MG Strategy+

Cybersecurity Data Services

 
  • Join Now-Sign Up
  • Log In
Category : MGS+ Partners

MGS+ Intelligence Platform – Version 2.0 Release

  MGS+ Intelligence Platform – Cyber Security Data Services Version 2.0 Released November 17 2017   About Platform   Platform […]

  • Editor Paper Extracts
  • Editor Picks Articles
  • Editor Picks Maps
  • Editor Picks Reports
  • MGS+ EPCM Workgroup
  • MGS+ ICS Workgroup
  • MGS+ Operational Efficiencies Workgroup
  • MGS+ Partners
  • Uncategorized

001 MGS Alerts Advisories

  • Mozilla security advisory (AV23-587)
    ... read more
  • CVE-2023-43192 | jfinal_cms sql injection
    In jfinal_cms è stato trovato un punto critico di livello critico. É interessato una funzione sconosciuta. Per causa della manipolazione di un input sconosciuto se causa una vulnerabilità di classe ... read more
  • Cloudflare is a Teenager: A Security Company? A Network? A CDN? No! A Connectivity Cloud
    We have been very successful with our spin-out companies. Overall, as a company grows, it will typically reflect the beliefs of its founders, and so any new startup needs to ... read more
  • CVE-2023-43656 | matrix-hookshot bis 4.4.x generic.allowJsTransformationFunctions erweiterte Rechte (GHSA-fr97-pv6w-4cj6)
    Eine Schwachstelle wurde in matrix-hookshot bis 4.4.x entdeckt. Sie wurde als problematisch eingestuft. Es geht hierbei um die Funktion generic.allowJsTransformationFunctions. Durch Manipulation mit unbekannten Daten kann eine erweiterte Rechte-Schwachstelle ausgenutzt ... read more
  • CVE-2023-43314 | ZyXEL PMG2005-T20B cgi-bin/login.asp uid Pufferüberlauf
    In ZyXEL PMG2005-T20B wurde eine Schwachstelle gefunden. Sie wurde als kritisch eingestuft. Dabei geht es um eine nicht genauer bekannte Funktion der Datei cgi-bin/login.asp. Mittels Manipulieren des Arguments uid mit ... read more
  • CVE-2023-43320 | Proxmox Backup Server/Mail Gateway Two-factor Authentication schwache Authentisierung
    Eine Schwachstelle wurde in Proxmox Backup Server and Mail Gateway gefunden. Sie wurde als kritisch eingestuft. Hierbei geht es um eine nicht exakt ausgemachte Funktion der Komponente Two-factor Authentication. Durch ... read more
  • CVE-2023-43660 | Warpgate bis 0.8.0 SSH Key schwache Authentisierung (GHSA-3cjp-w4cp-m9c8)
    Es wurde eine Schwachstelle in Warpgate bis 0.8.0 gefunden. Sie wurde als kritisch eingestuft. Es geht dabei um eine nicht klar definierte Funktion der Komponente SSH Key Handler. Mittels dem ... read more
  • CVE-2023-42222 | WebCatalog bis 48.x URL shell.openExternal erweiterte Rechte
    Es wurde eine Schwachstelle in WebCatalog bis 48.x ausgemacht. Sie wurde als kritisch eingestuft. Es betrifft die Funktion shell.openExternal der Komponente URL Handler. Durch Manipulieren mit unbekannten Daten kann eine ... read more
  • NA – CVE-2023-33972 – Scylladb is a NoSQL data store using the…
    Scylladb is a NoSQL data store using the seastar framework, compatible with Apache Cassandra. Authenticated users who are authorized to create tables in a keyspace can escalate their privileges to ... read more
  • NA – CVE-2023-40434 – A configuration issue was addressed with…
    A configuration issue was addressed with additional restrictions. This issue is fixed in iOS 17 and iPadOS 17, macOS Sonoma 14. An app may be able to access a user's ... read more
  • CVE-2023-42822 | xrdp up to 0.9.23.0 xrdp_painter.c out-of-bounds (GHSA-2hjx-rm4f-r9hw)
    A vulnerability was found in xrdp up to 0.9.23.0. It has been declared as problematic. This vulnerability affects unknown code of the file xrdp_painter.c. The manipulation leads to out-of-bounds read. ... read more
  • CVE-2023-43650 | JumpServer prior 2.28.20/3.7.1 password recovery (GHSA-mwx4-8fwc-2xvw)
    A vulnerability classified as critical has been found in JumpServer. Affected is an unknown function. The manipulation leads to weak password recovery. This vulnerability is traded as CVE-2023-43650. It is ... read more
