August 2023 - Page 25 of 93 - Cyber Security News

ZDI-23-1208: (0Day) LG Simple Editor readVideoInfo Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. Read...

August 24, 2023

Advisories

ZDI-23-1209: (0Day) LG Simple Editor createThumbnailByMovie Command Injection Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. Read...

August 24, 2023

Advisories

ZDI-23-1210: (0Day) LG Simple Editor copyContent XML External Entity Processing Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. Read...

August 24, 2023

Advisories

ZDI-23-1211: (0Day) LG Simple Editor copyContent XML External Entity Processing Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. Read...

August 24, 2023

Advisories

ZDI-23-1212: (0Day) LG Simple Editor putCanvasDB Directory Traversal Arbitrary File Deletion Vulnerability

This vulnerability allows remote attackers to delete arbitrary files on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. Read...

August 24, 2023

Advisories

ZDI-23-1213: (0Day) LG Simple Editor deleteCanvas Directory Traversal Arbitrary File Deletion Vulnerability

This vulnerability allows remote attackers to delete arbitrary files on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. Read...

August 24, 2023

Advisories

ZDI-23-1214: (0Day) LG Simple Editor getServerSetting Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. Read More

August 24, 2023

Advisories

ZDI-23-1215: (0Day) LG Simple Editor checkServer Authentication Bypass Vulnerability

This vulnerability allows remote attackers to bypass authentication on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. Read More

August 24, 2023

Advisories

ZDI-23-1216: (0Day) LG Simple Editor PlayerController getImageByFilename Directory Traversal Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of LG Simple Editor. Although authentication is required to exploit this vulnerability, the...

August 24, 2023

Advisories

ZDI-23-1217: (0Day) LG Simple Editor copyContent Exposed Dangerous Function Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of LG Simple Editor. Authentication is not required to exploit this vulnerability. Read...

August 24, 2023

Palo Alto Networks Confirms New Zero-Day Being Exploited by Threat Actors

Bitfinex Hacker Jailed for Five Years Over Billion Dollar Crypto Heist

watchTowr Finds New Zero-Day Vulnerability in Fortinet Products

Good Essay on the History of Bad Password Policies

Ransomware Groups Use Cloud Services For Data Exfiltration

O2’s AI Granny Outsmarts Scam Callers with Knitting Tales

Safeguarding Healthcare Organizations from IoMT Risks

An Interview With the Target & Home Depot Hacker

Sitting Ducks DNS Attacks Put Global Domains at Risk

Month: August 2023

ZDI-23-1208: (0Day) LG Simple Editor readVideoInfo Command Injection Remote Code Execution Vulnerability

ZDI-23-1209: (0Day) LG Simple Editor createThumbnailByMovie Command Injection Remote Code Execution Vulnerability

ZDI-23-1210: (0Day) LG Simple Editor copyContent XML External Entity Processing Information Disclosure Vulnerability

ZDI-23-1211: (0Day) LG Simple Editor copyContent XML External Entity Processing Information Disclosure Vulnerability

ZDI-23-1212: (0Day) LG Simple Editor putCanvasDB Directory Traversal Arbitrary File Deletion Vulnerability

ZDI-23-1213: (0Day) LG Simple Editor deleteCanvas Directory Traversal Arbitrary File Deletion Vulnerability

ZDI-23-1214: (0Day) LG Simple Editor getServerSetting Authentication Bypass Vulnerability

ZDI-23-1215: (0Day) LG Simple Editor checkServer Authentication Bypass Vulnerability

ZDI-23-1216: (0Day) LG Simple Editor PlayerController getImageByFilename Directory Traversal Information Disclosure Vulnerability

ZDI-23-1217: (0Day) LG Simple Editor copyContent Exposed Dangerous Function Remote Code Execution Vulnerability