Month: July 2023

IBM InfoSphere Information Server information disclosure | CVE-2023-35898

July 19, 2023

NAME__________IBM InfoSphere Information Server information disclosurePlatforms Affected:IBM InfoSphere Information Server 11.7Risk Level:4.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________IBM InfoSphere Information Server 11.7 could allow...

Maid Hiring Management System cross-site scripting | CVE-2023-37744

July 19, 2023

NAME__________Maid Hiring Management System cross-site scriptingPlatforms Affected:PHPGurukul Maid Hiring Management System 1.0Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Maid Hiring Management System is vulnerable...

Teacher Subject Allocation SQL injection | CVE-2023-37743

July 19, 2023

NAME__________Teacher Subject Allocation SQL injectionPlatforms Affected:PHPGurukul Teacher Subject Allocation Management SystemRisk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Teacher Subject Allocation is vulnerable to SQL...

EMQ X directory traversal | CVE-2023-37781

July 19, 2023

NAME__________EMQ X directory traversalPlatforms Affected:plaidweb webmention.js 2.04Risk Level:5.3Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________EMQ X could allow a remote attacker to traverse directories on...

IBM Spectrum Protect denial of service | CVE-2023-33832

July 19, 2023

NAME__________IBM Spectrum Protect denial of servicePlatforms Affected:IBM Storage Protect 8.1.0 IBM Storage Protect 8.1.17.2Risk Level:6.2Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________IBM Spectrum Protect...

Maid Hiring Management System cross-site scripting | CVE-2023-37746

July 19, 2023

Honeywell Experion PKS, LX, and PlantCruise denial of service | CVE-2023-22435

July 19, 2023

NAME__________Honeywell Experion PKS, LX, and PlantCruise denial of servicePlatforms Affected:Honeywell Experion LX Honeywell Experion PKS Honeywell Experion PlantCruiseRisk Level:7.5Exploitability:UnprovenConsequences:Denial of...

Honeywell Experion PKS, LX, and PlantCruise denial of service | CVE-2023-26597

July 19, 2023

Export and Import Users and Customers plugin for WordPress security bypass | CVE-2023-3459

July 19, 2023

NAME__________Export and Import Users and Customers plugin for WordPress security bypassPlatforms Affected:WordPress Export and Import Users and Customers plugin for...

ProfileGrid plugin for WordPress privilege escalation | CVE-2023-3714

July 19, 2023

NAME__________ProfileGrid plugin for WordPress privilege escalationPlatforms Affected:WordPress ProfileGrid Plugin for WordPress 2.8.5 WordPress ProfileGrid plugin for WordPress 4.7.4Risk Level:7.5Exploitability:UnprovenConsequences:Gain Privileges...

Rockwell Automation Kinetix 5700 denial of service | CVE-2023-2263

July 19, 2023

NAME__________Rockwell Automation Kinetix 5700 denial of servicePlatforms Affected:Rockwell Automation Kinetix 5700 13.001Risk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Rockwell Automation Kinetix 5700 is...

IBM Security Verify Access HTTP open redirect | CVE-2023-30433

July 19, 2023

NAME__________IBM Security Verify Access HTTP open redirectPlatforms Affected:IBM Security Verify Access Docker 10.0Risk Level:6.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________IBM Security Verify Access 10.0...

Iagona ScrutisWeb directory traversal | CVE-2023-35763

July 19, 2023

NAME__________Iagona ScrutisWeb directory traversalPlatforms Affected:Iagona ScrutisWeb 2.1.37Risk Level:5.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Iagona ScrutisWeb contains default hardcoded cryptographic key. A local authenticated attacker...

Multiple WordPress themes cross-site scripting | CVE-2023-3708

July 19, 2023

NAME__________Multiple WordPress themes cross-site scriptingPlatforms Affected:WordPress Amela theme for WordPress 1.0.13 WordPress Arendelle theme for WordPress 1.1.12 WordPress Everse theme...

Royal Elementor Addons plugin for WordPress information disclosure | CVE-2023-3709

July 19, 2023

NAME__________Royal Elementor Addons plugin for WordPress information disclosurePlatforms Affected:WordPress Royal Elementor Addons Plugin for WordPress 1.3.55 WordPress Royal Elementor Addons...

ProfileGrid plugin for WordPress security bypass | CVE-2023-3403

July 19, 2023

NAME__________ProfileGrid plugin for WordPress security bypassPlatforms Affected:WordPress ProfileGrid Plugin for WordPress 2.8.5 WordPress ProfileGrid plugin for WordPress 4.7.4Risk Level:5.4Exploitability:UnprovenConsequences:Bypass Security...

