MG Strategy+

Cybersecurity Data Services

 
  • Join Now-Sign Up
  • Log In

Building Innovative Public-Private-Partnerships for Effective and Equitable WSS Services – Project Financing

Chemical Industry – Parsons Report – Cybersecurity

Project Management Evaluation Good Practice Standards – ECG – EPCM

  • Editor Paper Extracts
  • Editor Picks Articles
  • Editor Picks Maps
  • Editor Picks Reports
  • MGS+ EPCM Workgroup
  • MGS+ ICS Workgroup
  • MGS+ Operational Efficiencies Workgroup
  • MGS+ Partners
  • Uncategorized

001 MGS Alerts Advisories

  • CVE-2023-29139 | CheckUser Extension fino 1.39.3 su MediaWiki CheckUserLog API Request denial of service
    Un punto di criticita di livello problematico è stato rilevato in CheckUser Extension fino 1.39.3. Da questa vulnerabilità è interessato una funzione sconosciuta del componente CheckUserLog API Request Handler. Attraverso ... read more
  • CVE-2023-26925 | D-Link DIR-882 1.30 Syslog rivelazione di un 'informazione
    In D-Link DIR-882 1.30 è stato trovato un punto critico di livello problematico. É interessato una funzione sconosciuta del componente Syslog. Per causa della manipolazione di un input sconosciuto se ... read more
  • CVE-2023-29137 | GrowthExperiments Extension fino 1.39.3 su MediaWiki Timezone rivelazione di un 'informazione
    In GrowthExperiments Extension fino 1.39.3 è stata rilevato un punto critico di livello problematico. Riguarda una funzione sconosciuta del componente Timezone Handler. Mediante la manipolazione di un input sconosciuto conseguenza ... read more
  • CVE-2023-23594 | SATO CL4NX 1.13.3-u724 autenticazione debole
    Un punto critico di livello critico è stato rilevato in SATO CL4NX 1.13.3-u724. É interessato una funzione sconosciuta. Attraverso la manipolazione di un input sconosciuto per mezzo di una vulerabilità ... read more
  • PCI DSS 12 requirements
    ... read more
  • CVE-2023-1181 | icret easyimages2 up to 2.6.6 cross site scripting
    A vulnerability was found in icret easyimages2 up to 2.6.6. It has been classified as problematic. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability ... read more
  • CVE-2022-44875 | KioWare up to 8.33 on Windows cross site scripting
    A vulnerability classified as critical was found in KioWare up to 8.33. Affected by this vulnerability is an unknown functionality. The manipulation leads to cross site scripting. This vulnerability is ... read more
  • CVE-2023-25077 | EC-CUBE Authentication Key Setting cross site scripting
    A vulnerability classified as problematic has been found in EC-CUBE. Affected is an unknown function of the component Authentication Key Setting Handler. The manipulation leads to cross site scripting. This ... read more
  • CVE-2023-22838 | EC-CUBE/EC-CUBE/and EC-CUBE cross site scripting
    A vulnerability was found in EC-CUBE, EC-CUBE and and EC-CUBE. It has been rated as problematic. This issue affects some unknown processing. The manipulation leads to cross site scripting. The ... read more
  • CVE-2023-27641 | L-Soft LISTSERV prior 16.5 URL wa.exe cross site scripting
    A vulnerability was found in L-Soft LISTSERV. It has been declared as problematic. This vulnerability affects unknown code of the file wa.exe of the component URL Handler. The manipulation leads ... read more
  • CVE-2014-125092 | MaxButtons Plugin up to 1.26.0 on WordPress maxbuttons-button.php maxbuttons_strip_px button_id cross site scripting
    A vulnerability was found in MaxButtons Plugin up to 1.26.0 and classified as problematic. This issue affects the function maxbuttons_strip_px of the file includes/maxbuttons-button.php. The manipulation of the argument button_id ... read more
  • CVE-2015-10091 | ByWater Solutions bywater-koha-xslt systempreferences.pl StringSearch name sql injection
    A vulnerability has been found in ByWater Solutions bywater-koha-xslt and classified as critical. This vulnerability affects the function StringSearch of the file admin/systempreferences.pl. The manipulation of the argument name leads ... read more
  • CVE-2023-0656 | SonicWALL SonicOS stack-based overflow (SNWLID-2023-0004)
