Security
Headlines
HeadlinesLatestCVEs

Tag

#ios

Researchers Develop Exploit Code for Critical Fortinet VPN Bug

Some 340,000 FortiGate SSL VPN appliances remain exposed to the threat more than three weeks after Fortinet released firmware updates to address the issue.

DARKReading
#vulnerability#ios#windows#cisco#rce#buffer_overflow#auth#ssl
ChatGPT tricked into generating Windows 10 and Windows 11 keys

By Waqas A Twitter user successfully utilized the "grandma exploit" to trick ChatGPT and acquire multiple Windows 10 codes. This is a post from HackRead.com Read the original post: ChatGPT tricked into generating Windows 10 and Windows 11 keys

Architecting XDR to Save Money and Your SOC's Sanity

XDR can lower platform costs and improve detection, but it requires committing to a few principles that go against the established way of thinking about SOC.

A week in security (June 26 - July 2)

Categories: News A list of topics we covered in the week of June 26 to July 2 of 2023 (Read more...) The post A week in security (June 26 - July 2) appeared first on Malwarebytes Labs.

CVE-2020-36741: class-wcmp-vendor-dashboard.php in dc-woocommerce-multi-vendor/tags/3.5.8/classes – WordPress Plugin Repository

The MultiVendorX plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 3.5.7. This is due to missing or incorrect nonce validation on the submit_comment() function. This makes it possible for unauthenticated attackers to submit comments via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.

CVE-2023-33298: MacOS - Agent

com.perimeter81.osx.HelperTool in Perimeter81 10.0.0.19 on macOS allows Local Privilege Escalation (to root) via shell metacharacters in usingCAPath.

CVE-2023-3338: Linux Kernel NULL Pointer Dereference in DECnet

A flaw null pointer dereference in the Linux kernel DECnet networking protocol was found. A remote user could use this flaw to crash the system.