Five Star Restaurant Menu Plugin for WordPress cross-site request forgery | CVE-2023-37985

July 19, 2023

NAME__________Five Star Restaurant Menu Plugin for WordPress cross-site request forgeryPlatforms Affected:WordPress Five Star Restaurant Menu Plugin for WordPress 2.4.6Risk Level:4.3Exploitability:UnprovenConsequences:Gain...

XBRL data create application XML external entity injection | CVE-2023-32635

July 19, 2023

NAME__________XBRL data create application XML external entity injectionPlatforms Affected:Financial Services Agency XBRL data create application 7.0 Financial Services Agency XBRL...

Google Chrome security bypass | CVE-2023-3735

July 19, 2023

NAME__________Google Chrome security bypassPlatforms Affected:Google Chrome 115.0Risk Level:6.5Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Google Chrome could allow a remote attacker to bypass security restrictions,...

Weintek Weincloud Account API security bypass | CVE-2023-37362

July 19, 2023

NAME__________Weintek Weincloud Account API security bypassPlatforms Affected:Weintek Weincloud Account API 0.13.6Risk Level:7.2Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Weintek Weincloud Account API could allow a...

Weintek Weincloud Account API brute force | CVE-2023-32657

July 19, 2023

NAME__________Weintek Weincloud Account API brute forcePlatforms Affected:Weintek Weincloud Account API 0.13.6Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Weintek Weincloud Account API is vulnerable to...

Weintek Weincloud Account API denial of service | CVE-2023-34429

July 19, 2023

NAME__________Weintek Weincloud Account API denial of servicePlatforms Affected:Weintek Weincloud Account API 0.13.6Risk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Weintek Weincloud Account API is...

Zyxel firewalls denial of service | CVE-2023-34140

July 19, 2023

NAME__________Zyxel firewalls denial of servicePlatforms Affected:Zyxel ATP ZLD 5.31 Zyxel USG FLEX ZLD 5.31 Zyxel USG FLEX 50(W) / USG20(W)-VPN...

Tesla Model 3 buffer overflow | CVE-2023-32157

July 19, 2023

NAME__________Tesla Model 3 buffer overflowPlatforms Affected:Tesla Model 3Risk Level:4.6Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Tesla Model 3 is vulnerable to a heap-based buffer overflow,...

Month: July 2023

IBM InfoSphere Information Server information disclosure | CVE-2023-35898

Maid Hiring Management System cross-site scripting | CVE-2023-37744

Teacher Subject Allocation SQL injection | CVE-2023-37743

EMQ X directory traversal | CVE-2023-37781

IBM Spectrum Protect denial of service | CVE-2023-33832

Maid Hiring Management System cross-site scripting | CVE-2023-37746

Honeywell Experion PKS, LX, and PlantCruise denial of service | CVE-2023-22435

Honeywell Experion PKS, LX, and PlantCruise denial of service | CVE-2023-26597

Export and Import Users and Customers plugin for WordPress security bypass | CVE-2023-3459

ProfileGrid plugin for WordPress privilege escalation | CVE-2023-3714

Rockwell Automation Kinetix 5700 denial of service | CVE-2023-2263

IBM Security Verify Access HTTP open redirect | CVE-2023-30433

Iagona ScrutisWeb directory traversal | CVE-2023-35763

Multiple WordPress themes cross-site scripting | CVE-2023-3708

Royal Elementor Addons plugin for WordPress information disclosure | CVE-2023-3709

ProfileGrid plugin for WordPress security bypass | CVE-2023-3403

Five Star Restaurant Menu Plugin for WordPress cross-site request forgery | CVE-2023-37985

XBRL data create application XML external entity injection | CVE-2023-32635

Google Chrome security bypass | CVE-2023-3735

Weintek Weincloud Account API security bypass | CVE-2023-37362

Weintek Weincloud Account API brute force | CVE-2023-32657

Weintek Weincloud Account API denial of service | CVE-2023-34429

Zyxel firewalls denial of service | CVE-2023-34140

Tesla Model 3 buffer overflow | CVE-2023-32157

Cobalt Strike Beacon Detected – 52[.]231[.]10[.]139:8080

Cobalt Strike Beacon Detected – 54[.]224[.]145[.]120:443

Cobalt Strike Beacon Detected – 118[.]193[.]37[.]157:8889

Cobalt Strike Beacon Detected – 103[.]225[.]196[.]197:80

Cobalt Strike Beacon Detected – 101[.]201[.]247[.]232:4433

You may have missed