Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

KeePass vulnerability allows attackers to access the master password

Categories: Exploits and vulnerabilities Categories: News Categories: Personal Tags: KeePass Tags: memory dump Tags: CVE-2023-32784 There is a Proof-of-Concept available for an unpatched vulnerability in KeePass that allows attackers to dump the master password. (Read more...) The post KeePass vulnerability allows attackers to access the master password appeared first on Malwarebytes Labs.

Malwarebytes
Open in Source
#vulnerability#windows#git#auth
CVE-2023-29985: admin#date_from has sql injection vulnerability

Sourcecodester Student Study Center Desk Management System v1.0 admin\reports\index.php#date_from has a SQL Injection vulnerability.

CVE-2022-4870: Security Advisory 2023-09

In affected versions of Octopus Deploy it is possible to discover network details via error message

RHSA-2023:1326: Red Hat Security Advisory: OpenShift Container Platform 4.13.0 security update

Red Hat OpenShift Container Platform release 4.13.0 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.13. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4235: A flaw was found in go-yaml. This issue occurs due to unbounded alias chasing, where a maliciously crafted YAML file can cause the system to consume significant system resources. If p...

CVE-2023-29837: Exelysis/EUCS Admin Login XSS_CVE-2023-29836_CVE-2023-29837.txt at main · IthacaLabs/Exelysis

Cross Site Scripting vulnerability found in Exelysis Unified Communication Solution (EUCS) v.1.0 allows a remote attacker to gain privileges via the URL path of the eucsAdmin login web page.

CVE-2023-31699: XSS via Image File · Issue #6471 · ChurchCRM/CRM

ChurchCRM v4.5.4 is vulnerable to Reflected Cross-Site Scripting (XSS) via image file.

CVE-2023-2679: Snow Globe Community

Data leakage in Adobe connector in Snow Software SPE 9.27.0 on Windows allows privileged user to observe other users data.

CVE-2023-31903: OffSec’s Exploit Database Archive

GuppY CMS 6.00.10 is vulnerable to Unrestricted File Upload which allows remote attackers to execute arbitrary code by uploading a php file.

CVE-2023-31702: CVE-2023-31702/README.md at main · sahiloj/CVE-2023-31702

SQL injection in the View User Profile in MicroWorld eScan Management Console 14.0.1400.2281 allows remote attacker to dump entire database and gain windows XP command shell to perform code execution on database server via GetUserCurrentPwd?UsrId=1.