  • CVE-2023-43652 | JumpServer up to 2.28.19/3.7.0 KoKo authorization (GHSA-fr8h-xh5x-r8g9)
    A vulnerability classified as critical was found in JumpServer up to 2.28.19/3.7.0. Affected by this vulnerability is an unknown functionality of the component KoKo. The manipulation leads to missing authorization. ... read more
  • CVE-2023-5184 | zephyrproject-rtos Zephyr IPM Driver signed to unsigned conversion error (GHSA-8x3p-q3r5-xh9g)
    A vulnerability, which was classified as problematic, has been found in zephyrproject-rtos Zephyr. Affected by this issue is some unknown functionality of the component IPM Driver. The manipulation leads to ... read more
  • CVE-2023-33972 | Scylladb privileges management (GHSA-ww5v-p45p-3vhq)
    A vulnerability was found in Scylladb. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to improper privilege management. The identification of this vulnerability ... read more
  • CVE-2023-40475 | GStreamer MXF File Parser integer overflow (ZDI-23-1457)
    A vulnerability was found in GStreamer. It has been classified as critical. Affected is an unknown function of the component MXF File Parser. The manipulation leads to integer overflow. This ... read more
  • CVE-2023-40476 | GStreamer Parsing stack-based overflow (ZDI-23-1458)
    A vulnerability was found in GStreamer and classified as critical. This issue affects some unknown processing of the component Parsing. The manipulation leads to stack-based buffer overflow. The identification of ... read more
  • CVE-2023-40474 | GStreamer MXF File Parser integer overflow (ZDI-23-1456)
    A vulnerability has been found in GStreamer and classified as critical. This vulnerability affects unknown code of the component MXF File Parser. The manipulation leads to integer overflow. This vulnerability ... read more
  • CVE-2023-43040 | Ceph RGW Bucket rgw_rest_s3.cc get_params access control
    A vulnerability, which was classified as critical, was found in Ceph RGW. This affects the function RGWPostObj_ObjStore_S3::get_params of the file rgw_rest_s3.cc of the component Bucket Handler. The manipulation leads to ... read more
  • CVE-2023-20253 | Cisco Catalyst SD-WAN Manager Command Line Interface Parser erweiterte Rechte (cisco-sa-sdwan-vman-sc-LRLfu2z)
    Es wurde eine Schwachstelle in Cisco Catalyst SD-WAN Manager ausgemacht. Sie wurde als kritisch eingestuft. Betroffen hiervon ist ein unbekannter Ablauf der Komponente Command Line Interface Parser. Mittels dem Manipulieren ... read more
  • CVE-2023-42822 | xrdp bis 0.9.23.0 xrdp_painter.c Information Disclosure (GHSA-2hjx-rm4f-r9hw)
    In xrdp bis 0.9.23.0 wurde eine Schwachstelle ausgemacht. Sie wurde als problematisch eingestuft. Es geht um eine nicht näher bekannte Funktion der Datei xrdp_painter.c. Mittels Manipulieren mit unbekannten Daten kann ... read more
  • CVE-2023-41079 | Apple macOS 13 escalazione di privilegi
    In Apple macOS 13 è stata rilevato un punto critico di livello critico. Riguarda una funzione sconosciuta. Mediante la manipolazione di un input sconosciuto conseguenza di una vulerabilità di classe ... read more
  • CVE-2023-40455 | Apple macOS 13 escalazione di privilegi
    Un punto di criticita di livello critico è stato rilevato in Apple macOS 13. Da questa vulnerabilità è interessato una funzione sconosciuta. La manipolazione di un input sconosciuto se causa ... read more
  • CVE-2023-40541 | Apple macOS 13 Shortcut rivelazione di un 'informazione
    Un punto di debole di livello problematico è stato rilevato in Apple macOS 13. É interessato una funzione sconosciuta del componente Shortcut Handler. Attraverso la manipolazione di un input sconosciuto ... read more
  • CVE-2023-40456 | Apple tvOS App access control
    A vulnerability was found in Apple tvOS. It has been classified as critical. This affects an unknown part of the component App Handler. The manipulation leads to improper access controls. ... read more
  • CVE-2023-40520 | Apple tvOS access control
