CISA: Mozilla Releases Security Updates for Multiple Products
Mozilla Releases Security Updates for Multiple Products Mozilla has released security updates to address a vulnerability affecting Firefox, Firefox ESR,...
Month: September 2023
CISA: CISA Releases its Open Source Software Security Roadmap
CISA Releases its Open Source Software Security Roadmap Today, CISA released an Open Source Software Security Roadmap to lay out—in...
CISA: CISA Adds Three Known Vulnerabilities to Catalog
CISA Adds Three Known Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on...
Russian Journalist’s iPhone Compromised by NSO Group’s Zero-Click Spyware
The iPhone belonging to Galina Timchenko, a prominent Russian journalist and critic of the government, was compromised with NSO Group's...
N-Able’s Take Control Agent Vulnerability Exposes Windows Systems to Privilege Escalation
A high-severity security flaw has been disclosed in N-Able's Take Control Agent that could be exploited by a local unprivileged...
Akira Ransomware Victim: Accuride
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
libvips denial of service | CVE-2023-40032
NAME__________libvips denial of servicePlatforms Affected:libvips libvips 8.12.0 libvips libvips 8.14.3Risk Level:5.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________libvips is vulnerable to a denial of...
MapPress Maps Plugin for WordPress cross-site scripting | CVE-2023-4840
NAME__________MapPress Maps Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress MapPress Maps Plugin for WordPress 2.88.4Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________MapPress Maps Plugin for...
OpenMage Magento LTS information disclosure | CVE-2023-41879
NAME__________OpenMage Magento LTS information disclosurePlatforms Affected:OpenMage Magento LTS 19.5.0 OpenMage Magento LTS 20.0.0 OpenMage Magento LTS 20.1.0Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________OpenMage...
Samsung Exynos Mobile Processor, Automotive Processor, and Modem denial of service | CVE-2023-37368
NAME__________Samsung Exynos Mobile Processor, Automotive Processor, and Modem denial of servicePlatforms Affected:Samsung Exynos Mobile Processor Samsung Automotive Processor Samsung ModemRisk...
Piccolo information disclosure | CVE-2023-41885
NAME__________Piccolo information disclosurePlatforms Affected:Piccolo Piccolo 0.120.0Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Piccolo could allow a remote attacker to obtain sensitive information, caused by...
Slimstat Analytics plugin for WordPress SQL injection | CVE-2023-4598
NAME__________Slimstat Analytics plugin for WordPress SQL injectionPlatforms Affected:WordPress Slimstat Analytics plugin for WordPress 5.0.9Risk Level:5.4Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________Slimstat Analytics plugin for...
Imagine CMS photo-gallery.html cross-site scripting |
NAME__________Imagine CMS photo-gallery.html cross-site scriptingPlatforms Affected:Imagine Web Technologies Imagine CMS 1.0Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Imagine CMS is vulnerable to cross-site scripting,...
iSmile Soft CMS index.php cross-site scripting |
NAME__________iSmile Soft CMS index.php cross-site scriptingPlatforms Affected:iSmile Soft CMS iSmile Soft CMS 0.3.0Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________iSmile Soft CMS is vulnerable...
Symfony ux-autocomplete security bypass | CVE-2023-41336
NAME__________Symfony ux-autocomplete security bypassPlatforms Affected:Symfony ux-autocomplete 2.11.1 Symfony ux-autocomplete 2.11.0Risk Level:6.5Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Symfony ux-autocomplete could allow a remote attacker to...
Shuttle Booking Software id SQL injection |
NAME__________Shuttle Booking Software id SQL injectionPlatforms Affected:PHPJabbers Shuttle Booking Software 1.0Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Shuttle Booking Software is vulnerable to SQL...
Foxit PDF Reader code execution | CVE-2023-42092
NAME__________Foxit PDF Reader code executionPlatforms Affected:Foxit PDF ReaderRisk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Foxit PDF Reader could allow a remote attacker to execute...
Google Maps Plugin for WordPress cross-site scripting | CVE-2023-4887
NAME__________Google Maps Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Google Maps Plugin for WordPress 2.3.2Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Google Maps Plugin for...
Siemens Teamcenter Visualization and JT2Go buffer overflow | CVE-2023-38070
NAME__________Siemens Teamcenter Visualization and JT2Go buffer overflowPlatforms Affected:Siemens JT2Go 13.1.0 Siemens Teamcenter Visualization 13.1.0 Siemens JT2Go 13.2.0 Siemens Teamcenter Visualization...
Siemens Tecnomatix Plant Simulation code execution | CVE-2023-41846
NAME__________Siemens Tecnomatix Plant Simulation code executionPlatforms Affected:Siemens Tecnomatix Plant Simulation 2201 Siemens Tecnomatix Plant Simulation 2302Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Siemens Tecnomatix...
OpenPLC Runtime denial of service |
NAME__________OpenPLC Runtime denial of servicePlatforms Affected:OpenPLC WebServer v3Risk Level:7.5Exploitability:Proof of ConceptConsequences:Denial of Service DESCRIPTION__________OpenPLC Runtime is vulnerable to a denial...
Foxit PDF Reader information disclosure | CVE-2023-42098
NAME__________Foxit PDF Reader information disclosurePlatforms Affected:Foxit PDF ReaderRisk Level:3.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Foxit PDF Reader could allow a remote attacker to obtain...
Linux Kernel information disclosure | CVE-2023-4881
NAME__________Linux Kernel information disclosurePlatforms Affected:Linux KernelRisk Level:6.1Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Linux Kernel could allow a remote attacker to obtain sensitive information, caused...
Leyka Plugin for WordPress information disclosure | CVE-2023-4917
NAME__________Leyka Plugin for WordPress information disclosurePlatforms Affected:WordPress Leyka Plugin for WordPress 3.30.3Risk Level:5.3Exploitability:HighConsequences:Obtain Information DESCRIPTION__________Leyka Plugin for WordPress could allow...
