SEC595: Applied Data Science and AI/Machine Learning for Cybersecurity Professionals
SEC595Cyber Defense
SANS Community Benefits
Connect, learn, and share with other cybersecurity professionals
VOLUME 23ISSUE 24
The Consensus Security Vulnerability Alert
Internet Storm Center Spotlight
ISC provides a free analysis and warning service to thousands of Internet users and organizations, and is actively working with Internet Service Providers to fight back against the most malicious attackers. https://isc.sans.edu/about.html
June 2023 Microsoft Patch Tuesday
Published: 2023-06-13
Last Updated: 2023-06-13 18:30:28 UTC
by Johannes Ullrich (Version: 1)
Today's Microsoft patch Tuesday addresses 94 vulnerabilities. This includes 14 Chromium vulnerabilities patched in Microsoft Edge, and five GitHub vulnerabilities. Six of these vulnerabilities are rated as critical.
Three critical vulnerabilities are remote code execution vulnerabilities related to the Windows Pragmatic Multicast (PGM) service. Past PGM vulnerabilities were related to the Microsoft Message Queue (MSMQ), for example, CVE-2023-28250, which was patched in April.
Two of the important vulnerabilities are caused by Microsoft Exchange. Exploitation requires authentication, so these remote code execution vulnerabilities are only regarded as important. But based on history with similar flaws, this issue is worth watching.
A critical vulnerability patched in Sharepoint allows the spoofing of JWT authentication tokens to gain access as an authenticated user.
This month, none of the vulnerabilities were made public before patch Tuesday, and none of them are already exploited.
Read the full entry: https://isc.sans.edu/diary/June+2023+Microsoft+Patch+Tuesday/29942/
Geoserver Attack Details: More Cryptominers against Unconfigured WebApps
Published: 2023-06-12
Last Updated: 2023-06-12 12:46:13 UTC
by Johannes Ullrich (Version: 1)
Last week, I noted increased scans against "GeoServer." GeoServer is an open-source Java application with a simple web-based interface to share geospatial data like maps.
I followed our usual playbook of redirecting these scans to an instance of GeoServer. Geoserver had a few vulnerabilities in the past. I installed an older version of GeoServer to verify if the vulnerability was exploited. However, it looks like a vulnerability wasn't necessary. Instead, similar to what we have seen with NiFi recently, the attacker is just using a built-in code execution feature, and the default install, as deployed by me, did not require credentials.
GeoServer was installed in a docker container, which prevented any actual execution of the attack code. The container did not provide tools like curl to download additional payload. Instead, I downloaded the payloads later manually.
Soon after I configured the honeypot, several exploit requests arrived from 109.237.96.251. These requests took advantage of the Web Processing Server (WPS).
Read the full entry: https://isc.sans.edu/diary/Geoserver+Attack+Details+More+Cryptominers+against+Unconfigured+WebApps/29936/
Undetected PowerShell Backdoor Disguised as a Profile File
Published: 2023-06-09
Last Updated: 2023-06-09 08:05:43 UTC
by Xavier Mertens (Version: 1)
PowerShell remains an excellent way to compromise computers. Many PowerShell scripts found in the wild are usually obfuscated. Most of the time, this helps to have the script detected by fewer antivirus vendors. Yesterday, I found a script that scored 0/59 on VT! Let’s have a look at it.
The file was found with the name « Microsoft.PowerShell_profile.ps1 ». The attacker nicely selected this name because this is a familiar name used by Microsoft to manage PowerShell profiles. You may compare this to the « .bashrc » on Linux. It’s a way to customize your environment. Everything you launch a PowerShell, it will look for several locations, and if a file is found, it will execute it. Note that it’s also an excellent way to implement persistence because the malicious code will be re-executed every time a new PowerShell is launched. It’s listed as T1546.013[2] in the MITRE framework.
Let’s reverse the script (SHA256: a3d265a0ab00466aab978d0ccf94bb48808861b528603bddead6649eea7c0d16). When opened in a text editor, we can see that it is heavily obfuscated...
