Alireza Gharib Blog

DBPwAudit is a Java database password auditing tool that allows you to perform online audits of password quality for several database engines. The application design allows for easy adding of additional database drivers by simply copying new JDBC drivers to the jdbc directory. Configuration is performed in two files, the aliases.conf file is used to…

Posted by CISA on Mar 28 Cybersecurity and Infrastructure Security Agency (CISA) – Defend Today, Secure Tomorrow You are subscribed to Cybersecurity Advisories for Cybersecurity and Infrastructure Security Agency. This information has recently been updated and is now available. Apple Releases Security Updates for Multiple Products [ https://www.cisa.gov/news-events/alerts/2023/03/28/apple-releases-security-updates-multiple-products ] 03/28/2023 01:00 PM EDT Apple… Go…

Posted by CISA on Mar 23 Cybersecurity and Infrastructure Security Agency (CISA) – Defend Today, Secure Tomorrow You are subscribed to Cybersecurity Advisories for Cybersecurity and Infrastructure Security Agency. This information has recently been updated, and is now available. CISA Releases Six Industrial Control Systems Advisories [ https://www.cisa.gov/news-events/alerts/2023/03/23/cisa-releases-six-industrial-control-systems-advisories ] 03/23/2023 08:00 AM EDT… Go to…

Posted by CISA on Mar 21 Cybersecurity and Infrastructure Security Agency (CISA) – Defend Today, Secure Tomorrow You are subscribed to Cybersecurity Advisories for Cybersecurity and Infrastructure Security Agency. This information has recently been updated, and is now available. CISA Releases Eight Industrial Control Systems Advisories [ https://www.cisa.gov/news-events/alerts/2023/03/21/cisa-releases-eight-industrial-control-systems-advisories ] 03/21/2023 08:00 AM… Go to Source

Posted by CISA on Mar 21 Cybersecurity and Infrastructure Security Agency (CISA) – Defend Today, Secure Tomorrow You are subscribed to Cybersecurity Advisories for Cybersecurity and Infrastructure Security Agency. This information has recently been updated, and is now available. CISA and NSA Release Enduring Security Framework Guidance on Identity and Access Management [… Go to…

CVE ID : CVE-2025-0171 Published : Jan. 2, 2025, 3:15 p.m. | 54 minutes ago Description : A vulnerability, which was classified as critical, was found in code-projects Chat System 1.0. Affected is an unknown function of the file /admin/deleteuser.php. The manipulation of the argument id leads to sql injection. It is possible to launch the…

CVE ID : CVE-2024-56137 Published : Jan. 2, 2025, 3:15 p.m. | 54 minutes ago Description : MaxKB, which stands for Max Knowledge Base, is an open source knowledge base question-answering system based on a large language model and retrieval-augmented generation (RAG). Prior to version 1.9.0, a remote command execution vulnerability exists in the module of…

CVE ID : CVE-2024-55538 Published : Jan. 2, 2025, 3:15 p.m. | 54 minutes ago Description : Sensitive information disclosure due to missing authentication. The following products are affected: Acronis True Image (macOS) before build 41725, Acronis True Image (Windows) before build 41736. Severity: 4.0 | MEDIUM Visit the link for more details, such as CVSS…

CVE ID : CVE-2024-49385 Published : Jan. 2, 2025, 3:15 p.m. | 54 minutes ago Description : Sensitive information disclosure due to insecure folder permissions. The following products are affected: Acronis True Image (Windows) before build 41736. Severity: 5.5 | MEDIUM Visit the link for more details, such as CVSS details, affected products, timeline, and more……

CVE ID : CVE-2023-48758 Published : Jan. 2, 2025, 3:15 p.m. | 55 minutes ago Description : Missing Authorization vulnerability in Crocoblock JetEngine allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects JetEngine: from n/a through 3.2.4. Severity: 7.1 | HIGH Visit the link for more details, such as CVSS details, affected products, timeline, and…