Month: March 2023

Jenkins Crap4J Plugin information disclosure | CVE-2023-28680

March 22, 2023

NAME__________Jenkins Crap4J Plugin information disclosurePlatforms Affected:Jenkins Crap4J Plugin 0.9Risk Level:7.1Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Jenkins Crap4J Plugin could allow a remote authenticated attacker...

XenSource Xen denial of service | CVE-2022-42334

March 22, 2023

NAME__________XenSource Xen denial of servicePlatforms Affected:XenSource Xen 4.11 XenSource Xen 4.12 XenSource Xen 4.13 XenSource Xen 4.14 XenSource Xen 4.15...

External Redirect Warning plugin for MyBB cross-site scripting | CVE-2022-28353

March 22, 2023

NAME__________External Redirect Warning plugin for MyBB cross-site scriptingPlatforms Affected:Risk Level:6.1Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________External Redirect Warning plugin for MyBB is vulnerable to...

Jenkins Role-based Authorization Strategy Plugin security bypass | CVE-2023-28668

March 22, 2023

NAME__________Jenkins Role-based Authorization Strategy Plugin security bypassPlatforms Affected:Jenkins Role-based Authorization Strategy Plugin 587.v2872c41fa_e51Risk Level:5.9Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Jenkins Role-based Authorization Strategy Plugin...

Jenkins OctoPerf Load Testing Plugin cross-site request forgery | CVE-2023-28671

March 22, 2023

NAME__________Jenkins OctoPerf Load Testing Plugin cross-site request forgeryPlatforms Affected:Jenkins OctoPerf Load Testing Plugin 4.5.0Risk Level:4.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Jenkins OctoPerf Load Testing...

Jenkins OctoPerf Load Testing Plugin security bypass | CVE-2023-28672

March 22, 2023

NAME__________Jenkins OctoPerf Load Testing Plugin security bypassPlatforms Affected:Jenkins OctoPerf Load Testing Plugin 4.5.1Risk Level:7.1Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Jenkins OctoPerf Load Testing Plugin...

XenSource Xen information disclosure | CVE-2022-42331

March 22, 2023

NAME__________XenSource Xen information disclosurePlatforms Affected:XenSource Xen 4.5 XenSource Xen 4.6 XenSource Xen 4.7 XenSource Xen 4.8 XenSource Xen 4.9 XenSource...

Jenkins AbsInt a3 Plugin information disclosure | CVE-2023-28685

March 22, 2023

NAME__________Jenkins AbsInt a3 Plugin information disclosurePlatforms Affected:Jenkins AbsInt a3 Plugin 1.1.0Risk Level:7.1Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Jenkins AbsInt a3 Plugin could allow a...

NETGEAR Orbi Router RBR750 command execution | CVE-2022-38452

March 22, 2023

NAME__________NETGEAR Orbi Router RBR750 command executionPlatforms Affected:NETGEAR Orbi Router RBR750 4.6.8.5Risk Level:7.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________NETGEAR Orbi Router RBR750 could allow a...

Jenkins Visual Studio Code Metrics Plugin information disclosure | CVE-2023-28681

March 22, 2023

NAME__________Jenkins Visual Studio Code Metrics Plugin information disclosurePlatforms Affected:Jenkins Visual Studio Code Metrics Plugin 1.7Risk Level:7.1Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Jenkins Visual Studio...

Jenkins OctoPerf Load Testing Plugin security bypass | CVE-2023-28675

March 22, 2023

NAME__________Jenkins OctoPerf Load Testing Plugin security bypassPlatforms Affected:Jenkins OctoPerf Load Testing Plugin 4.5.2Risk Level:4.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Jenkins OctoPerf Load Testing Plugin...

NETGEAR Orbi Satellite RBS750 command execution | CVE-2022-36429

March 22, 2023

NAME__________NETGEAR Orbi Satellite RBS750 command executionPlatforms Affected:NETGEAR Orbi Satellite RBS750 4.6.8.5Risk Level:7.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________NETGEAR Orbi Satellite RBS750 could allow a...

