Search cyberveille.decio.ch

Found 18 bookmarks

Custom sorting

CVE-2024-1212: Unauthenticated Command Injection In Progress Kemp LoadMaster - Rhino Security Labs

CVE-2024-1212 is an unauthenticated command injection found in Progress Kemp LoadMaster load balancer's administrator web interface by Rhino Security Labs.

#rhinosecuritylabs #EN #2024 #vulnerability #Progress #Kemp #LoadMaster #unauthenticated #command #injection

·rhinosecuritylabs.com·Dec 3, 2024

CVE-2024-1212: Unauthenticated Command Injection In Progress Kemp LoadMaster - Rhino Security Labs

Ivanti warns of three more CSA zero-days exploited in attacks

American IT software company Ivanti has released security updates to fix three new Cloud Services Appliance (CSA) zero-days tagged as actively exploited in attacks.

#bleepingcomputer #EN #2024 #Bypass #Ivanti #Code #Command #Actively #Remote #Services #Exploited #Injection #Execution #Security #Zero-Day #CSA #Cloud #Appliance #CVE-2024-9379 #CVE-2024-9380 #CVE-2024-9381

·bleepingcomputer.com·Oct 8, 2024

Ivanti warns of three more CSA zero-days exploited in attacks

Data Exfiltration from Slack AI via indirect prompt injection

This vulnerability can allow attackers to steal anything a user puts in a private Slack channel by manipulating the language model used for content generation. This was responsibly disclosed to Slack (more details in Responsible Disclosure section at the end).

#promptarmor #EN #2024 #Slack #prompt-injection #LLM #vulnerability #steal #indirect-prompt #injection

·promptarmor.substack.com·Aug 20, 2024

Data Exfiltration from Slack AI via indirect prompt injection

Cisco NX-OS Command Injection Vulnerability CVE-2024-20399: Insights and Defense Strategies

Discover key insights into the recently disclosed Cisco NX-OS software CLI vulnerability (CVE-2024-20399) affecting numerous Cisco Nexus devices.

#sygnia #EN #2024 #CVE-2024-20399 #Cisco #NX-OS #Command #Injection #Nexus

·sygnia.co·Jul 2, 2024

Cisco NX-OS Command Injection Vulnerability CVE-2024-20399: Insights and Defense Strategies

CVE-2024-29824 Deep Dive: Ivanti EPM SQL Injection Remote Code Execution Vulnerability – Horizon3.ai

CVE-2024-29824 Ivanti EPM SQL Injection Remote Code Execution Vulnerability. This blog details the internals of a SQLi RCE vulnerability.

#horizon3 #EN #analysis #CVE-2024-29824 #Ivanti #EPM #SQL #Injection #RCE

·horizon3.ai·Jun 12, 2024

CVE-2024-29824 Deep Dive: Ivanti EPM SQL Injection Remote Code Execution Vulnerability – Horizon3.ai

Security Flaw in WP-Members Plugin Leads to Script Injection

Attackers could exploit a high-severity cross-site Scripting (XSS) vulnerability in the WP-Members Membership WordPress plugin to inject arbitrary scripts into web pages, according to an advisory from security firm Defiant.

#securityweek #EN #2024 #plugin #WP #Wordpress #WP-Members #Injection #vulnerability

·securityweek.com·Apr 4, 2024

Security Flaw in WP-Members Plugin Leads to Script Injection

Thinking about the security of AI systems

Why established cyber security principles are still important when developing or implementing machine learning models.

#NCSC.GOV.UK #AI #secuity #ai-security #injection #attacks #data-poisoning

·ncsc.gov.uk·Sep 6, 2023

Thinking about the security of AI systems

CVE-2023-34362: MOVEit Transfer SQL Injection Vulnerability Threat Brief

On May 31, Progress Software posted a notification alerting customers of a critical Structured Query Language injection (SQLi) vulnerability (CVE-2023-34362) in their MOVEit Transfer product. MOVEit Transfer is a managed file transfer (MFT) application intended to provide secure collaboration and automated file transfers of sensitive data.

