Multiple Zyxel devices command execution | CVE-2022-30525
NAME Multiple Zyxel devices command execution Platforms Affected:Zyxel USG FLEX series firmware ZLD 4.30 Zyxel USG FLEX series firmware ZLD...
Month: May 2022
Jenkins Application Detector Plugin cross-site scripting | CVE-2022-30960
NAME Jenkins Application Detector Plugin cross-site scripting Platforms Affected:Jenkins Application Detector Plugin 1.0.8Risk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Jenkins Application Detector Plugin...
Jenkins Selection tasks Plugin cross-site scripting | CVE-2022-30967
NAME Jenkins Selection tasks Plugin cross-site scripting Platforms Affected:Jenkins Selection tasks Plugin 1.0Risk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Jenkins Selection tasks Plugin...
Jenkins Promoted Builds (Simple) Plugin cross-site scripting | CVE-2022-30965
NAME Jenkins Promoted Builds (Simple) Plugin cross-site scripting Platforms Affected:Jenkins Promoted Builds (Simple) Plugin 1.9Risk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Jenkins Promoted...
Jenkins Rundeck Plugin cross-site scripting | CVE-2022-30956
NAME Jenkins Rundeck Plugin cross-site scripting Platforms Affected:Jenkins Rundeck Plugin 3.6.10Risk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Jenkins Rundeck Plugin is vulnerable to...
Jenkins Random String Parameter Plugin cross-site scripting | CVE-2022-30966
NAME Jenkins Random String Parameter Plugin cross-site scripting Platforms Affected:Jenkins Random String Parameter Plugin 1.0Risk Level:8Exploitability:HighConsequences:Gain Access DESCRIPTION Jenkins Random...
Jenkins Autocomplete Parameter Plugin cross-site scripting | CVE-2022-30970
NAME Jenkins Autocomplete Parameter Plugin cross-site scripting Platforms Affected:Jenkins Autocomplete Parameter Plugin 1.1Risk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Jenkins Autocomplete Parameter Plugin...
Jenkins JDK Parameter Plugin cross-site scripting | CVE-2022-30963
NAME Jenkins JDK Parameter Plugin cross-site scripting Platforms Affected:Jenkins JDK Parameter Plugin 1.0Risk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Jenkins JDK Parameter Plugin...
Jenkins Autocomplete Parameter Plugin cross-site request forgery | CVE-2022-30969
NAME Jenkins Autocomplete Parameter Plugin cross-site request forgery Platforms Affected:Jenkins Autocomplete Parameter Plugin 1.1Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Jenkins Autocomplete Parameter...
Jenkins Autocomplete Parameter Plugin cross-site scripting | CVE-2022-30961
NAME Jenkins Autocomplete Parameter Plugin cross-site scripting Platforms Affected:Jenkins Autocomplete Parameter Plugin 1.1Risk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Jenkins Autocomplete Parameter Plugin...
Node.js colors-support module code execution |
NAME Node.js colors-support module code execution Platforms Affected:Node.js colors-supportRisk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js colors-support module could allow a remote attacker...
Node.js colors-update module code execution |
NAME Node.js colors-update module code execution Platforms Affected:Node.js colors-updateRisk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js colors-update module could allow a remote attacker...
Jenkins Global Variable String Parameter Plugin cross-site scripting | CVE-2022-30962
NAME Jenkins Global Variable String Parameter Plugin cross-site scripting Platforms Affected:Jenkins Global Variable String Parameter Plugin 1.2Risk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION...
Node.js sync-colors module code execution |
NAME Node.js sync-colors module code execution Platforms Affected:Node.js sync-colorsRisk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js sync-colors module could allow a remote attacker...
IpMatcher server-side request forgery | CVE-2021-33318
NAME IpMatcher server-side request forgery Platforms Affected:NuGet IpMatcher 1.0.4.1Risk Level:8.1Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION IpMatcher is vulnerable to server-side request...
Node.js support-colors module code execution |
NAME Node.js support-colors module code execution Platforms Affected:Node.js support-colorsRisk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js support-colors module could allow a remote attacker...
Jenkins Multiselect parameter Plugin cross-site scripting | CVE-2022-30964
NAME Jenkins Multiselect parameter Plugin cross-site scripting Platforms Affected:Jenkins Multiselect parameter Plugin 1.3Risk Level:8Exploitability:HighConsequences:Gain Access DESCRIPTION Jenkins Multiselect parameter Plugin...
Experts spotted a new variant of UpdateAgent macOS malware dropper written in Swift
Researchers spotted a new variant of the UpdateAgent macOS malware dropper that was employed in attacks in the wild. Researchers...
Daily Vulnerability Trends: Wed May 18 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-22676 No description provided CVE-2022-22617A logic issue was addressed with improved state...
Evaluation of cyber activities and the threat landscape in Ukraine
Introduction When the war in Ukraine broke out, many analysts were surprised to discover that what was simultaneously happening in...
LockBit 2.0 Ransomware Victim: khs-wp[.]de
LockBit 2.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 2.0 Ransomware Victim: 2easy[.]com[.]br
LockBit 2.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 2.0 Ransomware Victim: vivalia[.]be
LockBit 2.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 2.0 Ransomware Victim: modetransportation[.]com
LockBit 2.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