Read the full entry: https://isc.sans.edu/diary/Undetected+PowerShell+Backdoor+Disguised+as+a+Profile+File/29930/
Internet Storm Center Entries
Deobfuscating a VBS Script With Custom Encoding (2023.06.14)
https://isc.sans.edu/diary/Deobfuscating+a+VBS+Script+With+Custom+Encoding/29940/
DShield Honeypot Activity for May 2023 (2023.06.11)
https://isc.sans.edu/diary/DShield+Honeypot+Activity+for+May+2023/29932/
Ongoing scans for Geoserver (2023.06.08)
https://isc.sans.edu/diary/Ongoing+scans+for+Geoserver/29926/
Recent CVEs
The list is assembled by pulling recent vulnerabilities from NIST NVD, Microsoft, Twitter mentions of vulnerabilities, ISC Diaries and Podcast, and the CISA list of known exploited vulnerabilities. There are also some unscored, but significant, vulnerabilities at the end. This includes vulnerabilities that have not been added to the NVD yet.
CVE-2023-27997 - FortiOS and FortiProxy versions 7.2.4 and below, 7.0.11 and below, 6.4.12 and below, 6.0.16 and below may allow remote execution of arbitrary code via crafted requests.
CVE-2023-3079 - Chromium:
CVE-2023-29357 - Microsoft SharePoint Server Elevation of Privilege Vulnerability
CVE-2023-29363 - Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability
CVE-2023-32014 - Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability
CVE-2023-32015 - Windows Pragmatic General Multicast (PGM) Remote Code Execution Vulnerability
CVE-2022-26134 - Atlassian Confluence Server and Data Center Remote Code Execution Vulnerability
CVE-2023-32540 - Advantech WebAccess/SCADA v9.1.3 and earlier versions allow attackers to overwrite any file in the OS, inject code into XLS files, and execute arbitrary code by modifying file extensions.
CVE-2023-32628 - Advantech WebAccess/SCADA v9.1.3 and earlier allows remote code execution via an arbitrary file upload vulnerability.
CVE-2023-31569 - TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain a command injection via the setWanCfg function.
Product: Totolink X5000RCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-31569NVD References: - http://totolink.com- https://github.com/JeeseenSec/Report/tree/main/TOTOLINK,Thanks- https://github.com/JeeseenSec/Report/tree/main/TOTOLINK/CVE-2023-31569- https://www.totolink.net/home/menu/newstpl/menu_newstpl/products/id/218.htmlCVE-2023-33532 - The Netgear R6250 router with Firmware Version 1.0.4.48 has a command injection vulnerability, allowing an attacker with web management privileges to gain shell privileges via post request parameter injection.Product: Netgear R6250CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-33532NVD References: - http://netgear.com- https://github.com/D2y6p/CVE/blob/main/Netgear/CVE-2023-33532/Netgear_R6250_RCE.pdfCVE-2023-32550 - Landscape's server-status page exposes sensitive system information through GET requests, allowing for potential attackers to exploit and access further information from the API.Product: Landscape APICVSS Score: 9.3NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-32550NVD References: https://bugs.launchpad.net/landscape/+bug/1929037CVE-2023-34111 - The github repo Taosdata/grafanaplugin's `Release PR Merged` workflow has a command injection vulnerability allowing for arbitrary code execution within the github action context.Product: TDengine Grafana PluginCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-34111NVD References: - https://github.com/taosdata/grafanaplugin/blob/master/.github/workflows/release-pr-merged.yaml#L25- https://github.com/taosdata/grafanaplugin/security/advisories/GHSA-23wp-p848-hcgr- https://securitylab.github.com/research/github-actions-untrusted-input/CVE-2023-29632 - PrestaShop jmspagebuilder 3.x is vulnerable to SQL Injection via ajax_jmspagebuilder.php.Product: Joommasters JmspagebuilderCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2023-29632NVD References: