#Information_is_Power . #we_inform_the_uninformed . Read more in this link. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Friday added three security flaws to its Known Exploited Vulnerabilities ( KEV ) catalog, based on evidence of active exploitation. The three vulnerabilities are as follows – CVE-2023-28432 (CVSS score – 7.5) – MinIO Information Disclosure Vulnerability CVE-2023-27350 (CVSS score – 9.8) – PaperCut MF/NG Improper Access Control Vulnerability CVE-2023-2136 (CVSS score – TBD) – Google Chrome Skia Integer Overflow Vulnerability “In a cluster deployment, MinIO returns all environment variables, including MINIO_SECRET_KEY and MINIO_ROOT_PASSWORD, resulting in information disclosure,” MinIO maintainers said in an advisory published on March 21, 2023. Data gathered by GreyNoise shows that as many as 18 unique malicious IP addresses from the U.S., the Netherlands, France, Japan, and Finland have...
This is a personal blog. To read exclusive news stories, click https://informationispowah.blogspot.com on this link.