Cobalt Stike Beacon Detected – 172[.]87[.]30[.]180:8080
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Month: September 2022
Mozilla Thunderbird information disclosure | CVE-2022-3033
NAME Mozilla Thunderbird information disclosure Platforms Affected:Mozilla Thunderbird 102.2Risk Level:8.1Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION Mozilla Thunderbird could allow a remote attacker to...
Node.js tbgo6 module code execution |
NAME Node.js tbgo6 module code execution Platforms Affected:Node.js tbgo6Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js tbgo6 module could allow a remote attacker...
Node.js pratikyadavpack module code execution |
NAME Node.js pratikyadavpack module code execution Platforms Affected:Node.js pratikyadavpackRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js pratikyadavpack module could allow a remote attacker...
Node.js tolbichgo1 module code execution |
NAME Node.js tolbichgo1 module code execution Platforms Affected:Node.js tolbichgo1Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js tolbichgo1 module could allow a remote attacker...
Node.js starlink 5 module code execution |
NAME Node.js starlink 5 module code execution Platforms Affected:Node.js starlink5Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js starlink 5 module could allow a...
Node.js vscode-clangd module code execution |
NAME Node.js vscode-clangd module code execution Platforms Affected:Node.js vscode-clangdRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js vscode-clangd module could allow a remote attacker...
ClusterLabs PCS privilege escalation | CVE-2022-2735
NAME ClusterLabs PCS privilege escalation Platforms Affected:ClusterLabs PCS 0.10 ClusterLabs PCS 0.11Risk Level:8.4Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION ClusterLabs PCS could allow a...
Node.js viewgenerator module code execution |
NAME Node.js viewgenerator module code execution Platforms Affected:Node.js viewgeneratorRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js viewgenerator module could allow a remote attacker...
Node.js ember-addon-with-dependencies module code execution |
NAME Node.js ember-addon-with-dependencies module code execution Platforms Affected:Node.js ember-addon-with-dependenciesRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js ember-addon-with-dependencies module could allow a remote attacker...
Node.js tbgo7 module code execution |
NAME Node.js tbgo7 module code execution Platforms Affected:Node.js tbgo7Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js tbgo7 module could allow a remote attacker...
Node.js sync-snippet-action module code execution |
NAME Node.js sync-snippet-action module code execution Platforms Affected:Node.js sync-snippet-actionRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js sync-snippet-action module could allow a remote attacker...
Doctor’s Appointment System cross-site scripting | CVE-2022-36203
NAME Doctor's Appointment System cross-site scripting Platforms Affected:Sourcecodester Doctor's Appointment System 1.0Risk Level:9.6Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Doctor's Appointment System is vulnerable...
Google Chrome Browser Creation code execution | CVE-2022-2998
NAME Google Chrome Browser Creation code execution Platforms Affected:Google Chrome LTS 96Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Google Chrome could allow a...
Node.js tolbichgo module code execution |
NAME Node.js tolbichgo module code execution Platforms Affected:Node.js tolbichgoRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js tolbichgo module could allow a remote attacker...
Node.js st6 module code execution |
NAME Node.js st6 module code execution Platforms Affected:Node.js st6Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js st6 module could allow a remote attacker...
FLEXLAN FX3000 series and FLEXLAN FX2000 series command execution | CVE-2022-36158
NAME FLEXLAN FX3000 series and FLEXLAN FX2000 series command execution Platforms Affected:Contec FLEXLAN FX2000 1.38.00 Contec FLEXLAN FX3000 1.15.00Risk Level:8Exploitability:UnprovenConsequences:Gain...
FLEXLAN FX3000 series and FLEXLAN FX2000 series default account | CVE-2022-36159
NAME FLEXLAN FX3000 series and FLEXLAN FX2000 series default account Platforms Affected:Contec FLEXLAN FX2000 1.38.00 Contec FLEXLAN FX3000 1.15.00Risk Level:8.8Exploitability:UnprovenConsequences:Gain...
Node.js axelar-signing-relayer module code execution |
NAME Node.js axelar-signing-relayer module code execution Platforms Affected:Node.js pratikyadavpackRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js axelar-signing-relayer module could allow a remote attacker...
Node.js sync-snippet-action module code execution |
NAME Node.js sync-snippet-action module code execution Platforms Affected:Node.js uasdkRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js sync-snippet-action module could allow a remote attacker...
Node.js st7 module code execution |
NAME Node.js st7 module code execution Platforms Affected:Node.js st7Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js st7 module could allow a remote attacker...
Attack infrastructure used in Cisco hack linked to Evil Corp affiliate
Researchers discovered that the infrastructure used in Cisco hack was the same used to target a Workforce Management Solution firm....
Daily Vulnerability Trends: Fri Sep 02 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-2544The Ninja Job Board WordPress plugin before 1.3.3 does not protect the...
Researchers analyzed a new JavaScript skimmer used by Magecart threat actors
Researchers from Cyble analyzed a new, highly evasive JavaScript skimmer used by Magecart threat actors. Cyble Research & Intelligence Labs...
