Security
Headlines
HeadlinesLatestCVEs

Tag

#pdf

CVE-2023-27235: jizhicms v2.4.5 has a file upload vulnerability and a CSRF vulnerability · Issue #85 · Cherry-toto/jizhicms

An arbitrary file upload vulnerability in the \admin\c\CommonController.php component of Jizhicms v2.4.5 allows attackers to execute arbitrary code via a crafted phtml file.

CVE
#csrf#vulnerability#web#php#pdf
Two U.S. Men Charged in 2022 Hacking of DEA Portal

Two U.S. men have been charged with hacking into a U.S. Drug Enforcement Agency (DEA) online portal that taps into 16 different federal law enforcement databases. Both are alleged to be part of a larger criminal organization that specializes in using fake emergency data requests from compromised police and government email accounts to publicly threaten and extort their victims.

LockBit Threatens to Leak Stolen SpaceX Schematics

The ransomware group sent a message directly to Elon Musk: Pay or the confidential SpaceX information goes up for grabs on the Dark Web.

Ubuntu Security Notice USN-5949-1

Ubuntu Security Notice 5949-1 - It was discovered that Chromium could be made to write out of bounds in several components. A remote attacker could possibly use this issue to corrupt memory via a crafted HTML page, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that Chromium contained an integer overflow in the PDF component. A remote attacker could possibly use this issue to corrupt memory via a crafted PDF file, resulting in a denial of service, or possibly execute arbitrary code.

Talos uncovers espionage campaigns targeting CIS countries, Turkey, and European institutions including Embassies and a critical EU Health care Agency

Cisco Talos has identified a new espionage oriented threat actor, which we are naming “YoroTrooper,” targeting a multitude of entities in Europe and Turkey.

CVE-2023-27463

A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.3). The audit log form of affected applications is vulnerable to SQL injection. This could allow authenticated remote attackers to execute arbitrary SQL queries on the server database.

CVE-2023-27310

A vulnerability has been identified in RUGGEDCOM CROSSBOW (All versions < V5.2). The client query handler of the affected application fails to check for proper permissions when assigning groups to user accounts. This could allow an authenticated remote attacker to assign administrative groups to otherwise non-privileged user accounts.

CVE-2023-25957

A vulnerability has been identified in Mendix SAML (Mendix 7 compatible) (All Versions >= 1.16.4 < 1.17.2), Mendix SAML (Mendix 8 compatible) (All versions >= 2.2.0 < 2.2.3), Mendix SAML (Mendix 9 compatible, New Track) (All versions >= 3.1.9 < 3.2.5), Mendix SAML (Mendix 9 compatible, Upgrade Track) (All versions >= 3.1.9 < 3.2.5). The affected versions of the module insufficiently verifies the SAML assertions. This could allow unauthenticated remote attackers to bypass authentication and get access to the application.

Microsoft Warns of Large-Scale Use of Phishing Kits to Send Millions of Emails Daily

An open source adversary-in-the-middle (AiTM) phishing kit has found a number of takers in the cybercrime world for its ability to orchestrate attacks at scale. Microsoft Threat Intelligence is tracking the threat actor behind the development of the kit under its emerging moniker DEV-1101. An AiTM phishing attack typically involves a threat actor attempting to steal and intercept a target's

CVE-2023-1018: CERT/CC: CVE-2023-1018 TPM2.0 Module Library Elevation of Privilege Vulnerability

**Why is the CERT/CC the assigning CNA (CVE Numbering Authority)?** This CVE is regarding a vulnerability in a third party driver. CERT/CC created this CVE on behalf of the researcher who discovered the vulnerability.