May 2023 - Page 14 of 100 - Cyber Security News

A vulnerability classified as problematic was found in Bestwebsoft Relevant Plugin up to 1.0.7 on WordPress. Affected by this vulnerability is an unknown functionality of...

May 29, 2023

Advisories

CVE-2021-37845

An issue was discovered in Citadel through webcit-932. A meddler-in-the-middle attacker can fixate their own session during the cleartext phase before a STARTTLS command (a...

May 29, 2023

Advisories

CVE-2021-27825

A directory traversal vulnerability on Mercury MAC1200R devices allows attackers to read arbitrary files via a web-static/ URL. Read More

May 29, 2023

Advisories

CVE-2020-29547

An issue was discovered in Citadel through webcit-926. Meddler-in-the-middle attackers can pipeline commands after POP3 STLS, IMAP STARTTLS, or SMTP STARTTLS commands, injecting cleartext commands...

May 29, 2023

Advisories

CVE-2019-19791

In LemonLDAP::NG (aka lemonldap-ng) before 2.0.7, the default Apache HTTP Server configuration does not properly restrict access to SOAP/REST endpoints (when some LemonLDAP::NG setup options...

May 29, 2023

Bitfinex Hacker Jailed for Five Years Over Billion Dollar Crypto Heist

watchTowr Finds New Zero-Day Vulnerability in Fortinet Products

Good Essay on the History of Bad Password Policies

Ransomware Groups Use Cloud Services For Data Exfiltration

O2’s AI Granny Outsmarts Scam Callers with Knitting Tales

Safeguarding Healthcare Organizations from IoMT Risks

An Interview With the Target & Home Depot Hacker

Sitting Ducks DNS Attacks Put Global Domains at Risk

Microsoft Power Pages Misconfiguration Leads to Data Exposure

Month: May 2023

GLSA 202305-33: OpenImageIO: Multiple Vulnerabilities

GLSA 202305-34: CGAL: Multiple Vulnerabilities

GLSA 202305-35: Mozilla Firefox: Multiple Vulnerabilities

GLSA 202305-36: Mozilla Thunderbird: Multiple Vulnerabilities

GLSA 202305-37: Apache Tomcat: Multiple Vulnerabilities

CVE-2014-125102

CVE-2021-37845

CVE-2021-27825

CVE-2020-29547

CVE-2019-19791