https://friends-of-presta.github.io/security-advisories/modules/2023/03/13/jmspagebuilder.htmlCVE-2016-15033 - The WordPress Delete All Comments plugin before version 2.1 allows unauthenticated remote code execution via arbitrary file uploads.Product: Delete All Comments Project CVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2016-15033NVD References: - http://blog.nintechnet.com/arbitrary-file-upload-vulnerability-in-wordpress-delete-all-comments-plugin/- https://wordpress.org/plugins/delete-all-comments/#developers- https://www.wordfence.com/threat-intel/vulnerabilities/id/b1e98d2d-20b1-4fff-96d4-0fb8e0d2615a?source=cveCVE-2019-25138 - The User Submitted Posts plugin for WordPress allows unauthenticated attackers to upload arbitrary files, leading to possible remote code execution.Product: Plugin-Planet User Submitted PostsCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2019-25138NVD References: - https://blog.nintechnet.com/arbitrary-file-upload-vulnerability-in-wordpress-user-submitted-posts-plugin/- https://wordpress.org/plugins/user-submitted-posts/#developers- https://www.wordfence.com/threat-intel/vulnerabilities/id/5a97877b-fb4d-4e87-bcff-56be65fee6ce?source=cveCVE-2019-25141 - Easy WP SMTP plugin for WordPress <= 1.3.9 allows unauthenticated attackers to inject new admin accounts and modify plugin settings due to missing capability checks and insufficient input validation.Product: Easy WP SMTP plugin for WordPressCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2019-25141NVD References: - https://blog.nintechnet.com/critical-0day-vulnerability-fixed-in-wordpress-easy-wp-smtp-plugin/- https://plugins.trac.wordpress.org/changeset?old_path=%2Feasy-wp-smtp&old=2052057&new_path=%2Feasy-wp-smtp&new=2052058&sfp_email=&sfph_mail=- https://wordpress.org/support/topic/vulnerability-26/- https://www.wordfence.com/threat-intel/vulnerabilities/id/84b75f7d-7258-46f6-aee6-b96d70bee264?source=cveCVE-2020-36708 - Multiple WordPress themes are vulnerable to function injections, allowing remote code execution, due to epsilon_framework_ajax_action in versions up to and including Shapely <= 1.2.7, NewsMag <= 2.4.1, Activello <= 1.4.0, Illdy <= 2.1.4, Allegiant <= 1.2.2, Newspaper X <= 1.3.1, Pixova Lite <= 2.0.5, Brilliance <= 1.2.7, MedZone Lite <= 1.2.4, Regina Lite <= 2.0.4, Transcend <= 1.1.8, Affluent <= 1.1.0, Bonkers <= 1.0.4, Antreas <= 1.0.2, Sparkling <= 2.4.8, and NatureMag Lite <= 1.0.4.Product: WordPress multiple themesCVSS Score: 9.8NVD: https://nvd.nist.gov/vuln/detail/CVE-2020-36708NVD References: - https://blog.nintechnet.com/unauthenticated-function-injection-vulnerability-fixed-in-15-wordpress-themes/- https://blog.nintechnet.com/unauthenticated-function-injection-vulnerability-in-wordpress-sparkling-theme/- https://wpscan.com/vulnerability/bec52a5b-c892-4763-a962-05da7100eca5- https://www.wordfence.com/blog/2020/11/large-scale-attacks-target-epsilon-framework-themes/- https://www.wordfence.com/threat-intel/vulnerabilities/id/5b75c322-539d-44e9-8f26-5ff929874b67?source=cveCVE-2020-36713 - The…
CVE-2023-33532 - The Netgear R6250 router with Firmware Version 1.0.4.48 has a command injection vulnerability, allowing an attacker with web management privileges to gain shell privileges via post request parameter injection.
CVE-2023-32550 - Landscape's server-status page exposes sensitive system information through GET requests, allowing for potential attackers to exploit and access further information from the API.
CVE-2023-34111 - The github repo Taosdata/grafanaplugin's `Release PR Merged` workflow has a command injection vulnerability allowing for arbitrary code execution within the github action context.
CVE-2023-29632 - PrestaShop jmspagebuilder 3.x is vulnerable to SQL Injection via ajax_jmspagebuilder.php.
CVE-2016-15033 - The WordPress Delete All Comments plugin before version 2.1 allows unauthenticated remote code execution via arbitrary file uploads.
