Security
Headlines
HeadlinesLatestCVEs

Tag

#google

CVE-2023-39169: Senec Inverters Home V1, V2, V3 Home & Hybrid Publicly Accessible Default Credentials- CVE-2023-39170

The affected devices use publicly available default credentials with administrative privileges.

CVE
Open in Source
#vulnerability#web#google#git#auth
Ubuntu Security Notice USN-6537-1

Ubuntu Security Notice 6537-1 - Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service. Lucas Leong discovered that the netfilter subsystem in the Linux kernel did not properly validate some attributes passed from userspace. A local attacker could use this to cause a denial of service or possibly expose sensitive information.

CVE-2023-47548: WordPress Integrate Google Drive plugin <= 1.3.2 - Open Redirection vulnerability - Patchstack

URL Redirection to Untrusted Site ('Open Redirect') vulnerability in SoftLab Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site.This issue affects Integrate Google Drive – Browse, Upload, Download, Embed, Play, Share, Gallery, and Manage Your Google Drive Files Into Your WordPress Site: from n/a through 1.3.2.

Android phones can be taken over remotely &#8211; update when you can

Android phones are vulnerable to attacks that allow a remote execution of malicious code and it requires no user interaction.

New Bluetooth Flaw Let Hackers Take Over Android, Linux, macOS, and iOS Devices

A critical Bluetooth security flaw could be exploited by threat actors to take control of Android, Linux, macOS and iOS devices. Tracked as CVE-2023-45866, the issue relates to a case of authentication bypass that enables attackers to connect to susceptible devices and inject keystrokes to achieve code execution as the victim. "Multiple Bluetooth stacks have authentication bypass

Flashpoint Uncovers 100,000+ Hidden Vulnerabilities, Including Zero-Days

By Deeba Ahmed 100,000+ Reasons to Rethink Vulnerability Management. This is a post from HackRead.com Read the original post: Flashpoint Uncovers 100,000+ Hidden Vulnerabilities, Including Zero-Days

Governments May Spy on You by Requesting Push Notifications from Apple and Google

Unspecified governments have demanded mobile push notification records from Apple and Google users to pursue people of interest, according to U.S. Senator Ron Wyden. "Push notifications are alerts sent by phone apps to users' smartphones," Wyden said. "These alerts pass through a digital post office run by the phone operating system provider -- overwhelmingly Apple or Google. Because of

Remote code execution vulnerabilities found in Buildroot, Foxit PDF Reader

Cisco Talos has disclosed 10 vulnerabilities over the past two weeks, including nine that exist in a popular online PDF reader that offers a browser plugin.

Police Can Spy on Your iOS and Android Push Notifications

Governments can access records related to push notifications from mobile apps by requesting that data from Apple and Google, according to details in court records and a US senator.