    A vulnerability, which was classified as critical, has been found in SonicWALL SonicOS. Affected by this issue is some unknown functionality. The manipulation leads to stack-based buffer overflow. This vulnerability ... read more
  • CVE-2023-1148 | flatpress up to 1.2 cross site scripting
    A vulnerability, which was classified as problematic, has been found in flatpress up to 1.2. This issue affects some unknown processing. The manipulation leads to cross site scripting. The identification ... read more
  • CVE-2023-1025 | Simple File List Plugin up to 6.0.9 on WordPress cross site scripting
    A vulnerability was found in Simple File List Plugin up to 6.0.9 and classified as problematic. This issue affects some unknown processing. The manipulation leads to cross site scripting. The ... read more
  • CVE-2023-0365 | React Webcam Plugin up to 1.2.0 on WordPress Shortcode cross site scripting
    A vulnerability was found in React Webcam Plugin up to 1.2.0. It has been classified as problematic. Affected is an unknown function of the component Shortcode Handler. The manipulation leads ... read more
  • CVE-2023-0370 | WPB Advanced FAQ Plugin up to 1.0.6 on WordPress Shortcode cross site scripting
    A vulnerability has been found in WPB Advanced FAQ Plugin up to 1.0.6 and classified as problematic. This vulnerability affects unknown code of the component Shortcode Handler. The manipulation leads ... read more
  • CVE-2022-4148 | WP OAuth Server Plugin up to 4.2.5 on WordPress wo_ajax_remove_client denial of service
    A vulnerability was found in WP OAuth Server Plugin up to 4.2.5. It has been rated as problematic. This issue affects the function wo_ajax_remove_client. The manipulation leads to denial of ... read more
  • CVE-2023-24533 | filippo.io nistec prior 0.0.2 P-256 Scalar Calculation calculation
    A vulnerability was found in filippo.io nistec. It has been declared as problematic. This vulnerability affects unknown code of the component P-256 Scalar Calculation. The manipulation leads to incorrect calculation. ... read more
  • CVE-2023-27328 | Parallels Desktop Toolgate erweiterte Rechte
    In Parallels Desktop wurde eine kritische Schwachstelle ausgemacht. Dabei geht es um eine nicht genauer bekannte Funktion der Komponente Toolgate. Mittels Manipulieren mit unbekannten Daten kann eine erweiterte Rechte-Schwachstelle ausgenutzt ... read more
  • CVE-2023-27325 | Parallels Desktop Updater Privilege Escalation
    Eine problematische Schwachstelle wurde in Parallels Desktop ausgemacht. Hierbei geht es um eine nicht exakt ausgemachte Funktion der Komponente Updater. Durch das Manipulieren mit unbekannten Daten kann eine Privilege Escalation-Schwachstelle ... read more
  • CVE-2023-28750 | Albo Pretorio Online Plugin bis 4.6 auf WordPress Errore Cross Site Scripting
    Es wurde eine problematische Schwachstelle in Albo Pretorio Online Plugin bis 4.6 entdeckt. Betroffen hiervon ist ein unbekannter Ablauf. Mittels Manipulieren des Arguments Errore mit unbekannten Daten kann eine Cross ... read more
  • CVE-2023-27326 | Parallels Desktop Toolgate Directory Traversal
    Es wurde eine kritische Schwachstelle in Parallels Desktop ausgemacht. Es geht dabei um eine nicht klar definierte Funktion der Komponente Toolgate. Mittels dem Manipulieren mit unbekannten Daten kann eine Directory ... read more
  • CVE-2023-27324 | Parallels Desktop Updater Privilege Escalation
    Es wurde eine Schwachstelle in Parallels Desktop entdeckt. Sie wurde als problematisch eingestuft. Es betrifft eine unbekannte Funktion der Komponente Updater. Durch Manipulieren mit unbekannten Daten kann eine Privilege Escalation-Schwachstelle ... read more
  • CVE-2023-28784 | Contest Gallery Plugin bis 21.1.2 auf WordPress Cross Site Scripting
    In Contest Gallery Plugin bis 21.1.2 wurde eine Schwachstelle ausgemacht. Sie wurde als problematisch eingestuft. Betroffen ist eine unbekannte Verarbeitung. Durch Manipulation mit unbekannten Daten kann eine Cross Site Scripting-Schwachstelle ... read more
  • CVE-2023-28776 | Continuous Image Carousel with Lightbox Plugin bis 1.0.15 auf WordPress search_term/order_by/order_pos Cross Site Scripting
