Month: March 2023

GitLab Community and Enterprise Edition cross-site scripting | CVE-2022-4007

March 3, 2023

NAME__________GitLab Community and Enterprise Edition cross-site scriptingPlatforms Affected:GitLab Enterprise Edition (EE) 15.8.0 GitLab Community Edition (CE) 15.8.0 GitLab Community Edition...

Yordam Library Automation System cross-site scripting | CVE-2021-45479

March 3, 2023

NAME__________Yordam Library Automation System cross-site scriptingPlatforms Affected:Risk Level:6.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Yordam Library Automation System is vulnerable to cross-site scripting, caused by...

GitLab Community and Enterprise Edition information disclosure | CVE-2023-0483

March 3, 2023

NAME__________GitLab Community and Enterprise Edition information disclosurePlatforms Affected:GitLab Enterprise Edition (EE) 15.8.0 GitLab Community Edition (CE) 15.8.0 GitLab Community Edition...

GitLab Community and Enterprise Edition security bypass | CVE-2022-3758

March 3, 2023

NAME__________GitLab Community and Enterprise Edition security bypassPlatforms Affected:GitLab Enterprise Edition (EE) 15.8.0 GitLab Community Edition (CE) 15.8.0 GitLab Community Edition...

IBM Maximo Asset Management cross-site scripting | CVE-2022-35645

March 3, 2023

NAME__________IBM Maximo Asset Management cross-site scriptingPlatforms Affected:IBM Maximo Asset Management 7.6.1.1 IBM Maximo Asset Management 7.6.1.2 IBM Maximo Asset Management...

GitLab Community and Enterprise Edition information disclosure | CVE-2023-0223

March 3, 2023

NAME__________GitLab Community and Enterprise Edition information disclosurePlatforms Affected:GitLab Enterprise Edition (EE) 15.8.0 GitLab Community Edition (CE) 15.8.0 GitLab Community Edition...

GitLab Community and Enterprise Edition information disclosure | CVE-2022-4462

March 3, 2023

NAME__________GitLab Community and Enterprise Edition information disclosurePlatforms Affected:GitLab Enterprise Edition (EE) 15.8.0 GitLab Community Edition (CE) 15.8.0 GitLab Community Edition...

Computer Parts Sales and Inventory System cross-site scripting | CVE-2023-1131

March 3, 2023

NAME__________Computer Parts Sales and Inventory System cross-site scriptingPlatforms Affected:Risk Level:3.5Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Computer Parts Sales and Inventory System is vulnerable to...

GitLab Community and Enterprise Edition open redirect | CVE-2022-3381

March 3, 2023

NAME__________GitLab Community and Enterprise Edition open redirectPlatforms Affected:GitLab Enterprise Edition (EE) 15.8.0 GitLab Community Edition (CE) 15.8.0 GitLab Community Edition...

GitLab Community and Enterprise Edition privilege escalation | CVE-2023-1084

March 3, 2023

NAME__________GitLab Community and Enterprise Edition privilege escalationPlatforms Affected:GitLab Enterprise Edition (EE) 15.8.0 GitLab Community Edition (CE) 15.8.0 GitLab Community Edition...

Sophos Connect information disclosure | CVE-2022-48310

March 3, 2023

NAME__________Sophos Connect information disclosurePlatforms Affected:Risk Level:5.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Sophos Connect could allow a local authenticated attacker to obtain sensitive information. An...

Gradle code execution | CVE-2023-26053

March 3, 2023

NAME__________Gradle code executionPlatforms Affected:Gradle Gradle 6.2 Gradle Gradle 7.6Risk Level:6.6Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Gradle could allow a remote authenticated attacker to execute...

GitLab Community and Enterprise Edition security bypass | CVE-2022-4331

March 3, 2023

NAME__________GitLab Community and Enterprise Edition security bypassPlatforms Affected:GitLab Enterprise Edition (EE) 15.8.0 GitLab Community Edition (CE) 15.8.0 GitLab Community Edition...

GitLab Community and Enterprise Edition denial of service | CVE-2023-1072

March 3, 2023

NAME__________GitLab Community and Enterprise Edition denial of servicePlatforms Affected:GitLab Enterprise Edition (EE) 15.8.0 GitLab Community Edition (CE) 15.8.0 GitLab Community...

Linux Kernel denial of service | CVE-2023-1118

March 3, 2023

NAME__________Linux Kernel denial of servicePlatforms Affected:Linux KernelRisk Level:6.2Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Linux Kernel is vulnerable to a denial of service, caused...