CVE-2019-25138 - The User Submitted Posts plugin for WordPress allows unauthenticated attackers to upload arbitrary files, leading to possible remote code execution.
CVE-2019-25141 - Easy WP SMTP plugin for WordPress <= 1.3.9 allows unauthenticated attackers to inject new admin accounts and modify plugin settings due to missing capability checks and insufficient input validation.
CVE-2020-36708 - Multiple WordPress themes are vulnerable to function injections, allowing remote code execution, due to epsilon_framework_ajax_action in versions up to and including Shapely <= 1.2.7, NewsMag <= 2.4.1, Activello <= 1.4.0, Illdy <= 2.1.4, Allegiant <= 1.2.2, Newspaper X <= 1.3.1, Pixova Lite <= 2.0.5, Brilliance <= 1.2.7, MedZone Lite <= 1.2.4, Regina Lite <= 2.0.4, Transcend <= 1.1.8, Affluent <= 1.1.0, Bonkers <= 1.0.4, Antreas <= 1.0.2, Sparkling <= 2.4.8, and NatureMag Lite <= 1.0.4.
CVE-2020-36713 - The MStore API plugin for WordPress allows unauthenticated attackers to create and escalate privileges on administrator accounts due to an authentication bypass vulnerability.
CVE-2020-36718 - GDPR CCPA Compliance Support plugin for WordPress is vulnerable to PHP Object Injection in versions up to 2.3 via deserialization of untrusted input, allowing unauthenticated attackers to inject a PHP Object.
CVE-2020-36719 - ListingPro WordPress Directory & Listing Theme is vulnerable to unauthenticated arbitrary plugin installation, activation, and deactivation due to a missing capability check on the lp_cc_addons_actions function in versions prior to 2.6.1.
CVE-2020-36724 - Wordable plugin for WordPress versions up to 3.1.1 allows unauthenticated attackers to gain administrator privileges due to an authentication bypass vulnerability.
CVE-2020-36726 - The Ultimate Reviews plugin for WordPress up to version 2.1.32 is susceptible to PHP Object Injection via untrusted input, allowing unauthenticated attackers to inject a PHP Object.
CVE-2020-36727 - The WordPress Newsletter Manager plugin up to version 1.5.1 allows unauthenticated attackers to inject a serialized PHP object through the 'customFieldsDetails' parameter, due to insecure deserialization.
CVE-2020-36730 - WordPress CMP versions up to and including 3.8.1 are vulnerable to authorization bypass leading to potential post reading, subscriber list export, and plugin deactivation by unauthenticated attackers due to a missing capability check on several functions.
CVE-2021-4341 - The uListing plugin for WordPress can be exploited by unauthenticated attackers to change any WordPress option via an authorization bypass vulnerability in versions up to and including 1.6.6.
CVE-2021-4343 - The Unauthenticated Account Creation plugin for WordPress up to version 1.6.6 allows unauthenticated attackers to create administrator accounts due to unprotected AJAX action.
CVE-2021-4370 - The uListing plugin for WordPress has an authorization bypass vulnerability allowing unauthenticated users to perform administrative actions.
CVE-2021-4381 - uListing plugin for WordPress allows unauthenticated attackers to change any WordPress option in the database due to missing capability checks and security nonce in versions up to 1.6.6.
CVE-2021-4356 - The Frontend File Manager plugin for WordPress up to version 18.2 is vulnerable to unauthenticated arbitrary file download through the wpfm_file_meta_update AJAX action, allowing attackers to potentially take over the site.
CVE-2021-4362 - The Kiwi Social Share plugin for WordPress allows unauthorized access to critical site options, facilitating complete takeover by attackers.
CVE-2021-4374 - The WordPress Automatic Plugin is vulnerable to arbitrary options updates, allowing unauthenticated attackers to compromise the entire site.
CVE-2023-33604 - Imperial CMS v7.5 arbitrary file deletion vulnerability via crafted POST request.
CVE-2023-0667 - Wireshark version 4.0.5 and prior is vulnerable to a heap-based buffer overflow and possible code execution due to inadequate validation of an attacker-crafted MSMMS packet.
