Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

The Political Theater Behind the State of the Union Data Privacy Push

Biden’s speech calling for better data protections got a standing ovation from both sides of the aisle. So, where’s a federal privacy law?

Wired
Open in Source
#mac#windows
SOUND4 LinkAndShare Transmitter 1.1.2 Format String Stack Buffer Overflow

The application suffers from a format string memory leak and stack buffer overflow vulnerability because it fails to properly sanitize user supplied input when calling the getenv() function from MSVCR120.DLL resulting in a crash overflowing the memory stack and leaking sensitive information. The attacker can abuse the username environment variable to trigger and potentially execute code on the affected system.

CVE-2022-35720: Security Bulletin: IBM Sterling Secure Proxy vulnerable to multiple issues

IBM Sterling External Authentication Server 6.1.0 and IBM Sterling Secure Proxy 6.0.3 uses weaker than expected cryptographic algorithms during installation that could allow a local attacker to decrypt sensitive information. IBM X-Force ID: 231373.

CVE-2022-45527: IMS has an arbitrary file upload vulnerability · Issue #2 · Future-Depth/IMS

File upload vulnerability in Future-Depth Institutional Management Website (IMS) 1.0, allows unauthorized attackers to directly upload malicious files to the courseimg directory.

CVE-2022-45526: IMS has SQL injection vulnerability · Issue #1 · Future-Depth/IMS

SQL Injection vulnerability in Future-Depth Institutional Management Website (IMS) 1.0, allows attackers to execute arbitrary commands via the ad parameter to /admin_area/login_transfer.php.

CVE-2023-23475: IBM Infosphere Information Server is vulnerable to cross-site scripting (CVE-2023-23475)

IBM Infosphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 245423.

CVE-2023-0001: CVE-2023-0001 Cortex XDR Agent: Cleartext Exposure of Agent Admin Password

An information exposure vulnerability in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local system administrator to disclose the admin password for the agent in cleartext, which bad actors can then use to execute privileged cytool commands that disable or uninstall the agent.

CVE-2023-0002: CVE-2023-0002 Cortex XDR Agent: Product Disruption by Local Windows User

A problem with a protection mechanism in the Palo Alto Networks Cortex XDR agent on Windows devices allows a local user to execute privileged cytool commands that disable or uninstall the agent.

Ransomware review: February 2023

Categories: Ransomware Categories: Threat Intelligence Our Threat Intelligence team looks at known ransomware attacks by gang, country, and industry sector in January 2023, and looks at LockBit's newest encryptor. (Read more...) The post Ransomware review: February 2023 appeared first on Malwarebytes Labs.

ManageEngine ADSelfService Plus Unauthenticated SAML Remote Code Execution

This Metasploit module exploits an unauthenticated remote code execution vulnerability that affects Zoho ManageEngine AdSelfService Plus versions 6210 and below. Due to a dependency to an outdated library (Apache Santuario version 1.4.1), it is possible to execute arbitrary code by providing a crafted samlResponse XML to the ADSelfService Plus SAML endpoint. Note that the target is only vulnerable if it has been configured with SAML-based SSO at least once in the past, regardless of the current SAML-based SSO status.