Security
Headlines
HeadlinesLatestCVEs

Tag

#intel

CVE-2023-31197: INTEL-SA-00475

Uncontrolled search path in the Intel(R) Trace Analyzer and Collector before version 2020 update 3 may allow an authenticated user to potentially enable escalation of privilege via local access.

CVE
Open in Source
#vulnerability#web#intel#auth#chrome#firefox
CVE-2023-31199: INTEL-SA-00074

Improper access control in the Intel(R) Solid State Drive Toolbox(TM) before version 3.4.5 may allow a privileged user to potentially enable escalation of privilege via local access.

AI Is About to Be Everywhere: Where Will Regulators Be?

Regulators should apply a healthy skepticism to generative AI developments to guarantee a competitive marketplace.

CVE-2020-13377: Path traversal in Enterprise loadbalancer VA MAX - v8.3.8 and earlier

The web-services interface of Loadbalancer.org Enterprise VA MAX through 8.3.8 could allow an authenticated, remote, low-privileged attacker to conduct directory traversal attacks and obtain read and write access to sensitive files.

CVE-2023-32243: 1+ Million Sites Affected by Critical Privilege Escalation Vulnerability in Essential Addons for Elementor Plugin

Improper Authentication vulnerability in WPDeveloper Essential Addons for Elementor allows Privilege Escalation. This issue affects Essential Addons for Elementor: from 5.4.0 through 5.7.1.

Bl00dy Ransomware Gang Strikes Education Sector with Critical PaperCut Vulnerability

U.S. cybersecurity and intelligence agencies have warned of attacks carried out by a threat actor known as the Bl00dy Ransomware Gang that attempt to exploit vulnerable PaperCut servers against the education facilities sector in the country. The attacks took place in early May 2023, the Federal Bureau of Investigation (FBI) and Cybersecurity and Infrastructure Security Agency (CISA) said in a

Severe Security Flaw Exposes Over a Million WordPress Sites to Hijack

A security vulnerability has been disclosed in the popular WordPress plugin Essential Addons for Elementor that could be potentially exploited to achieve elevated privileges on affected sites. The issue, tracked as CVE-2023-32243, has been addressed by the plugin maintainers in version 5.7.2 that was shipped on May 11, 2023. Essential Addons for Elementor has over one million active

CVE-2020-13378: OS Command Injection in Enterprise loadbalancer VA MAX - v8.3.8 and earlier

Loadbalancer.org Enterprise VA MAX through 8.3.8 has an OS Command Injection vulnerability that allows a remote authenticated attacker to execute arbitrary code.

Startup Competition Secures ML Systems, Vulnerabilities in Automation

RSA's Innovation Sandbox 2023 focused on the software supply chain, as well as attack surfaces exposed by generative AI, ML systems, and APIs.

CVE-2023-2661: CVEproject/Online-Computer-and-Laptop-Store---Multiple-vulnerabilities.md at main · xiahao90/CVEproject

A vulnerability was found in SourceCodester Online Computer and Laptop Store 1.0 and classified as critical. This issue affects some unknown processing of the file /classes/Master.php. The manipulation of the argument id leads to sql injection. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The associated identifier of this vulnerability is VDB-228803.