ltd. that can be exploited by an attacker...

Buffer overflow

Shenzhen Libituo Technology Co., Ltd LBT-T300-T310 v2.2.2.6 was discovered to contain a buffer overflow via the ApCliEncrypType parameter at...

U.S., U.K., Australia Sanction Russian REvil Hacker Behind Medibank Breach

Governments from Australia, the U.K., and the U.S. have imposed financial sanctions on a Russian national for his alleged role in the 2022 ransomware attack against health insurance provider Medibank. Alexander Ermakov (aka blade_runner, GistaveDore, GustaveDore, or JimJones), 33, has been tied to....

Privilege escalation

An elevation of privilege vulnerability exists in Microsoft Windows when Folder redirection has been enabled via Group Policy. When folder redirection file server is co-located with Terminal server, an attacker who successfully exploited the vulnerability would be able to begin redirecting another....

SQL Injection Vulnerability in Intelligent Logistics Unattended System of Taiyuan ECS Software Technology Co. Ltd (CNVD-2023-99600)

Intelligent logistics unattended system is an intelligent information platform for the unified control of raw material procurement, finished product sales and in-plant logistics for process manufacturing enterprises. There is a SQL injection vulnerability in the Intelligent Logistics Unattended...

Dnsmasq is vulnerable to memory corruption and cache poisoning

Overview Dnsmasq is vulnerable to a set of memory corruption issues handling DNSSEC data and a second set of issues validating DNS responses. These vulnerabilities could allow an attacker to corrupt memory on a vulnerable system and perform cache poisoning attacks against a vulnerable environment.....

Command Execution Vulnerability in EG2000GE of Beijing StarNet Ruijie Network Technology Co.

Beijing StarNet Ruijie Network Technology Co., Ltd EG2000GE is a router product. A command execution vulnerability exists in the Beijing StarNet Ruijie Network Technology Co., Ltd EG2000GE, which can be exploited by an attacker to gain control of the...

APsystems Energy Communication Unit (ECU-C) Power Control Software

View CSAF 1. EXECUTIVE SUMMARY CVSS v3 8.8 ATTENTION: Exploitable via adjacent network / low attack complexity Vendor: APsystems Equipment: Energy communication Unit (ECU-C) Power Control Software Vulnerability: Improper Access Control 2. RISK EVALUATION Successful exploitation of this...

CVE-2023-51419 WordPress BERTHA AI Plugin <= 1.11.10.7 is vulnerable to Arbitrary File Upload

Unrestricted Upload of File with Dangerous Type vulnerability in Bertha.Ai BERTHA AI. Your AI co-pilot for WordPress and Chrome.This issue affects BERTHA AI. Your AI co-pilot for WordPress and Chrome: from n/a through...

Trend Micro Mobile Security for Enterprises vpplist_assign_list Cross-Site Scripting Vulnerability

This vulnerability allows remote attackers to execute web requests with the victim's privileges on affected installations of Trend Micro Mobile Security for Enterprises. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious...

Rapid7 in Prague: Pete Rubio Shares Insights and Excitement for the New Office

_As we continue to grow our customer base here at Rapid7, we’re growing our offices as well – this time with a new location in the Czech Republic. With a successful history of building innovation hubs from Boston to Belfast, our teams can’t wait to bring new talent from Prague into the business....

Trend Micro Mobile Security for Enterprises DevicesManagementEditNotePopupTip Cross-Site Scripting Vulnerability

This vulnerability allows remote attackers to execute web requests with the victim's privileges on affected installations of Trend Micro Mobile Security for Enterprises. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious...

CVE-2023-51654

Improper link resolution before file access ('Link Following') issue exists in iPrint&Scan Desktop for Windows versions 11.0.0 and earlier. A symlink attack by a malicious user may cause a Denial-of-service (DoS) condition on the...

Trend Micro Mobile Security for Enterprises ServerUpdate_UpdateSuccessful Cross-Site Scripting Vulnerability

This vulnerability allows remote attackers to execute web requests with the victim's privileges on affected installations of Trend Micro Mobile Security for Enterprises. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious...

Trend Micro Apex Central Unrestricted File Upload Vulnerability

This vulnerability allows remote attackers to create arbitrary files on affected installations of Trend Micro Apex Central. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of uploaded ZIP files. The issue results from the lack of proper...

Warning: GravityRAT Android Trojan Steals WhatsApp Backups and Deletes Files

An updated version of an Android remote access trojan dubbed GravityRAT has been found masquerading as messaging apps BingeChat and Chatico as part of a narrowly targeted campaign since June 2022. "Notable in the newly discovered campaign, GravityRAT can exfiltrate WhatsApp backups and receive...

CVE-2023-51767

OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim...

CVE-2023-50837 WordPress Login Lockdown Plugin <= 2.06 is vulnerable to SQL Injection

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in WebFactory Ltd Login Lockdown – Protect Login Form.This issue affects Login Lockdown – Protect Login Form: from n/a through...

Information leakage vulnerability in retail terminal operation and maintenance management platform of Shanghai Bojun Software Technology Co.