Jenkins remote-jobs-view-plugin Plugin information disclosure | CVE-2023-28684

March 22, 2023

NAME__________Jenkins remote-jobs-view-plugin Plugin information disclosurePlatforms Affected:Jenkins remote-jobs-view-plugin Plugin 0.0.3Risk Level:7.1Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Jenkins remote-jobs-view-plugin Plugin could allow a remote authenticated attacker...

XenSource Xen denial of service | CVE-2022-42333

March 22, 2023

NAME__________XenSource Xen denial of servicePlatforms Affected:XenSource Xen 4.11 XenSource Xen 4.12 XenSource Xen 4.13 XenSource Xen 4.14 XenSource Xen 4.15...

Jenkins OctoPerf Load Testing Plugin cross-site request forgery | CVE-2023-28674

March 22, 2023

NAME__________Jenkins OctoPerf Load Testing Plugin cross-site request forgeryPlatforms Affected:Jenkins OctoPerf Load Testing Plugin 4.5.2Risk Level:4.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Jenkins OctoPerf Load Testing...

NETGEAR Orbi Router RBR750 information disclosure | CVE-2022-38458

March 22, 2023

NAME__________NETGEAR Orbi Router RBR750 information disclosurePlatforms Affected:NETGEAR Orbi Router RBR750 4.6.8.5Risk Level:6.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________NETGEAR Orbi Router RBR750 could allow a...

Jenkins Phabricator Differential Plugin information disclosure | CVE-2023-28683

March 22, 2023

NAME__________Jenkins Phabricator Differential Plugin information disclosurePlatforms Affected:Jenkins Phabricator Differential Plugin 2.1.5Risk Level:7.1Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Jenkins Phabricator Differential Plugin could allow a...

Month: March 2023

Jenkins Crap4J Plugin information disclosure | CVE-2023-28680

XenSource Xen denial of service | CVE-2022-42334

External Redirect Warning plugin for MyBB cross-site scripting | CVE-2022-28353

Jenkins Role-based Authorization Strategy Plugin security bypass | CVE-2023-28668

Jenkins OctoPerf Load Testing Plugin cross-site request forgery | CVE-2023-28671

Jenkins OctoPerf Load Testing Plugin security bypass | CVE-2023-28672

XenSource Xen information disclosure | CVE-2022-42331

Jenkins AbsInt a3 Plugin information disclosure | CVE-2023-28685

NETGEAR Orbi Router RBR750 command execution | CVE-2022-38452

Jenkins Visual Studio Code Metrics Plugin information disclosure | CVE-2023-28681

Jenkins OctoPerf Load Testing Plugin security bypass | CVE-2023-28675

NETGEAR Orbi Satellite RBS750 command execution | CVE-2022-36429

Jenkins remote-jobs-view-plugin Plugin information disclosure | CVE-2023-28684

XenSource Xen denial of service | CVE-2022-42333

Jenkins OctoPerf Load Testing Plugin cross-site request forgery | CVE-2023-28674

NETGEAR Orbi Router RBR750 information disclosure | CVE-2022-38458

Jenkins Phabricator Differential Plugin information disclosure | CVE-2023-28683

Rogue NuGet Packages Infect .NET Developers with Crypto-Stealing Malware

New NAPLISTENER Malware Used by REF2924 Group to Evade Network Detection

Coinbase Wallet ‘Red Pill’ flaw allowed attacks to evade detection

Breached hacking forum shuts down, fears it’s not ‘safe’ from FBI

Clop ransomware claims Saks Fifth Avenue, retailer says mock data stolen

LockBit ransomware gang now also claims City of Oakland breach

Hackers use new PowerMagic and CommonMagic malware to steal data

[INCRANSOM] – Ransomware Victim: Alna-Bioscience

Cobalt Strike Beacon Detected – 52[.]231[.]10[.]139:8080

Cobalt Strike Beacon Detected – 54[.]224[.]145[.]120:443

Cobalt Strike Beacon Detected – 118[.]193[.]37[.]157:8889

Cobalt Strike Beacon Detected – 103[.]225[.]196[.]197:80

You may have missed