CVE-2020-36705 - The Adning Advertising plugin for WordPress allows unauthenticated attackers to upload and execute arbitrary files due to missing file type validation.
CVE-2021-4380 - The Pinterest Automatic plugin for WordPress allows unauthorized attackers to create admin accounts or redirect visitors due to missing capability checks on certain functions and scripts.
CVE-2023-33556 - TOTOLink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability via the staticGw parameter at /setting/setWanIeCfg.
CVE-2023-23482 - IBM Sterling Partner Engagement Manager versions 6.1-6.2.1 are vulnerable to remote click hijacking, potentially leading to further attacks.
CVE-2023-2986 - The Abandoned Cart Lite plugin for WooCommerce on WordPress allows unauthenticated attackers to impersonate abandoned cart customers due to insufficient encryption of user data.
CVE-2023-0291 - Quiz And Survey Master for WordPress allows unauthenticated attackers to delete arbitrary media files due to an authorization bypass vulnerability.
CVE-2023-22582 - The Danfoss AK-EM100 web applications allow for Reflected Cross-Site Scripting.
CVE-2023-22583 - The Danfoss AK-EM100 web forms allow for SQL injection in the login forms.
CVE-2023-22585 - The Danfoss AK-EM100 web applications allow for Reflected Cross-Site Scripting in the title parameter.
CVE-2023-25911 - The Danfoss AK-EM100 web applications allow for OS command injection through the web application parameters.
CVE-2022-36331 - The Western Digital My Cloud and SanDisk ibi devices had an impersonation vulnerability that could expose user data.
CVE-2023-1897 - Atlas Copco Power Focus 6000 web server stores login info in an insecure way, enabling attackers with computer access to steal controller credentials.
CVE-2023-1898 - Atlas Copco Power Focus 6000 web server allows attackers to retrieve data from an active user's session using session ID numbers.
CVE-2023-1899 - Atlas Copco Power Focus 6000 web server allows an attacker to gain sensitive information through unsecured network traffic.
CVE-2023-2278 - The WP Directory Kit plugin for WordPress up to version 1.1.9 is vulnerable to Local File Inclusion via 'wdk_public_action', allowing unauthenticated attackers to execute arbitrary PHP code on the server.
CVE-2023-25910 - SIMATIC PCS 7, SIMATIC S7-PM, and SIMATIC STEP 7 V5 versions prior to V5.7 allow remote users to execute code with elevated privileges in the database management system's server.
CVE-2023-29129 - Mendix SAML versions 1.16.4 to 1.18.0 and versions 2.2.0 to 2.4.0, and versions 3.1.8 to 3.6.1, have an insufficient verification of SAML assertions vulnerability that allows unauthenticated remote attackers to bypass authentication and access the application.
CVE-2023-3047 - TMT Lockcell before 15 allows SQL Injection due to improper neutralization of special elements in an SQL command.
CVE-2023-3049 - Unrestricted Upload of File with Dangerous Type vulnerability in TMT Lockcell allows Command Injection.This issue affects Lockcell: before 15.
CVE-2023-3050 - Lockcell before 15 relies on cookies without validation and integrity checking, allowing for privilege abuse and authentication bypass.
CVE-2023-35064 - Satos Mobile before 20230607 is vulnerable to SQL Injection through SOAP Parameter Tampering.
CVE-2023-34249 - PyBB is vulnerable to SQL Injection prior to commit dcaeccd37198ecd3e41ea766d1099354b60d69c2, but has since been fixed; a manual update or sanitization of user queries can be used as a workaround.
CVE-2022-43684 - ServiceNow has an ACL bypass issue that could allow an authenticated user to obtain sensitive information from tables missing authorization controls.
