Security
Headlines
HeadlinesLatestCVEs

Tag

#windows

CVE-2023-43021: IBM InfoSphere Information Server is affected by an information disclosure vulnerability (CVE-2023-43021)

IBM InfoSphere Information Server 11.7 could allow a remote attacker to obtain sensitive information when a detailed technical error message is returned in the browser. This information could be used in further attacks against the system. IBM X-Force ID: 266167.

CVE
Open in Source
#vulnerability#windows#linux#ibm
CVE-2023-46174: Security Bulletin: IBM InfoSphere Information Server is vulnerable to cross-site scripting (CVE-2023-46174)

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 269506.

When It Comes to January 6 Lawsuits, a Court Splits Donald Trump in Two

A federal court ruled on Friday that Trump, as president, may be able to avoid civil action for his role in the January 6, 2021, attack on the US Capitol. But candidate Trump is something different.

CVE-2023-38268: Security Bulletin: IBM InfoSphere Information Server is vulnerable to cross-site request forgery (CVE-2023-38268)

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM X-Force ID: 260585.

CVE-2023-43015: Security Bulletin: IBM InfoSphere Information Server is vulnerable to cross-site scripting (CVE-2023-43015)

IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability allows users to embed arbitrary JavaScript code in the Web UI thus altering the intended functionality potentially leading to credentials disclosure within a trusted session. IBM X-Force ID: 266064.

CVE-2023-48893: Vuln0wned Report: SQL Injection in staff_act.php · Issue #209 · slims/slims9_bulian

Senayan Library Management Systems SLIMS 9 Bulian v9.6.1 is vulnerable to SQL Injection via admin/modules/reporting/customs/staff_act.php.

Google to Delete Inactive Gmail Accounts From Today: What You Need to Know

By Deeba Ahmed Google will delete free Google accounts that have not been signed into for two years and do not have any active subscriptions. This is a post from HackRead.com Read the original post: Google to Delete Inactive Gmail Accounts From Today: What You Need to Know

WBCE CMS 1.6.1 Shell Upload

WBCE CMS version 1.6.1 suffers from a remote shell upload vulnerability.

Chinese Hackers Using SugarGh0st RAT to Target South Korea and Uzbekistan

A suspected Chinese-speaking threat actor has been attributed to a malicious campaign that targets the Uzbekistan Ministry of Foreign Affairs and South Korean users with a remote access trojan called SugarGh0st RAT. The activity, which commenced no later than August 2023, leverages two different infection sequences to deliver the malware, which is a customized variant of Gh0st RAT

CVE-2023-45253: Security Disclosure of Vulnerabilities: CVE-2023-45252 and CVE-2023-45253

An issue was discovered in Huddly HuddlyCameraService before version 8.0.7, not including version 7.99, allows attackers to manipulate files and escalate privileges via RollingFileAppender.DeleteFile method performed by the log4net library.