Shanghai BJ Software Technology Co., Ltd (BJST), founded in 1999, provides digital business consulting and system implementation for large and medium-sized enterprises, supporting the construction of omni-channel middle office, ERP, e-commerce OMS and other systems, covering a wide range of retail....

Gentoo Security Advisory GLSA 200403-03 (OpenSSL)

The remote host is missing updates announced in advisory GLSA...

Cross site scripting

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebFactory Ltd Guest Author allows Stored XSS.This issue affects Guest Author: from n/a through...

Cross site request forgery (csrf)

Cross-Site Request Forgery (CSRF) vulnerability in Creatomatic Ltd CSprite.This issue affects CSprite: from n/a through...

CVE-2023-50469

Shenzhen Libituo Technology Co., Ltd LBT-T300-T310 v2.2.2.6 was discovered to contain a buffer overflow via the ApCliEncrypType parameter at...

CVE-2023-50469

Shenzhen Libituo Technology Co., Ltd LBT-T300-T310 v2.2.2.6 was discovered to contain a buffer overflow via the ApCliEncrypType parameter at...

CVE-2021-26887

An elevation of privilege vulnerability exists in Microsoft Windows when Folder redirection has been enabled via Group Policy. When folder redirection file server is co-located with Terminal server, an attacker who successfully exploited the vulnerability would be able to begin redirecting another....

SMTP end-of-data uncertainty can be abused to spoof emails and bypass policies

Overview A vulnerability has been found in the way that SMTP servers and software handle the end-of-data sequences (essentially the end of a single email message) in mail messages. An attacker can use this inconsistency to craft an email message that can bypass SMTP security policies. Description.....

CVE-2021-26887

An elevation of privilege vulnerability exists in Microsoft Windows when Folder redirection has been enabled via Group Policy. When folder redirection file server is co-located with Terminal server, an attacker who successfully exploited the vulnerability would be able to begin redirecting another....

CVE-2023-51767

OpenSSH through 9.6, when common types of DRAM are used, might allow row hammer attacks (for authentication bypass) because the integer value of authenticated in mm_answer_authpassword does not resist flips of a single bit. NOTE: this is applicable to a certain threat model of attacker-victim...

CVE-2023-4295

A local non-privileged user can make improper GPU memory processing operations to gain access to already freed...

Trend Micro Apex Central modVulnerabilityProtect Server-Side Request Forgery Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of Trend Micro Apex Central. Authentication is required to exploit this vulnerability. The specific flaw exists within the modVulnerabilityProtect module. The issue results from the lack of...

MOKOSmart MKGW1 Gateway Improper Session Management

...

CVE-2023-6562

JPX Fragment List (flst) box vulnerability in Kakadu 7.9 allows an attacker to exfiltrate local and remote files reachable by a server if the server allows the attacker to upload a specially-crafted the image that is displayed back to the...

SQL Injection Vulnerability in Mobile Phone Service Management Backend of Zhengzhou Zhengda Information Technology Co.

Zhengzhou Zhengda Information Technology Co., Ltd. is a supply chain-industrial chain digitization and financial service solution provider. Zhengzhou Zhengda Information Technology Co., Ltd. mobile service management backend has a SQL injection vulnerability, which can be exploited by attackers to....

CVE-2023-50469

Shenzhen Libituo Technology Co., Ltd LBT-T300-T310 v2.2.2.6 was discovered to contain a buffer overflow via the ApCliEncrypType parameter at...

Trend Micro Apex Central widget WFProxy Local File Inclusion Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Trend Micro Apex Central. Authentication is required to exploit this vulnerability. The specific flaw exists within the getObjWGFServiceApiByApiName function. The issue results from the lack of proper....

CVE-2023-49747

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebFactory Ltd Guest Author allows Stored XSS.This issue affects Guest Author: from n/a through...

CVE-2023-49747

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WebFactory Ltd Guest Author allows Stored XSS.This issue affects Guest Author: from n/a through...

CVE-2023-49763

Cross-Site Request Forgery (CSRF) vulnerability in Creatomatic Ltd CSprite.This issue affects CSprite: from n/a through...

CVE-2023-49763

Cross-Site Request Forgery (CSRF) vulnerability in Creatomatic Ltd CSprite.This issue affects CSprite: from n/a through...

eXtplorer 'ext_find_user()' Function Authentication Bypass Vulnerability - Active Check

eXtplorer is prone to an authentication-bypass...

Wordfence Intelligence Weekly WordPress Vulnerability Report (January 15, 2024 to January 21, 2024)

Did you know we're running a Bug Bounty Extravaganza again? Earn over 6x our usual bounty rates, up to $10,000, for all vulnerabilities submitted through February 29th, 2024 when you opt to have Wordfence handle responsible disclosure! Last week, there were 84 vulnerabilities disclosed in 67...

CVE-2023-49763 WordPress CSprite Plugin <= 1.1 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery (CSRF) vulnerability in Creatomatic Ltd CSprite.This issue affects CSprite: from n/a through...