#paloaltonetworks #EN #2023 #MOVEit #SQL #Injection #Vulnerability #CVE-2023-34362

·unit42.paloaltonetworks.com·Jun 7, 2023

CVE-2023-34362: MOVEit Transfer SQL Injection Vulnerability Threat Brief

Analysis of Pre-Auth RCE in Sophos Web Appliance (CVE-2023-1671)

CVE-2023-1671 is a pre-authenticated command injection in Sophos Web Appliance. In this blog post, VulnCheck researchers analyze the vulnerability and develop a proof of concept (PoC) for it.

#vulncheck #EN #2023 #analysis #vulnerability #Sophos #CVE-2023-1671 #pre-authenticated #command #injection

·vulncheck.com·Apr 22, 2023

Analysis of Pre-Auth RCE in Sophos Web Appliance (CVE-2023-1671)

‘InTheBox’ Web Injects Targeting Android Banking Applications Worldwide

Cyble analyzes 'InTheBox' as part of its thorough research on Web Injects and their role in targeting Android Banking applications worldwide,

#cyble #EN #2023 #analysis #InTheBox #Android #Banking #injection

·blog.cyble.com·Jan 31, 2023

‘InTheBox’ Web Injects Targeting Android Banking Applications Worldwide

Resolved RCE in Sophos Firewall (CVE-2022-3236)

A code injection vulnerability allowing remote code execution was discovered in the User Portal and Webadmin of Sophos Firewall. The vulnerability has been fixed.

#sophos #EN #RCE #firewall #CVE-2022-3236 #injection #Webadmin

·sophos.com·Sep 26, 2022

Resolved RCE in Sophos Firewall (CVE-2022-3236)

Azure Cloud Shell Command Injection Stealing User’s Access Tokens

This post describes how I took over an Azure Cloud Shell trusted domain and leveraged it to inject and execute commands in other users’ terminals.

#lightspin #EN #2022 #Azure #Cloud #Shell #injection #terminals #IoCs #Analysis #Tokens #steal

·blog.lightspin.io·Sep 21, 2022

Azure Cloud Shell Command Injection Stealing User’s Access Tokens

Process injection: breaking all macOS security layers with a single vulnerability ·

In macOS 12.0.1 Monterey, Apple fixed CVE-2021-30873. This was a process injection vulnerability affecting (essentially) all macOS AppKit-based applications. We reported this vulnerability to Apple, along with methods to use this vulnerability to escape the sandbox, elevate privileges to root and bypass the filesystem restrictions of SIP.

#sector7 #EN #2022 #macOS #CVE-2021-30873 #Process #injection

·sector7.computest.nl·Aug 15, 2022

Process injection: breaking all macOS security layers with a single vulnerability ·

‘InTheBox’ Web Injects Targeting Android Banking Applications Worldwide

Cyble analyzes 'InTheBox' as part of its thorough research on Web Injects and their role in targeting Android Banking applications worldwide,

#cyble #EN #2023 #analysis #InTheBox #Android #Banking #injection

·blog.cyble.com·Jan 31, 2023

‘InTheBox’ Web Injects Targeting Android Banking Applications Worldwide

Resolved RCE in Sophos Firewall (CVE-2022-3236)

A code injection vulnerability allowing remote code execution was discovered in the User Portal and Webadmin of Sophos Firewall. The vulnerability has been fixed.

#sophos #EN #RCE #firewall #CVE-2022-3236 #injection #Webadmin

·sophos.com·Sep 26, 2022

Resolved RCE in Sophos Firewall (CVE-2022-3236)

Azure Cloud Shell Command Injection Stealing User’s Access Tokens

This post describes how I took over an Azure Cloud Shell trusted domain and leveraged it to inject and execute commands in other users’ terminals.

#lightspin #EN #2022 #Azure #Cloud #Shell #injection #terminals #IoCs #Analysis #Tokens #steal

·blog.lightspin.io·Sep 21, 2022

Azure Cloud Shell Command Injection Stealing User’s Access Tokens

Process injection: breaking all macOS security layers with a single vulnerability ·

#sector7 #EN #2022 #macOS #CVE-2021-30873 #Process #injection

·sector7.computest.nl·Aug 15, 2022

Process injection: breaking all macOS security layers with a single vulnerability ·

#sector7 #EN #2022 #macOS #CVE-2021-30873 #Process #injection

·sector7.computest.nl·Aug 15, 2022

Process injection: breaking all macOS security layers with a single vulnerability ·