Month: August 2023

Leyka Plugin for WordPress cross-site scripting | CVE-2023-39314

August 15, 2023

NAME__________Leyka Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Leyka Plugin for WordPress 3.30.2Risk Level:7.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Leyka Plugin for WordPress is vulnerable...

Nozomi Networks Guardian/CMC denial of service | CVE-2023-24015

August 15, 2023

NAME__________Nozomi Networks Guardian/CMC denial of servicePlatforms Affected:Nozomi Networks Guardian/CMC 22.6.1Risk Level:4.3Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Nozominetworks Nozomi Networks Guardian/CMC is vulnerable to...

MISP cross-site scripting | CVE-2023-40224

August 15, 2023

NAME__________MISP cross-site scriptingPlatforms Affected:MISP MISP 2.4.168 MISP MISP 2.4.169 MISP MISP 2.4.174Risk Level:6.1Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________MISP is vulnerable to cross-site scripting,...

Nozomi Networks Guardian/CMC security bypass | CVE-2023-24477

August 15, 2023

NAME__________Nozomi Networks Guardian/CMC security bypassPlatforms Affected:Nozomi Networks Guardian/CMC 22.6.1Risk Level:5Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Nozomi Networks Guardian/CMC could allow a remote attacker to...

EmbedPress Plugin for WordPress security bypass | CVE-2023-4282

August 15, 2023

NAME__________EmbedPress Plugin for WordPress security bypassPlatforms Affected:WordPress EmbedPress plugin for WordPress 3.8.2Risk Level:5.4Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________EmbedPress Plugin for WordPress could allow...

Art Direction plugin for WordPress cross-site scripting | CVE-2023-37983

August 15, 2023

NAME__________Art Direction plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Art Direction Plugin for WordPress 0.2.4Risk Level:6.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Art Direction plugin for...

eProsima Fast DDS denial of service | CVE-2023-39949

August 15, 2023

NAME__________eProsima Fast DDS denial of servicePlatforms Affected:eProsima Fast DDS 2.9.0Risk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________eProsima Fast DDS is vulnerable to a...

PostgreSQL security bypass | CVE-2023-39418

August 15, 2023

NAME__________PostgreSQL security bypassPlatforms Affected:PostgreSQL PostgreSQLRisk Level:3.1Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________PostgreSQL could allow a remote authenticated attacker to bypass security restrictions, caused by...

Adobe Substance 3D Stager information disclosure |

August 15, 2023

NAME__________Adobe Substance 3D Stager information disclosurePlatforms Affected:Adobe Substance 3D Stager 2.0.0Risk Level:3.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Adobe Substance 3D Stager could allow a...

IBM TXSeries for Multiplatforms denial of service | CVE-2023-38741

August 15, 2023

NAME__________IBM TXSeries for Multiplatforms denial of servicePlatforms Affected:IBM TXSeries for Multiplatforms 8.1 IBM TXSeries for Multiplatforms 8.2 IBM TXSeries for...

Zephyr Project Zephyr buffer overflow | CVE-2023-4265

August 15, 2023

NAME__________Zephyr Project Zephyr buffer overflowPlatforms Affected:Zephyr Zephyr 3.3Risk Level:6.4Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Zephyr Project Zephyr is vulnerable to a buffer overflow, caused...

Dataprobe iBoot PDU information disclosure | CVE-2023-3263

August 15, 2023

NAME__________Dataprobe iBoot PDU information disclosurePlatforms Affected:Dataprobe iBoot PDU 1.43.03312023Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Dataprobe iBoot PDU could allow a remote attacker to...

Adobe Substance 3D Stager code execution |

August 15, 2023

NAME__________Adobe Substance 3D Stager code executionPlatforms Affected:Adobe Substance 3D Stager 2.0.0Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Adobe Substance 3D Stager could allow a...

