US-CERT Vulnerability Summary for the Week of March 27, 2023
High Vulnerabilities Primary Vendor -- Product Description Published CVSS Score Source & Patch Info grinnellplans -- grinnellplans A vulnerability...
Month: April 2023
Taiwanese PC Company MSI Falls Victim to Ransomware Attack
Taiwanese PC company MSI (short for Micro-Star International) officially confirmed it was the victim of a cyber attack on its...
Expert-Led Webinar: Learn Proven Strategies to Secure Your Identity Perimeter
The stakes are high when it comes to cybersecurity. No longer are we dealing with unskilled hackers trying to break...
Wagtail denial of service | CVE-2023-28837
NAME__________Wagtail denial of servicePlatforms Affected:Wagtail Wagtail 4.1.3 Wagtail Wagtail 4.2Risk Level:4.9Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Wagtail is vulnerable to a denial of...
Wagtail cross-site scripting | CVE-2023-28836
NAME__________Wagtail cross-site scriptingPlatforms Affected:Wagtail Wagtail 1.5 Wagtail Wagtail 4.1.3 Wagtail Wagtail 4.2Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Wagtail is vulnerable to cross-site scripting,...
Trellix Agent buffer overflow | CVE-2023-0977
NAME__________Trellix Agent buffer overflowPlatforms Affected:Risk Level:6.7Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Trellix Agent is vulnerable to a heap-based buffer overflow, caused by improper bounds...
NetComm NF20MESH, NF20, and NL1902 routers security bypass | CVE-2022-4874
NAME__________NetComm NF20MESH, NF20, and NL1902 routers security bypassPlatforms Affected:NetComm NF20MESH NetComm NF20 NetComm NL1902Risk Level:6.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________NetComm NF20MESH, NF20, and...
Online Payroll System cross-site scripting | CVE-2023-1853
NAME__________Online Payroll System cross-site scriptingPlatforms Affected:Risk Level:3.5Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Online Payroll System is vulnerable to cross-site scripting, caused by improper validation...
Arm Mali GPU Kernel Driver information disclosure | CVE-2023-26083
NAME__________Arm Mali GPU Kernel Driver information disclosurePlatforms Affected:ARM Mali GPU Kernel Driver Bifrost r0p0 ARM Mali GPU Kernel Driver Valhall...
Online Payroll System SQL injection | CVE-2023-1847
NAME__________Online Payroll System SQL injectionPlatforms Affected:Risk Level:6.3Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________Online Payroll System is vulnerable to SQL injection. A remote authenticated attacker...
Online Payroll System SQL injection | CVE-2023-1846
NAME__________Online Payroll System SQL injectionPlatforms Affected:Risk Level:6.3Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________Online Payroll System is vulnerable to SQL injection. A remote authenticated attacker...
Online Payroll System cross-site scripting | CVE-2023-1852
NAME__________Online Payroll System cross-site scriptingPlatforms Affected:Risk Level:3.5Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Online Payroll System is vulnerable to cross-site scripting, caused by improper validation...
Online Payroll System cross-site scripting | CVE-2023-1851
NAME__________Online Payroll System cross-site scriptingPlatforms Affected:Risk Level:3.5Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Online Payroll System is vulnerable to cross-site scripting, caused by improper validation...
Sp*tify Play Button for WordPress plugin for WordPress cross-site scripting | CVE-2023-1840
NAME__________Sp*tify Play Button for WordPress plugin for WordPress cross-site scriptingPlatforms Affected:Risk Level:4.4Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Sp*tify Play Button for WordPress plugin for...
Online Payroll System SQL injection | CVE-2023-1850
NAME__________Online Payroll System SQL injectionPlatforms Affected:Risk Level:6.3Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________Online Payroll System is vulnerable to SQL injection. A remote authenticated attacker...
Online Payroll System SQL injection | CVE-2023-1845
NAME__________Online Payroll System SQL injectionPlatforms Affected:Risk Level:6.3Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________Online Payroll System is vulnerable to SQL injection. A remote authenticated attacker...
Online Computer and Laptop Store cross-site scripting | CVE-2023-1857
NAME__________Online Computer and Laptop Store cross-site scriptingPlatforms Affected:Risk Level:2.4Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Online Computer and Laptop Store is vulnerable to cross-site scripting,...
Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 routers cross-site scripting | CVE-2023-20148
NAME__________Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 routers cross-site scriptingPlatforms Affected:Cisco Small Business RV042 Dual WAN VPN...
Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 routers cross-site scripting | CVE-2023-20137
NAME__________Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 routers cross-site scriptingPlatforms Affected:Cisco Small Business RV042 Dual WAN VPN...
YourChannel Plugin for WordPress cross-site request forgery | CVE-2023-1870
NAME__________YourChannel Plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress YourChannel plugin for WordPress 1.2.3Risk Level:4.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________YourChannel Plugin for WordPress is...
YourChannel Plugin for WordPress cross-site scripting | CVE-2023-1869
NAME__________YourChannel Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress YourChannel plugin for WordPress 1.2.3Risk Level:5.5Exploitability:HighConsequences:Gain Access DESCRIPTION__________YourChannel Plugin for WordPress is vulnerable...
Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 routers cross-site scripting | CVE-2023-20145
NAME__________Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 routers cross-site scriptingPlatforms Affected:Cisco Small Business RV042 Dual WAN VPN...
Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 routers cross-site scripting | CVE-2023-20147
NAME__________Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 routers cross-site scriptingPlatforms Affected:Cisco Small Business RV042 Dual WAN VPN...
Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 routers cross-site scripting | CVE-2023-20151
NAME__________Cisco Small Business RV016, RV042, RV042G, RV082, RV320, and RV325 routers cross-site scriptingPlatforms Affected:Cisco Small Business RV042 Dual WAN VPN...