CVE-2023-21565 - Azure DevOps Server Spoofing Vulnerability
CVE-2023-29346 - NTFS Elevation of Privilege Vulnerability
CVE-2023-29351 - Windows Group Policy Elevation of Privilege Vulnerability
CVE-2023-29358 - Windows GDI Elevation of Privilege Vulnerability
CVE-2023-29359 - GDI Elevation of Privilege Vulnerability
CVE-2023-29360 - Windows TPM Device Driver Elevation of Privilege Vulnerability
CVE-2023-29361 - Windows Cloud Files Mini Filter Driver Elevation of Privilege Vulnerability
CVE-2023-29362 - Remote Desktop Client Remote Code Execution Vulnerability
CVE-2023-29364 - Windows Authentication Elevation of Privilege Vulnerability
CVE-2023-29365 - Windows Media Remote Code Execution Vulnerability
CVE-2023-29366 - Windows Geolocation Service Remote Code Execution Vulnerability
CVE-2023-29367 - iSCSI Target WMI Provider Remote Code Execution Vulnerability
CVE-2023-29368 - Windows Filtering Platform Elevation of Privilege Vulnerability
CVE-2023-29370 - Windows Media Remote Code Execution Vulnerability
CVE-2023-29371 - Windows GDI Elevation of Privilege Vulnerability
CVE-2023-29372 - Microsoft WDAC OLE DB provider for SQL Server Remote Code Execution Vulnerability
CVE-2023-29373 - Microsoft ODBC Driver Remote Code Execution Vulnerability
CVE-2023-32008 - Windows Resilient File System (ReFS) Remote Code Execution Vulnerability
CVE-2023-32009 - Windows Collaborative Translation Framework Elevation of Privilege Vulnerability
CVE-2023-32010 - Windows Bus Filter Driver Elevation of Privilege Vulnerability
CVE-2023-32011 - Windows iSCSI Discovery Service Denial of Service Vulnerability
CVE-2023-32017 - Microsoft PostScript Printer Driver Remote Code Execution Vulnerability
CVE-2023-32018 - Windows Hello Remote Code Execution Vulnerability
CVE-2023-32021 - Windows SMB Witness Service Security Feature Bypass Vulnerability
CVE-2023-32022 - Windows Server Service Security Feature Bypass Vulnerability
CVE-2023-32029 - Microsoft Excel Remote Code Execution Vulnerability
CVE-2023-33126 - .NET and Visual Studio Remote Code Execution Vulnerability
CVE-2023-33128 - .NET and Visual Studio Remote Code Execution Vulnerability
CVE-2023-33130 - Microsoft SharePoint Server Spoofing Vulnerability
CVE-2023-33131 - Microsoft Outlook Remote Code Execution Vulnerability
CVE-2023-33133 - Microsoft Excel Remote Code Execution Vulnerability
CVE-2023-33135 - .NET and Visual Studio Elevation of Privilege Vulnerability
CVE-2023-33137 - Microsoft Excel Remote Code Execution Vulnerability
CVE-2023-33146 - Microsoft Office Remote Code Execution Vulnerability
CVE-2023-28310 - Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2023-24897 - .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability
CVE-2023-29326 - .NET Framework Remote Code Execution Vulnerability
CVE-2023-32031 - Microsoft Exchange Server Remote Code Execution Vulnerability
CVE-2023-33143 - Microsoft Edge (Chromium-based) Elevation of Privilege Vulnerability
CVE-2023-24895 - .NET, .NET Framework, and Visual Studio Remote Code Execution Vulnerability
CVE-2023-24936 - .NET, .NET Framework, and Visual Studio Elevation of Privilege Vulnerability
CVE-2023-29331 - .NET, .NET Framework, and Visual Studio Denial of Service Vulnerability
CVE-2023-29337 - NuGet Client Remote Code Execution Vulnerability
CVE-2023-29012 - GitHub:
CVE-2023-29011 - GitHub:
CVE-2023-25815 - GitHub:
CVE-2023-29007 - GitHub:
CVE-2023-25652 - GitHub:
CVE-2023-32030 - .NET and Visual Studio Denial of Service Vulnerability
CVE-2023-27909 - Out-Of-Bounds Write Vulnerability in Autodesk® FBX® SDK 2020 or prior
