CVE-2023-34362: MOVEit Transfer SQL Injection Vulnerability Threat Brief
On May 31, Progress Software posted a notification alerting customers of a critical Structured Query Language injection (SQLi) vulnerability (CVE-2023-34362) in their MOVEit Transfer product. MOVEit Transfer is a managed file transfer (MFT) application intended to provide secure collaboration and automated file transfers of sensitive data.
New macOS vulnerability, Migraine, could bypass System Integrity Protection | Microsoft Security Blog
A new vulnerability, which we refer to as “Migraine” for its involvement with macOS migration, could allow an attacker with root access to automatically bypass System Integrity Protection (SIP) in macOS and perform arbitrary operations on a device
The Race to Patch: Attackers Leverage Sample Exploit Code in Wordpress Plugin | Akamai
The time for attackers to respond to known vulnerabilities is shrinking. See an example of an attacker using sample code. * The Akamai Security Intelligence Group (SIG) has been analyzing attack attempt activity following the announcement of a critical vulnerability in a WordPress custom fields plug-in affecting more than 2 million sites. * Exploiting this vulnerability could lead to a reflected cross-site scripting (XSS) attack, in which malicious code is injected into a victim site and pushed to its visitors. * On May 4, 2023, the WP Engine team announced the security fix in version 6.1.6, including sample exploit code as a proof of concept (PoC). * Starting on May 6, less than 48 hours after the announcement, the SIG observed significant attack attempt activity, scanning for vulnerable sites using the sample code provided in the technical write-up. * This highlights that the response time for attackers is rapidly decreasing, increasing the need for vigorous and prompt patch management.
oss-sec: [CVE-2023-32233] Linux kernel use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary reads and writes in kernel memory
An issue has been discovered in the Linux kernel that can be abused by unprivileged local users to escalate privileges. The issue is about Netfilter nf_tables accepting some invalid updates to its configuration.
WordPress Advanced Custom Fields Pro plugin 6.1.5 - Reflected Cross Site Scripting (XSS) vulnerability
Rafie Muhammad (Patchstack) discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress Advanced Custom Fields PRO Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has been fixed in version 6.1.6.
Analysis of Pre-Auth RCE in Sophos Web Appliance (CVE-2023-1671)
CVE-2023-1671 is a pre-authenticated command injection in Sophos Web Appliance. In this blog post, VulnCheck researchers analyze the vulnerability and develop a proof of concept (PoC) for it.
Remote Code Execution Vulnerability in Google They Are Not Willing To Fix
This is a story about a security vulnerability in Google that allowed me to run arbitrary code on the computers of 50+ Google employees. Although Google initially considered my finding a serious security incident, later on, it changed its mind and stated that my finding is not, in fact, a vulnerability, but the intended behavior of their software.
Vulnerability CVE-2023-27532 in a Veeam Backup & Replication component allows an unauthenticated user operating within the backup infrastructure network perimeter to obtain encrypted credentials stored in the configuration database. This may lead to an attacker gaining access to the backup infrastructure hosts.
PoC exploit for recently patched Microsoft Word RCE is public (CVE-2023-21716)
A PoC exploit for CVE-2023-21716, a critical RCE vulnerability in Microsoft Word that can be exploited when the user previews a specially crafted RTF document, is now publicly available.
CVD, EU-DSGVO and revDSG - A personal responsible disclosure experience of a data breach in the Swiss cyber landscape in 2022/23
n late November 2022, a few days after ETH Alumni launched their new feature “Who is who” which allows them to look up and connect to other members, I came across a severe access control vulnerability. Without any authorization over the internet, it allowed extracting at least 35418 member profiles, including full name, postal address, nationality, title, graduation field, study start year, gender, profile picture and hashed passwords.
Zoom Patches High Risk Flaws on Windows, MacOS Platforms
Video messaging giant Zoom has released patches for multiple security vulnerabilities that expose both Windows and macOS users to malicious hacker attacks.
Jenkins discloses dozens of zero-day bugs in multiple plugins
On Thursday, the Jenkins security team announced 34 security vulnerabilities affecting 29 plugins for the Jenkins open source automation server, 29 of the bugs being zero-days still waiting to be patched.
Hacker claims to be selling Twitter data of 400 million users
A threat actor claims to be selling public and private data of 400 million Twitter users scraped in 2021 using a now-fixed API vulnerability. They're asking $200,000 for an exclusive sale.
Critical Ping Vulnerability Allows Remote Attackers to Take Over FreeBSD Systems
he maintainers of the FreeBSD operating system have released updates to remediate a security vulnerability impacting the ping module that could be potentially exploited to crash the program or trigger remote code execution. The issue, assigned the identifier CVE-2022-23093, impacts all supported versions of FreeBSD and concerns a stack-based buffer overflow vulnerability in the ping service.
CVE-2022-21661: Exposing Database Info via WordPress SQL Injection
In October of this year, we received a report from ngocnb and khuyenn from GiaoHangTietKiem JSC covering a SQL injection vulnerability in WordPress. The bug could allow an attacker to expose data stored in a connected database. This vulnerability was recently addressed as CVE-2022-21661 ( ZDI-22-020
Google pushes emergency Chrome update to fix 8th zero-day in 2022
Google has released an emergency security update for the desktop version of the Chrome web browser, addressing the eighth zero-day vulnerability exploited in attacks this year.
![oss-sec: [CVE-2023-32233] Linux kernel use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary reads and writes in kernel memory](https://rdl.ink/render/https%3A%2F%2Fseclists.org%2Fimages%2Foss-sec-img.png?width=92&height=&ar=&mode=&format=avif&dpr=2)