    Es wurde eine Schwachstelle in Continuous Image Carousel with Lightbox Plugin bis 1.0.15 ausgemacht. Sie wurde als problematisch eingestuft. Hiervon betroffen ist ein unbekannter Codeblock. Durch die Manipulation des Arguments ... read more
  • CVE-2023-28774 | Review Stream Plugin bis 1.6.5 auf WordPress Cross Site Scripting
    Eine Schwachstelle wurde in Review Stream Plugin bis 1.6.5 gefunden. Sie wurde als problematisch eingestuft. Davon betroffen ist unbekannter Code. Mit der Manipulation mit unbekannten Daten kann eine Cross Site ... read more
  • CVE-2023-27327 | Parallels Desktop Toolgate Race Condition
    Es wurde eine Schwachstelle in Parallels Desktop gefunden. Sie wurde als problematisch eingestuft. Dabei betrifft es einen unbekannter Codeteil der Komponente Toolgate. Dank der Manipulation mit unbekannten Daten kann eine ... read more
  • CVE-2023-28792 | Continuous Image Carousel With Lightbox Plugin bis 1.0.15 auf WordPress search_term/order_by/order_pos Cross Site Scripting
    In Continuous Image Carousel With Lightbox Plugin bis 1.0.15 wurde eine Schwachstelle gefunden. Sie wurde als problematisch eingestuft. Hierbei betrifft es unbekannten Programmcode. Dank Manipulation des Arguments search_term/order_by/order_pos mit unbekannten ... read more
  • CVE-2023-27323 | Parallels Desktop Updater Race Condition
    In Parallels Desktop wurde eine Schwachstelle entdeckt. Sie wurde als problematisch eingestuft. Das betrifft eine unbekannte Funktionalität der Komponente Updater. Durch das Beeinflussen mit unbekannten Daten kann eine Race Condition-Schwachstelle ... read more
  • CVE-2023-27322 | Parallels Desktop Service Local Privilege Escalation
    Eine Schwachstelle wurde in Parallels Desktop entdeckt. Sie wurde als problematisch eingestuft. Dies betrifft einen unbekannten Teil der Komponente Service. Durch Beeinflussen mit unbekannten Daten kann eine Local Privilege Escalation-Schwachstelle ... read more
  • CVE-2023-0764 | BestWebSoft Gallery Plugin bis 4.6.9 auf WordPress Cross Site Scripting
    Eine Schwachstelle wurde in BestWebSoft Gallery Plugin bis 4.6.9 ausgemacht. Sie wurde als problematisch eingestuft. Betroffen davon ist ein unbekannter Prozess. Mittels dem Manipulieren mit unbekannten Daten kann eine Cross ... read more
  • CVE-2023-22846 | Siemens Solid Edge Viewer SLDPRT File Parser rivelazione di un 'informazione
    È stata rilevata una vulnerabilità di livello problematico in Siemens Solid Edge Viewer. É interessato una funzione sconosciuta del componente SLDPRT File Parser. La manipolazione di un input sconosciuto se ... read more
  • CVE-2023-0277 | WC Fields Factory Plugin fino 4.1.5 su WordPress sql injection
    Un punto critico di livello critico è stato rilevato in WC Fields Factory Plugin fino 4.1.5. É interessato una funzione sconosciuta. Mediante la manipolazione di un input sconosciuto conseguenza di ... read more
  • CVE-2022-46808 | ARMember Plugin fino 3.4.11 su WordPress sql injection
    In ARMember Plugin fino 3.4.11 è stata rilevato un punto critico di livello critico. Riguarda una funzione sconosciuta. Per causa della manipolazione di un input sconosciuto se causa una vulnerabilità ... read more
  • CVE-2023-22295 | Siemens Solid Edge Viewer SLDPRT File Parser rivelazione di un 'informazione
    In Siemens Solid Edge Viewer stata rilevata una vulnerabilità di livello problematico. Da questa vulnerabilità è interessato una funzione sconosciuta del componente SLDPRT File Parser. Attraverso la manipolazione di un ... read more
  • CVE-2023-27329 | Foxit PDF Reader Annotation Pufferüberlauf
    Eine kritische Schwachstelle wurde in Foxit PDF Reader ausgemacht. Es geht hierbei um eine nicht näher spezifizierte Funktion der Komponente Annotation Handler. Dank der Manipulation mit unbekannten Daten kann eine ... read more
  • CVE-2023-27331 | Foxit PDF Reader Annotation Pufferüberlauf
    In Foxit PDF Reader wurde eine Schwachstelle entdeckt. Sie wurde als kritisch eingestuft. Dabei geht es um eine nicht genauer bekannte Funktion der Komponente Annotation Handler. Mit der Manipulation mit ... read more
  • CVE-2023-27330 | Foxit PDF Reader XFA Annotation Pufferüberlauf