CVE-2023-27910 - Stack buffer overflow vulnerability in Autodesk® FBX® SDK 2020 or prior
CVE-2023-27911 - Heap buffer overflow vulnerability in Autodesk® FBX® SDK 2020 or prior
CVE-2023-33141 - Yet Another Reverse Proxy (YARP) Denial of Service Vulnerability
CVE-2023-2929 - Chromium:
CVE-2023-2930 - Chromium:
CVE-2023-2931 - Chromium:
CVE-2023-2932 - Chromium:
CVE-2023-2933 - Chromium:
CVE-2023-2934 - Chromium:
CVE-2023-2935 - Chromium:
CVE-2023-2936 - Chromium:
CVE-2023-2937 - Chromium:
CVE-2023-2938 - Chromium:
CVE-2023-2939 - Chromium:
CVE-2023-2940 - Chromium:
CVE-2023-2941 - Chromium:
CVE-2023-29345 - Microsoft Edge (Chromium-based) Security Feature Bypass Vulnerability
CVE-2023-21569 - Azure DevOps Server Spoofing Vulnerability
CVE-2023-24938 - Windows CryptoAPI Denial of Service Vulnerability
CVE-2023-29352 - Windows Remote Desktop Security Feature Bypass Vulnerability
CVE-2023-29353 - Sysinternals Process Monitor for Windows Denial of Service Vulnerability
CVE-2023-29355 - DHCP Server Service Information Disclosure Vulnerability
CVE-2023-29369 - Remote Procedure Call Runtime Denial of Service Vulnerability
CVE-2023-32012 - Windows Container Manager Service Elevation of Privilege Vulnerability
CVE-2023-32013 - Windows Hyper-V Denial of Service Vulnerability
CVE-2023-32016 - Windows Installer Information Disclosure Vulnerability
CVE-2023-32019 - Windows Kernel Information Disclosure Vulnerability
CVE-2023-32032 - .NET and Visual Studio Elevation of Privilege Vulnerability
CVE-2023-33129 - Microsoft SharePoint Denial of Service Vulnerability
CVE-2023-33132 - Microsoft SharePoint Server Spoofing Vulnerability
CVE-2023-33139 - Visual Studio Information Disclosure Vulnerability
CVE-2023-33140 - Microsoft OneNote Spoofing Vulnerability
CVE-2023-33142 - Microsoft SharePoint Server Elevation of Privilege Vulnerability
CVE-2023-33144 - Visual Studio Code Spoofing Vulnerability
CVE-2023-33145 - Microsoft Edge (Chromium-based) Information Disclosure Vulnerability
CVE-2023-24937 - Windows CryptoAPI Denial of Service Vulnerability
CVE-2023-24896 - Dynamics 365 Finance Spoofing Vulnerability
CVE-2023-32020 - Windows DNS Spoofing Vulnerability
CVE-2023-32024 - Microsoft Power Apps Spoofing Vulnerability
Sponsors
Vulcan Cyber
*********** Sponsored By Vulcan Cyber ***********Vulnerability debt out of control? Get Vulcan Free, the only free vulnerability risk aggregation and prioritization tool to integrate and normalize your vulnerability scan, CSPM, DAST/SAST, CMDB and asset data. Companies using Vulcan Free experience a 90% reduction in critical and high vulnerabilities and a 90% increase in risk mitigation SLA adherence. Get started in minutes, connect your tools and own your vulnerability risk for free. | GET VULCAN FREE:
CardinalOps
Tune in on Tuesday, June 20 at 3:30pm ET for our upcoming webcast: The Future of Risk-Based Detection - Joined by SOC experts, this webcast will discuss how to incorporate risk-based detection to reduce noise and quickly respond when time is a limiting factor. | Register now:
Legit Security
Join SANS Instructor Chris Edmundson on Thursday, June 22 at 1:00pm ET as he kicks off our upcoming webcast: Protecting CI/CD Pipelines - Growing Threats and the Keys to Securing Them | Register now:
Palo Alto Networks Cortex
Take the SANS Network Security in the Hybrid Cloud Era Survey to share your insights about network security and you'll be entered into our drawing for a chance to win a $250 Amazon gift card | Take the survey: