Month: September 2023

LockBit 3.0 Ransomware Victim: ezpaybuildings[.]net

September 29, 2023

LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...

LockBit 3.0 Ransomware Victim: fdf[.]org[.]uk

September 29, 2023

LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...

LockBit 3.0 Ransomware Victim: fdf[.]org[.]uk

September 29, 2023

LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...

Zephyr buffer overflow | CVE-2023-4262

September 29, 2023

NAME__________Zephyr buffer overflowPlatforms Affected:Zephyr Project Zephyr 3.4.0Risk Level:5.1Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Zephyr is vulnerable to a buffer overflow, caused by improper bounds...

AjaxNewsTicker code execution | CVE-2023-41449

September 29, 2023

NAME__________AjaxNewsTicker code executionPlatforms Affected:PHPKOBO AjaxNewsTicker 1.05Risk Level:7.3Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________AjaxNewsTicker could allow a remote attacker to execute arbitrary code...

AjaxNewsTicker cross-site scripting | CVE-2023-41448

September 29, 2023

NAME__________AjaxNewsTicker cross-site scriptingPlatforms Affected:PHPKOBO AjaxNewsTicker 1.05Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________AjaxNewsTicker is vulnerable to cross-site scripting, caused by improper validation of user-supplied...

Zephyr buffer overflow | CVE-2023-4260

September 29, 2023

NAME__________Zephyr buffer overflowPlatforms Affected:Zephyr Project Zephyr 3.4.0Risk Level:6.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Zephyr is vulnerable to a buffer overflow, caused by an off-by-one...

AjaxNewsTicker cross-site scripting | CVE-2023-41453

September 29, 2023

AjaxNewsTicker cross-site scripting | CVE-2023-41451

September 29, 2023

AjaxNewsTicker cross-site scripting | CVE-2023-41445

September 29, 2023

Zephyr buffer overflow | CVE-2023-4264

September 29, 2023

NAME__________Zephyr buffer overflowPlatforms Affected:Zephyr Project Zephyr 3.4.0Risk Level:7.1Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Zephyr is vulnerable to a buffer overflow, caused by improper bounds...

AjaxNewsTicker code execution | CVE-2023-41450

September 29, 2023

F5 BIG-IP security bypass | CVE-2023-43125

September 29, 2023

NAME__________F5 BIG-IP security bypassPlatforms Affected:F5 BIG-IP APM 13.0.0 F5 BIG-IP APM 14.0.0 F5 BIG-IP APM 15.0.0 F5 BIG-IP APM 16.0.0Risk...

Symantec Protection Engine information disclosure | CVE-2023-23958

September 29, 2023

NAME__________Symantec Protection Engine information disclosurePlatforms Affected:Symantec Protection Engine 9.0Risk Level:6.8Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Symantec Protection Engine could allow a remote authenticated attacker...

Shihonkanri Plus directory traversal | CVE-2023-43825

September 29, 2023

NAME__________Shihonkanri Plus directory traversalPlatforms Affected:Shihonkanri Plus 9.0.3Risk Level:5.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Shihonkanri Plus could allow a local attacker to traverse directories on...

IBM i privilege escalation | CVE-2023-40375

September 29, 2023

NAME__________IBM i privilege escalationPlatforms Affected:IBM i 7.2 IBM i 7.3 IBM i 7.4 IBM i 7.5Risk Level:7.4Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Integrated application...

Dreamer CMS information disclosure | CVE-2023-43856

September 29, 2023

NAME__________Dreamer CMS information disclosurePlatforms Affected:I Teach You Dreamer CMS 4.1.3Risk Level:5.3Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Dreamer CMS could allow a remote attacker to...

Progress Software WS_FTP Server cross-site request forgery | CVE-2023-40048

September 29, 2023

NAME__________Progress Software WS_FTP Server cross-site request forgeryPlatforms Affected:Progress Software WS_FTP Server 8.8.1Risk Level:6.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Progress Software WS_FTP Server is vulnerable...

AjaxNewsTicker cross-site scripting | CVE-2023-41446

September 29, 2023

Progress Software WS_FTP Server information disclosure | CVE-2023-40049

September 29, 2023

NAME__________Progress Software WS_FTP Server information disclosurePlatforms Affected:Progress Software WS_FTP Server 8.8.1Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Progress Software WS_FTP could allow a remote...

IBM License Metric Tool information disclosure | CVE-2023-43044

September 29, 2023

NAME__________IBM License Metric Tool information disclosurePlatforms Affected:IBM License Metric Tool 9.2Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________IBM License Metric Tool 9.2 could allow...

F5 BIG-IP information disclosure | CVE-2023-43124

September 29, 2023

NAME__________F5 BIG-IP information disclosurePlatforms Affected:F5 BIG-IP (APM) 13.0.0 F5 BIG-IP (APM) 14.0.0 F5 BIG-IP (APM) 15.0.0 F5 BIG-IP (APM) 16.0.0Risk...

Microweber cross-site scripting | CVE-2023-5244

September 29, 2023

NAME__________Microweber cross-site scriptingPlatforms Affected:Risk Level:5Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Microweber is vulnerable to cross-site scripting, caused by improper validation of user-supplied input by...

AjaxNewsTicker cross-site request forgery | CVE-2023-41452

September 29, 2023

NAME__________AjaxNewsTicker cross-site request forgeryPlatforms Affected:PHPKOBO AjaxNewsTicker 1.05Risk Level:6.5Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________AjaxNewsTicker is vulnerable to cross-site request forgery, caused by...

Month: September 2023

LockBit 3.0 Ransomware Victim: ezpaybuildings[.]net

LockBit 3.0 Ransomware Victim: fdf[.]org[.]uk

LockBit 3.0 Ransomware Victim: fdf[.]org[.]uk

Zephyr buffer overflow | CVE-2023-4262

AjaxNewsTicker code execution | CVE-2023-41449

AjaxNewsTicker cross-site scripting | CVE-2023-41448

Zephyr buffer overflow | CVE-2023-4260

AjaxNewsTicker cross-site scripting | CVE-2023-41453

AjaxNewsTicker cross-site scripting | CVE-2023-41451

AjaxNewsTicker cross-site scripting | CVE-2023-41445

Zephyr buffer overflow | CVE-2023-4264

AjaxNewsTicker code execution | CVE-2023-41450

F5 BIG-IP security bypass | CVE-2023-43125

Symantec Protection Engine information disclosure | CVE-2023-23958

Shihonkanri Plus directory traversal | CVE-2023-43825

IBM i privilege escalation | CVE-2023-40375

Dreamer CMS information disclosure | CVE-2023-43856

Progress Software WS_FTP Server cross-site request forgery | CVE-2023-40048

AjaxNewsTicker cross-site scripting | CVE-2023-41446

Progress Software WS_FTP Server information disclosure | CVE-2023-40049

IBM License Metric Tool information disclosure | CVE-2023-43044

F5 BIG-IP information disclosure | CVE-2023-43124

Microweber cross-site scripting | CVE-2023-5244

AjaxNewsTicker cross-site request forgery | CVE-2023-41452

CVE Alert: CVE-2024-52400

CVE Alert: CVE-2024-52403

CVE Alert: CVE-2024-52404

CVE Alert: CVE-2024-52410

CVE Alert: CVE-2024-52409

You may have missed