    A vulnerability classified as critical has been found in Apple tvOS. Affected is an unknown function. The manipulation leads to improper access controls. This vulnerability is traded as CVE-2023-40520. The ... read more
  • CVE-2023-41065 | Apple watchOS information disclosure
    A vulnerability, which was classified as problematic, has been found in Apple watchOS. Affected by this issue is some unknown functionality. The manipulation leads to information disclosure. This vulnerability is ... read more
  • CVE-2023-41065 | Apple iOS/iPadOS information disclosure
    A vulnerability classified as problematic was found in Apple iOS and iPadOS. Affected by this vulnerability is an unknown functionality. The manipulation leads to information disclosure. This vulnerability is known ... read more
  • CVE-2023-40520 | Apple watchOS access control
    A vulnerability was found in Apple watchOS. It has been rated as critical. This issue affects some unknown processing. The manipulation leads to improper access controls. The identification of this ... read more
  • CVE-2023-41068 | Apple watchOS escalazione di privilegi
    Una vulnerabilità di livello critico è stata rilevata in Apple watchOS. Riguarda una funzione sconosciuta. Per causa della manipolazione di un input sconosciuto se causa una vulnerabilità di classe escalazione ... read more
  • CVE-2023-43216 | SeaCMS 12.9 admin_ip.php Privilege Escalation
    Un punto critico di livello problematico è stato rilevato in SeaCMS 12.9. É interessato una funzione sconosciuta del file admin_ip.php. La manipolazione di un input sconosciuto se causa una vulnerabilità ... read more
  • CVE-2023-40420 | Apple tvOS Web Content denial of service
    In Apple tvOS è stato trovato un punto critico di livello problematico. É interessato una funzione sconosciuta del componente Web Content Handler. La manipolazione di un input sconosciuto se causa ... read more
  • CVE-2023-39347 | Cilium fino 1.12.13/1.13.6/1.14.1 autenticazione debole (GHSA-gj2r-phwg-6rww)
    In Cilium fino 1.12.13/1.13.6/1.14.1 è stato trovato un punto critico di livello problematico. É interessato una funzione sconosciuta. Mediante la manipolazione di un input sconosciuto conseguenza di una vulerabilità di ... read more
  • CVE-2023-40046 | Progress WS_FTP Server fino 8.7.3/8.8.1 sql injection
    Un punto di criticita di livello critico è stato rilevato in Progress WS_FTP Server fino 8.7.3/8.8.1. Da questa vulnerabilità è interessato una funzione sconosciuta. Per causa della manipolazione di un ... read more
  • CVE-2023-41305 | Huawei EMUI/Magic UI 5G Message crittografia debole
    In Huawei EMUI and Magic UI stata rilevata una vulnerabilità di livello problematico. Da questa vulnerabilità è interessato una funzione sconosciuta del componente 5G Message Handler. La manipolazione di un ... read more
  • CVE-2023-41068 | Apple tvOS escalazione di privilegi
    È stata rilevata una vulnerabilità di livello critico in Apple tvOS. É interessato una funzione sconosciuta. Attraverso l'influenza di un input sconosciuto per mezzo di una vulerabilità di classe escalazione ... read more
  • CVE-2023-41068 | Apple iOS/iPadOS escalazione di privilegi
    Un punto di debole di livello critico è stato rilevato in Apple iOS and iPadOS. É interessato una funzione sconosciuta. Mediante la manipolazione di un input sconosciuto conseguenza di una ... read more
  • CVE-2023-40420 | Apple macOS Web Content denial of service
    Un punto di criticita di livello problematico è stato rilevato in Apple macOS. Da questa vulnerabilità è interessato una funzione sconosciuta del componente Web Content Handler. Attraverso la manipolazione di ... read more
  • CVE-2023-35071 | MRV Tech Logging Administration Panel prima 20230915 sql injection
    In MRV Tech Logging Administration Panel è stata rilevato un punto critico di livello critico. Riguarda una funzione sconosciuta. Attraverso la manipolazione di un input sconosciuto per mezzo di una ... read more
  • CVE-2023-40420 | Apple iOS/iPadOS Web Content denial of service
    Un punto critico di livello problematico è stato rilevato in Apple iOS and iPadOS. É interessato una funzione sconosciuta del componente Web Content Handler. Per causa della manipolazione di un ... read more
  • CVE-2023-40417 | Apple Safari Window Management escalazione di privilegi
    In Apple Safari stata rilevata una vulnerabilità di livello critico. Da questa vulnerabilità è interessato una funzione sconosciuta del componente Window Management. Mediante la manipolazione di un input sconosciuto conseguenza ... read more
  • CVE-2023-40417 | Apple macOS Window Management escalazione di privilegi
    È stata rilevata una vulnerabilità di livello critico in Apple macOS. É interessato una funzione sconosciuta del componente Window Management. Attraverso la manipolazione di un input sconosciuto per mezzo di ... read more
  • CVE-2023-40417 | Apple watchOS Window Management escalazione di privilegi
    Una vulnerabilità di livello critico è stata rilevata in Apple watchOS. Riguarda una funzione sconosciuta del componente Window Management. La manipolazione di un input sconosciuto se causa una vulnerabilità di ... read more
  • CVE-2023-40417 | Apple iOS/iPadOS Window Management escalazione di privilegi
    Un punto di debole di livello critico è stato rilevato in Apple iOS and iPadOS. É interessato una funzione sconosciuta del componente Window Management. Attraverso l'influenza di un input sconosciuto ... read more
  • CVE-2023-40420 | Apple watchOS Web Content denial of service
    In Apple watchOS è stata rilevato un punto critico di livello problematico. Riguarda una funzione sconosciuta del componente Web Content Handler. Attraverso l'influenza di un input sconosciuto per mezzo di ... read more
  • CVE-2023-42460 | Vyper up to 0.3.9 _abi_decode calculation (GHSA-cx2q-hfxr-rj97)
    A vulnerability, which was classified as problematic, was found in Vyper up to 0.3.9. Affected is the function _abi_decode. The manipulation leads to incorrect calculation. This vulnerability is traded as ... read more
  • CVE-2023-43234 | DedeBIZ 6.2.11 file_manage_control.php activepath/filename Privilege Escalation
    A vulnerability was found in DedeBIZ 6.2.11. It has been declared as critical. This vulnerability affects unknown code of the file /admin/file_manage_control.php. The manipulation of the argument activepath/filename leads to ... read more
  • CVE-2023-43154 | Macrob7 Macs Framework Content Management System 1.1.4f isValidLogin type confusion
    A vulnerability was found in Macrob7 Macs Framework Content Management System 1.1.4f. It has been rated as critical. This issue affects the function isValidLogin. The manipulation leads to type confusion. ... read more
  • CVE-2023-3767 | EasyPHP Webserver 14.1 /index.php os command injection
    A vulnerability was found in EasyPHP Webserver 14.1. It has been classified as very critical. This affects an unknown part of the file /index.php?zone=settings. The manipulation leads to os command ... read more
  • CVE-2023-43187 | NodeBB up to 1.18.5 XML-RPC Request xmlrpc.php Privilege Escalation
    A vulnerability was found in NodeBB up to 1.18.5 and classified as critical. Affected by this issue is some unknown functionality of the file xmlrpc.php of the component XML-RPC Request ... read more

MG Strategy+ Industrial Control Systems Group @2019

KAVI MGS iSTRACIN Platform v 02.25 Thursday, September 28, 2023

  • Disclaimer |
  • Terms |
  • Privacy
  • About-Services |
  • Blog-Reports
  • YouTube
  • Pinterest
  • LinkedIn
  • Twitter
  • LinkedIn
  • Twitter
  • Connect-Contact

Login

Login to integratus systems Exchange Platform Services

Forgot password?
Register Now

Hello

  • Your Account Type is
  • Your Mail Id is
  • Your Username is

PDF Library Search

Security Briefing Search

MGS+ Partners Search

Reset Password

Reset Password

You have no permission to access this content