Security
Headlines
HeadlinesLatestCVEs

Tag

#auth

osCommerce 4 SQL Injection

osCommerce version 4 suffers from a remote SQL injection vulnerability.

Packet Storm
Open in Source
#sql#csrf#vulnerability#windows#auth
Red Hat Security Advisory 2023-7623-03

Red Hat Security Advisory 2023-7623-03 - Red Hat JBoss Web Server 5.7.7 zip release is now available for Red Hat Enterprise Linux 7, Red Hat Enterprise Linux 8, Red Hat Enterprise Linux 9, and Windows Server. Issues addressed include denial of service and open redirection vulnerabilities.

Red Hat Security Advisory 2023-7622-03

Red Hat Security Advisory 2023-7622-03 - An update is now available for Red Hat JBoss Web Server 5.7.7 on Red Hat Enterprise Linux versions 7, 8, and 9. Issues addressed include denial of service and open redirection vulnerabilities.

WordPress Elementor 3.18.1 File Upload / Remote Code Execution

WordPress Elementor plugin versions 3.18.1 and below are vulnerability to remote code execution via file upload in the template import functionality.

Kopage Website Builder 4.4.15 Shell Upload

Kopage Website Builder version 4.4.15 appears to suffer from a remote shell upload vulnerability.

Bluetooth Vulnerability Enables Keystroke Injection on Android, Linux, macOS, iOS

By Waqas Another day, another Bluetooth vulnerability impacting billions of devices worldwide! This is a post from HackRead.com Read the original post: Bluetooth Vulnerability Enables Keystroke Injection on Android, Linux, macOS, iOS

Cracked macOS Software Laced with New Trojan Proxy Malware

By Deeba Ahmed Stop installing pirated and cracked software to ensure the protection of your devices against Proxy Trojan and other new malware threats. This is a post from HackRead.com Read the original post: Cracked macOS Software Laced with New Trojan Proxy Malware

Mac Users Beware: New Trojan-Proxy Malware Spreading via Pirated Software

Unauthorized websites distributing trojanized versions of cracked software have been found to infect Apple macOS users with a new Trojan-Proxy malware. "Attackers can use this type of malware to gain money by building a proxy server network or to perform criminal acts on behalf of the victim: to launch attacks on websites, companies and individuals, buy guns, drugs, and other illicit

CVE-2023-45866: Bluetooth Technology Website | The official website of Bluetooth technology.

Bluetooth HID Hosts in BlueZ may permit an unauthenticated Peripheral role HID Device to initiate and establish an encrypted connection, and accept HID keyboard reports, potentially permitting injection of HID messages when no user interaction has occurred in the Central role to authorize such access. An example affected package is bluez 5.64-0ubuntu1 in Ubuntu 22.04LTS. NOTE: in some cases, a CVE-2020-0556 mitigation would have already addressed this Bluetooth HID Hosts issue.

CVE-2023-32460: DSA-2023-361: Security Update for Dell PowerEdge Server BIOS for an Improper Privilege Management Security Vulnerability

Dell PowerEdge BIOS contains an improper privilege management security vulnerability. An unauthenticated local attacker could potentially exploit this vulnerability, leading to privilege escalation.