Dataprobe iBoot PDU denial of service | CVE-2023-3261

August 15, 2023

NAME__________Dataprobe iBoot PDU denial of servicePlatforms Affected:Dataprobe iBoot PDU 1.43.03312023Risk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Dataprobe iBoot PDU is vulnerable to a...

eProsima Fast DDS denial of service | CVE-2023-39948

August 15, 2023

NAME__________eProsima Fast DDS denial of servicePlatforms Affected:eProsima Fast DDS 2.9.1Risk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________eProsima Fast DDS is vulnerable to a...

eProsima Fast DDS denial of service | CVE-2023-39534

August 15, 2023

ECShop directory traversal | CVE-2023-39112

August 15, 2023

NAME__________ECShop directory traversalPlatforms Affected:ECShop ECShop 4.1.16Risk Level:6.5Exploitability:UnprovenConsequences:File Manipulation DESCRIPTION__________ECShop could allow a remote attacker to traverse directories on the system....

Adobe Substance 3D Stager code execution |

August 15, 2023

NOESCAPE Ransomware Victim: John L Lowery & Associates

August 15, 2023

NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...

NOESCAPE Ransomware Victim: Fondation De Verdeil

August 15, 2023

NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...

NOESCAPE Ransomware Victim: Federal Bar Association

August 15, 2023

NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...

Catching the Catphish: Join the Expert Webinar on Combating Credential Phishing

August 15, 2023

Is your organization constantly under threat from credential phishing? Even with comprehensive security awareness training, many employees still fall victim...

North Korean Hackers Suspected in New Wave of Malicious npm Packages

August 15, 2023

The npm package registry has emerged as the target of yet another highly targeted attack campaign that aims to entice...

Over 12,000 Computers Compromised by Info Stealers Linked to Users of Cybercrime Forums

August 15, 2023

A "staggering" 120,000 computers infected by stealer malware have credentials associated with cybercrime forums, many of them belonging to malicious...

Month: August 2023

Leyka Plugin for WordPress cross-site scripting | CVE-2023-39314

Nozomi Networks Guardian/CMC denial of service | CVE-2023-24015

MISP cross-site scripting | CVE-2023-40224

Nozomi Networks Guardian/CMC security bypass | CVE-2023-24477

EmbedPress Plugin for WordPress security bypass | CVE-2023-4282

Art Direction plugin for WordPress cross-site scripting | CVE-2023-37983

eProsima Fast DDS denial of service | CVE-2023-39949

PostgreSQL security bypass | CVE-2023-39418

Adobe Substance 3D Stager information disclosure |

IBM TXSeries for Multiplatforms denial of service | CVE-2023-38741

Zephyr Project Zephyr buffer overflow | CVE-2023-4265

Dataprobe iBoot PDU information disclosure | CVE-2023-3263

Adobe Substance 3D Stager code execution |

Dataprobe iBoot PDU denial of service | CVE-2023-3261

eProsima Fast DDS denial of service | CVE-2023-39948

eProsima Fast DDS denial of service | CVE-2023-39534

ECShop directory traversal | CVE-2023-39112

Adobe Substance 3D Stager code execution |

NOESCAPE Ransomware Victim: John L Lowery & Associates

NOESCAPE Ransomware Victim: Fondation De Verdeil

NOESCAPE Ransomware Victim: Federal Bar Association

Catching the Catphish: Join the Expert Webinar on Combating Credential Phishing

North Korean Hackers Suspected in New Wave of Malicious npm Packages

Over 12,000 Computers Compromised by Info Stealers Linked to Users of Cybercrime Forums

[INCRANSOM] – Ransomware Victim: Darlington EMS

[INCRANSOM] – Ransomware Victim: Schuck-Gruppe

[APT73] – Ransomware Victim: gureco[.]pl

[APT73] – Ransomware Victim: lgpunjab[.]gov[.]in

[INCRANSOM] – Ransomware Victim: IPE Engwicht

You may have missed