    Es wurde eine Schwachstelle in Foxit PDF Reader entdeckt. Sie wurde als kritisch eingestuft. Es geht dabei um eine nicht klar definierte Funktion der Komponente XFA Annotation Handler. Dank Manipulation ... read more
  • CVE-2023-23002 | Linux Kernel up to 5.16.2 hci_qca.c qca_serdev_probe devm_gpiod_get_index_optional return value
    A vulnerability was found in Linux Kernel up to 5.16.2. It has been classified as problematic. This affects the function qca_serdev_probe of the file drivers/bluetooth/hci_qca.c. The manipulation of the argument ... read more
  • CVE-2023-23004 | Linux Kernel up to 5.18 malidp_planes.c malidp_check_pages_threshold return value
    A vulnerability was found in Linux Kernel up to 5.18. It has been declared as problematic. This vulnerability affects the function malidp_check_pages_threshold of the file drivers/gpu/drm/arm/malidp_planes.c. The manipulation leads to ... read more
  • CVE-2023-25544 | Dell NetWorker up to 19.5 Apache Tomcat information disclosure (dsa-2023-058)
    A vulnerability, which was classified as problematic, has been found in Dell NetWorker up to 19.5. Affected by this issue is some unknown functionality of the component Apache Tomcat. The ... read more
  • CVE-2023-24751 | libde265 1.0.10 motion.cc mc_chroma null pointer dereference (ID 379)
    A vulnerability was found in libde265 1.0.10 and classified as problematic. This issue affects the function mc_chroma of the file motion.cc. The manipulation leads to null pointer dereference. The identification ... read more
  • CVE-2023-24754 | libde265 1.0.10 sse-motion.cc ff_hevc_put_weighted_pred_avg_8_sse null pointer dereference (ID 382)
    A vulnerability was found in libde265 1.0.10. It has been declared as problematic. Affected by this vulnerability is the function ff_hevc_put_weighted_pred_avg_8_sse of the file sse-motion.cc. The manipulation leads to null ... read more
  • CVE-2023-24567 | Dell NetWorker up to 19.5 RabbitMQ information disclosure (dsa-2023-058)
    A vulnerability has been found in Dell NetWorker up to 19.5 and classified as problematic. This vulnerability affects unknown code of the component RabbitMQ. The manipulation leads to information disclosure. ... read more
  • CVE-2023-23315 | PrestaShop up to 4.5.5 initContent sql injection
    A vulnerability, which was classified as critical, was found in PrestaShop up to 4.5.5. This affects the function stripejsValidationModuleFrontController::initContent. The manipulation leads to sql injection. This vulnerability is uniquely identified ... read more
  • NA – CVE-2023-1663 – Coverity versions prior to 2023.3.2 are…
    Coverity versions prior to 2023.3.2 are vulnerable to forced browsing, which exposes authenticated resources to unauthorized actors. The root cause of this vulnerability is an insecurely configured ... read more
  • North Korean threat actor APT43 pivots back to strategic cyberespionage
    When it comes to threat actors working for the North Korean government, most people have heard of the Lazarus group (APT38). It was responsible for the 2014 attack against ... read more
  • Noname Security releases API security updates
    API security vendor Noname Security today announced a new release of its platform, with a number of upgrades designed to enhance visibility into a user’s API environment and protect ... read more
  • HP releases Wolf Connect solution for secure remote PC management
    HP Inc. has announced the launch of HP Wolf Connect, a new IT management solution that provides resilient and secure connections to remote PCs. The solution enables IT teams ... read more

MG Strategy+ Industrial Control Systems Group @2019

KAVI MGS iSTRACIN Platform v 02.25 Friday, March 31, 2023

  • Disclaimer |
  • Terms |
  • Privacy
  • About-Services |
  • Blog-Reports
  • YouTube
  • Pinterest
  • LinkedIn
  • Twitter
  • LinkedIn
  • Twitter
  • Connect-Contact

Login

Login to integratus systems Exchange Platform Services

Forgot password?
Register Now

Hello

  • Your Account Type is
  • Your Mail Id is
  • Your Username is

PDF Library Search

Security Briefing Search

epcm Search

Reset Password

Reset Password

You have no permission to access this content