Security
Headlines
HeadlinesLatestCVEs

Tag

#intel

CVE-2023-4512: CBOR dissector Uncontrolled Recursion leading to Stack-Overflow | DoS (#19144) · Issues · Wireshark Foundation / Wireshark · GitLab

CBOR dissector crash in Wireshark 4.0.0 to 4.0.6 allows denial of service via packet injection or crafted capture file

CVE
Open in Source
#vulnerability#mac#linux#dos#git#intel#c++#ssl
CVE-2023-41028: Juplink RX4-1500 Stack-based Buffer Overflow Vulnerability - Exodus Intelligence

A stack-based buffer overflow exists in Juplink RX4-1500, a WiFi router, in versions 1.0.2 through 1.0.5. An authenticated attacker can exploit this vulnerability to achieve code execution as root.

Three vulnerabilities in NVIDIA graphics driver could cause memory corruption

The driver is vulnerable to memory corruption if an adversary sends a specially crafted shader packer, which can lead to a memory corruption problem in the driver.

DarkGate reloaded via malvertising and SEO poisoning campaigns

Categories: Threat Intelligence Tags: darkgate Tags: autoit Tags: malvertising Tags: seo poisoning The new version of the DarkGate malware is currently actively being distributed via malspam, malicious ads and SEO poisoning. (Read more...) The post DarkGate reloaded via malvertising and SEO poisoning campaigns appeared first on Malwarebytes Labs.

North Korean Affiliates Suspected in $40M Cryptocurrency Heist, FBI Warns

The U.S. Federal Bureau of Investigation (FBI) on Tuesday warned that threat actors affiliated with North Korea may attempt to cash out stolen cryptocurrency worth more than $40 million. The law enforcement agency attributed the blockchain activity to an adversary the U.S. government tracks as TraderTraitor, which is also known by the name Jade Sleet. An investigation undertaken by the FBI found

CVE-2023-4404: Donation Forms by Charitable <= 1.7.0.12 - Unauthenticated Privilege Escalation — Wordfence Intelligence

The Donation Forms by Charitable plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.7.0.12 due to insufficient restriction on the 'update_core_user' function. This makes it possible for unauthenticated attackers to specify their user role by supplying the 'role' parameter during a registration.

Tourists Give Themselves Away by Looking Up. So Do Most Network Intruders.

In large metropolitan areas, tourists are often easy to spot because they're far more inclined than locals to gaze upward at the surrounding skyscrapers. Security experts say this same tourist dynamic is a dead giveaway in virtually all computer intrusions that lead to devastating attacks like ransomware, and that more organizations should set simple virtual tripwires that sound the alarm when authorized users and devices are spotted exhibiting this behavior.

WordPress Charitable Donations Plugin And Fundraising Platform 1.7.0.12 Privilege Escalation

WordPress Charitable Donations Plugin and Fundraising Platform versions 1.7.0.12 and below suffer from a privilege escalation vulnerability.

Color Prediction Game 1.0 SQL Injection

Color Prediction Game version 1.0 suffers from a remote SQL injection vulnerability.