Yordam Library Automation System cross-site scripting | CVE-2021-45478

March 3, 2023

e-Belediye denial of service | CVE-2023-1114

March 3, 2023

NAME__________e-Belediye denial of servicePlatforms Affected:e-Belediye e-BelediyeRisk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________e-Belediye is vulnerable to a denial of service, caused by the...

Dell EMC NetWorker information disclosure | CVE-2023-24567

March 3, 2023

NAME__________Dell EMC NetWorker information disclosurePlatforms Affected:Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Dell EMC NetWorker could allow a remote attacker to obtain sensitive information....

IBM Spectrum Symphony HOST header injection | CVE-2023-24975

March 3, 2023

NAME__________IBM Spectrum Symphony HOST header injectionPlatforms Affected:IBM Spectrum Symphony 7.3Risk Level:5.4Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________IBM Spectrum Symphony 7.3 is vulnerable to HTTP...

Hackers Exploit Containerized Environments to Steal Proprietary Data and Software

March 3, 2023

A sophisticated attack campaign dubbed SCARLETEEL is targeting containerized environments to perpetrate theft of proprietary data and software. "The attacker...

U.S. Cybersecurity Agency Raises Alarm Over Royal Ransomware’s Deadly Capabilities

March 3, 2023

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has released a new advisory about Royal ransomware, which emerged in the...

Daily Vulnerability Trends: Fri Mar 03 2023

March 3, 2023

Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2023-0669Fortra (formerly, HelpSystems) GoAnywhere MFT suffers from a pre-authentication command injection vulnerability...

Malware Analysis – smokeloader – 7e81c990211ee023d354c438b620532d

March 3, 2023

Score: 10 MALWARE FAMILY: smokeloaderTAGS:family:smokeloader, backdoor, trojanMD5: 7e81c990211ee023d354c438b620532dSHA1: b33e485bea1f17d4d2db7377cc5611173a189c80ANALYSIS DATE: 2023-03-03T03:06:03ZTTPS: T1012, T1120, T1082 ScoreMeaningExample10Known badA malware family was detected.8-9Likely...

Malware Analysis – djvu – ae1a6c46eb913913ce9657d95e08d18d

March 3, 2023

Score: 10 MALWARE FAMILY: djvuTAGS:family:djvu, family:smokeloader, family:vidar, backdoor, discovery, persistence, ransomware, stealer, trojanMD5: ae1a6c46eb913913ce9657d95e08d18dSHA1: 0ce678227bf82b32743c44007721001b1e6fea1fANALYSIS DATE: 2023-03-03T03:38:46ZTTPS: T1060, T1112, T1012,...

Month: March 2023

GitLab Community and Enterprise Edition cross-site scripting | CVE-2022-4007

Yordam Library Automation System cross-site scripting | CVE-2021-45479

GitLab Community and Enterprise Edition information disclosure | CVE-2023-0483

GitLab Community and Enterprise Edition security bypass | CVE-2022-3758

IBM Maximo Asset Management cross-site scripting | CVE-2022-35645

GitLab Community and Enterprise Edition information disclosure | CVE-2023-0223

GitLab Community and Enterprise Edition information disclosure | CVE-2022-4462

Computer Parts Sales and Inventory System cross-site scripting | CVE-2023-1131

GitLab Community and Enterprise Edition open redirect | CVE-2022-3381

GitLab Community and Enterprise Edition privilege escalation | CVE-2023-1084

Sophos Connect information disclosure | CVE-2022-48310

Gradle code execution | CVE-2023-26053

GitLab Community and Enterprise Edition security bypass | CVE-2022-4331

GitLab Community and Enterprise Edition denial of service | CVE-2023-1072

Linux Kernel denial of service | CVE-2023-1118

Yordam Library Automation System cross-site scripting | CVE-2021-45478

e-Belediye denial of service | CVE-2023-1114

Dell EMC NetWorker information disclosure | CVE-2023-24567

IBM Spectrum Symphony HOST header injection | CVE-2023-24975

Hackers Exploit Containerized Environments to Steal Proprietary Data and Software

U.S. Cybersecurity Agency Raises Alarm Over Royal Ransomware’s Deadly Capabilities

Daily Vulnerability Trends: Fri Mar 03 2023

Malware Analysis – smokeloader – 7e81c990211ee023d354c438b620532d

Malware Analysis – djvu – ae1a6c46eb913913ce9657d95e08d18d

[EVEREST] – Ransomware Victim: Concord Orthopaedics

[EVEREST] – Ransomware Victim: STIIIZY

[INCRANSOM] – Ransomware Victim: Pastor Real Estate

CVE Alert: CVE-2024-11387

CVE Alert: CVE-2024-10873

You may have missed