Security
Headlines
HeadlinesLatestCVEs

Tag

#ios

CVE-2023-34853: Variable Modification Due to Stack Overflow | Supermicro

Buffer Overflow vulnerability in Supermicro motherboard X12DPG-QR 1.4b allows local attackers to hijack control flow via manipulation of SmcSecurityEraseSetupVar variable.

CVE
Open in Source
#vulnerability#ios#bios#buffer_overflow
TP-Link Smart Bulb Users at Risk of WiFi Password Theft

By Habiba Rashid TP-Link Tapo L530E Smart Bulb found vulnerable, putting user WiFi credentials at risk. This is a post from HackRead.com Read the original post: TP-Link Smart Bulb Users at Risk of WiFi Password Theft

The Internet Is Turning Into a Data Black Box. An ‘Inspectability API’ Could Crack It Open

Unlike web browsers, mobile apps increasingly make it difficult or impossible to see what companies are really doing with your data. The answer? An inspectability API.

Ivanti Warns of Critical Zero-Day Flaw Being Actively Exploited in Sentry Software

Software services provider Ivanti is warning of a new critical zero-day flaw impacting Ivanti Sentry (formerly MobileIron Sentry) that it said is being actively exploited in the wild, marking an escalation of its security woes. Tracked as CVE-2023-38035 (CVSS score: 9.8), the issue has been described as a case of authentication bypass impacting versions 9.18 and prior due to what it called an

CVE-2023-4359: Chromium: CVE-2023-4359 Inappropriate implementation in App Launcher

**Why is this Chrome CVE included in the Security Update Guide?** The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable. Please see Security Update Guide Supports CVEs Assigned by Industry Partners for more information. **How can I see the version of the browser?** 1. In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window 2. Click on **Help and Feedback** 3. Click on **About Microsoft Edge**

A week in security (August 14 - August 20)

Categories: News Tags: Augsut 2023 Tags: week in security A list of topics we covered in the week of August 14 to August 20 of 2023 (Read more...) The post A week in security (August 14 - August 20) appeared first on Malwarebytes Labs.

Overcoming web scraping blocks: Best practices and considerations

By Owais Sultan At its core, web scraping involves automatically extracting data from websites, enabling individuals and organizations to obtain valuable… This is a post from HackRead.com Read the original post: Overcoming web scraping blocks: Best practices and considerations

CVE-2023-39970: AcyMailing Starter, by Acyba - Joomla Extension Directory

Unrestricted Upload of File with Dangerous Type vulnerability in AcyMailing component for Joomla. It allows remote code execution.