Month: September 2023

IBM Storage Protect information disclosure | CVE-2023-40368

September 21, 2023

NAME__________IBM Storage Protect information disclosurePlatforms Affected:IBM Storage Protect Client 8.1.0.0 IBM Storage Protect Client 8.1.19.0 IBM Storage Protect for Space...

Nagios XI cross-site scripting | CVE-2023-40932

September 21, 2023

NAME__________Nagios XI cross-site scriptingPlatforms Affected:Nagios Nagios XI 5.2.7 Nagios Nagios XI 5.2.9 Nagios Nagios XI 5.4.12 Nagios Nagios XI 5.4.13...

MiniTool Power Data Recovery machine-in-the-middle | CVE-2023-38353

September 21, 2023

NAME__________MiniTool Power Data Recovery machine-in-the-middlePlatforms Affected:MiniTool Power Data Recovery 11.5Risk Level:6.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________MiniTool Power Data Recovery could allow a remote...

Sustainsys.Saml2 security bypass | CVE-2023-41890

September 21, 2023

NAME__________Sustainsys.Saml2 security bypassPlatforms Affected:Sustainsys Sustainsys.Saml2 2.0.0 Sustainsys Sustainsys.Saml2 2.9.1Risk Level:7.5Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Sustainsys.Saml2 could allow a remote attacker to bypass security...

Openupload command execution | CVE-2023-36319

September 21, 2023

NAME__________Openupload command executionPlatforms Affected:openupload openupload 0.4.3Risk Level:7.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Openupload could allow a remote attacker to execute arbitrary commands on the...

Nagios XI SQL injection | CVE-2023-40931

September 21, 2023

NAME__________Nagios XI SQL injectionPlatforms Affected:Nagios Nagios XI 5.11.0 Nagios Nagios XI 5.11.1Risk Level:5.4Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________Nagios XI is vulnerable to SQL...

Nagios XI SQL injection | CVE-2023-40934

September 21, 2023

NAME__________Nagios XI SQL injectionPlatforms Affected:Nagios Nagios XI 5.2.7 Nagios Nagios XI 5.2.9 Nagios Nagios XI 5.4.12 Nagios Nagios XI 5.4.13...

Super Store Finder Plugin for WordPress security bypass | CVE-2023-5054

September 21, 2023

NAME__________Super Store Finder Plugin for WordPress security bypassPlatforms Affected:WordPress Super Store Finder Plugin for WordPress 6.9.2Risk Level:5.8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Super Store...

Nagios XI SQL injection | CVE-2023-40933

September 21, 2023

NAME__________Nagios XI SQL injectionPlatforms Affected:Nagios Nagios XI 5.2.7 Nagios Nagios XI 5.2.9 Nagios Nagios XI 5.4.12 Nagios Nagios XI 5.4.13...

JetBrains TeamCity cross-site scripting | CVE-2023-43566

September 21, 2023

NAME__________JetBrains TeamCity cross-site scriptingPlatforms Affected:JetBrains TeamCity 2018.2.1 JetBrains TeamCity 2018.2.2 JetBrains TeamCity 2019.1.1 JetBrains TeamCity 2018.2.4 JetBrains TeamCity 2023.05Risk Level:3.5Exploitability:UnprovenConsequences:Cross-Site...

Foxconn Live Update Utility privilege escalation | CVE-2020-24088

September 21, 2023

NAME__________Foxconn Live Update Utility privilege escalationPlatforms Affected:Foxconn Live Update Utility 2.1.6.26Risk Level:7.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Foxconn Live Update Utility could allow a...

OpenPrinting CUPS buffer overflow | CVE-2023-4504

September 21, 2023

NAME__________OpenPrinting CUPS buffer overflowPlatforms Affected:OpenPrinting CUPS 2.5b1Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________OpenPrinting CUPS is vulnerable to a heap-based buffer overflow, caused by...

ISC BIND denial of service | CVE-2023-3341

September 21, 2023

NAME__________ISC BIND denial of servicePlatforms Affected:ISC BIND 9.4.3b1 ISC BIND 9.4.3b2 ISC BIND 9.4.3b3 ISC BIND 9.5.0-P1 ISC BIND 9.5.0-P2...

IOBit Malware Fighter denial of service | CVE-2020-24089

September 21, 2023

NAME__________IOBit Malware Fighter denial of servicePlatforms Affected:IOBit Malware Fighter 8.0.2Risk Level:4Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________IOBit Malware Fighter is vulnerable to a...

Jenkins Build Failure Analyzer Plugin cross-site request forgery | CVE-2023-43502

September 21, 2023

NAME__________Jenkins Build Failure Analyzer Plugin cross-site request forgeryPlatforms Affected:Jenkins Build Failure Analyzer Plugin 2.4.1Risk Level:4.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Jenkins Build Failure Analyzer...

Month: September 2023

IBM Storage Protect information disclosure | CVE-2023-40368

Nagios XI cross-site scripting | CVE-2023-40932

MiniTool Power Data Recovery machine-in-the-middle | CVE-2023-38353

Sustainsys.Saml2 security bypass | CVE-2023-41890

Openupload command execution | CVE-2023-36319

Nagios XI SQL injection | CVE-2023-40931

Nagios XI SQL injection | CVE-2023-40934

Super Store Finder Plugin for WordPress security bypass | CVE-2023-5054

Nagios XI SQL injection | CVE-2023-40933

JetBrains TeamCity cross-site scripting | CVE-2023-43566

Foxconn Live Update Utility privilege escalation | CVE-2020-24088

OpenPrinting CUPS buffer overflow | CVE-2023-4504

ISC BIND denial of service | CVE-2023-3341

IOBit Malware Fighter denial of service | CVE-2020-24089

Jenkins Build Failure Analyzer Plugin cross-site request forgery | CVE-2023-43502

Jenkins weekly and LTS security bypass | CVE-2023-43497

Jenkins weekly and LTS information disclosure | CVE-2023-43494

Jenkins weekly and LTS code execution | CVE-2023-43496

Jenkins weekly and LTS security bypass | CVE-2023-43498

Jenkins Build Failure Analyzer Plugin cross-site request forgery | CVE-2023-43500

RansomHouse Ransomware Victim: Hawkins Delafield Wood

RansomHouse Ransomware Victim: Radley and Co

CACTUS Ransomware Victim: Not found

Expensive Investigations Drive Surging Data Breach Costs

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

CISA: Oracle Releases Quarterly Critical Patch Update Advisory for October 2024

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

CISA: CISA Releases One Industrial Control Systems Advisory

You may have missed