Siemens SIMATIC Cloud Connect information disclosure | CVE-2023-29103
NAME__________Siemens SIMATIC Cloud Connect information disclosurePlatforms Affected:Siemens SIMATIC Cloud Connect 7 CC712 2.0 Siemens SIMATIC Cloud Connect 7 CC716 2.0Risk...
Month: May 2023
Siemens SIMATIC Cloud Connect information disclosure | CVE-2023-29107
NAME__________Siemens SIMATIC Cloud Connect information disclosurePlatforms Affected:Siemens SIMATIC Cloud Connect 7 CC712 2.0 Siemens SIMATIC Cloud Connect 7 CC716 2.0Risk...
Intel NUC Kits denial of service | CVE-2023-25771
NAME__________Intel NUC Kits denial of servicePlatforms Affected:Intel NUC NUC11PHKI7C Intel NUC NUC11PHKI7CAA Intel NUC NUC9V7QNX Intel NUC NUC8I5INH Intel NUC...
Intel Connect M Android application denial of service | CVE-2022-41801
NAME__________Intel Connect M Android application denial of servicePlatforms Affected:Intel Connect M Android applicationRisk Level:5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Intel Connect M Android...
Intel NUC Laptop Element Software privilege escalation | CVE-2023-27382
NAME__________Intel NUC Laptop Element Software privilege escalationPlatforms Affected:Intel NUC P14E Laptop Element softwareRisk Level:6.7Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Intel NUC Laptop Element Software...
Intel VTune Profiler privilege escalation | CVE-2022-41982
NAME__________Intel VTune Profiler privilege escalationPlatforms Affected:Intel VTune Profiler 2022Risk Level:6.7Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Intel VTune Profiler could allow a local authenticated attacker...
Chamilo LMS cross-site scripting | CVE-2023-31799
NAME__________Chamilo LMS cross-site scriptingPlatforms Affected:Chamilo Chamilo LMS 1.11.13Risk Level:5Exploitability:HighConsequences:Gain Access DESCRIPTION__________Chamilo LMS is vulnerable to cross-site scripting, caused by improper...
MicroEngine Mailform directory traversal | CVE-2023-27507
NAME__________MicroEngine Mailform directory traversalPlatforms Affected:MicroEngine Mailform 1.1.8Risk Level:3.7Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________MicroEngine Mailform could allow a remote authenticated attacker to traverse directories...
Microsoft Office Visio information disclosure |
NAME__________Microsoft Office Visio information disclosurePlatforms Affected:Microsoft VisioRisk Level:3.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Microsoft Office Visio could allow a remote attacker to obtain sensitive...
Tenda IP Camera CP3 information disclosure | CVE-2023-30352
NAME__________Tenda IP Camera CP3 information disclosurePlatforms Affected:Tenda IP Camera CP3 11.10.00.2211041355Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Tenda IP Camera CP3 could allow a...
Palo Alto Networks PAN-OS information disclosure | CVE-2023-0008
NAME__________Palo Alto Networks PAN-OS information disclosurePlatforms Affected:Palo Alto Networks PAN-OS 9.0.0 Palo Alto Networks PAN-OS 8.1 Palo Alto Networks PAN-OS...
OpenStack Cinder, Glance_store, Nova and Os-brick information disclosure | CVE-2023-2088
NAME__________OpenStack Cinder, Glance_store, Nova and Os-brick information disclosurePlatforms Affected:OpenStack Nova 26.0.0 OpenStack Nova 27.0.0 OpenStack Cinder 21.0.0 OpenStack Cinder 22.0.0...
Intel IPP Cryptography software information disclosure | CVE-2022-37409
NAME__________Intel IPP Cryptography software information disclosurePlatforms Affected:Intel IPP Cryptography software 2021.6Risk Level:4.7Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Intel IPP Cryptography software could allow a...
MicroEngine Mailform file upload | CVE-2023-27397
NAME__________MicroEngine Mailform file uploadPlatforms Affected:MicroEngine Mailform 1.1.8Risk Level:3.7Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________MicroEngine Mailform could allow a remote authenticated attacker to upload arbitrary...
Chamilo LMS cross-site scripting | CVE-2023-31803
NAME__________Chamilo LMS cross-site scriptingPlatforms Affected:Chamilo Chamilo LMS 1.11.13Risk Level:5Exploitability:HighConsequences:Gain Access DESCRIPTION__________Chamilo LMS is vulnerable to cross-site scripting, caused by improper...
Tenda IP Camera CP3 security bypass | CVE-2023-30354
NAME__________Tenda IP Camera CP3 security bypassPlatforms Affected:Tenda IP Camera CP3 11.10.00.2211041355Risk Level:6.8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Tenda IP Camera CP3 could allow a...
Weston Embedded uC-FTPs security bypass | CVE-2022-41985
NAME__________Weston Embedded uC-FTPs security bypassPlatforms Affected:Weston Embedded uC-FTPs 1.98.00Risk Level:7.5Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Weston Embedded uC-FTPs could allow a remote attacker to...
GitHub Extends Push Protection to Prevent Accidental Leaks of Keys and Other Secrets
GitHub has announced the general availability of a new security feature called push protection, which aims to prevent developers from...
Andoryu Botnet Exploits Critical Ruckus Wireless Flaw for Widespread Attack
A nascent botnet called Andoryu has been found to exploit a now-patched critical security flaw in the Ruckus Wireless Admin...
Twitter Finally Rolling Out Encrypted Direct Messages — Starting with Verified Users
Twitter is officially beginning to roll out support for encrypted direct messages (DMs) on the platform, more than six months...
Why more transparency around cyber attacks is a good thing for everyone
Why more transparency around cyber attacks is a good thing for everyone At the NCSC and ICO, we deal with...
Hacker ‘PlugwalkJoe’ pleads guilty to 2020 Twitter breach
Joseph James O'Connor, aka 'PlugwalkJoke,' has pleaded guilty to multiple cybercrime offenses, including SIM swapping attacks, cyberstalking, computer hacking, and...
New ‘Greatness’ service simplifies Microsoft 365 phishing attacks
The Phishing-as-a-Service (PhaaS) platform named 'Greatness' has seen a spike in activity as it targets organizations using Microsoft 365 in...
Top 5 Password Cracking Techniques Used by Hackers
One of the biggest security threats is password cracking. Are you an IT system administrator concerned about the security of...
