Month: September 2023

Jenkins Azure AD Plugin information disclosure | CVE-2023-41935

September 8, 2023

NAME__________Jenkins Azure AD Plugin information disclosurePlatforms Affected:Jenkins Azure AD Plugin 396.v86ce29279947Risk Level:3.7Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Jenkins Azure AD Plugin could allow a...

Jenkins AWS CodeCommit Trigger Plugin cross-site request forgery | CVE-2023-41942

September 8, 2023

NAME__________Jenkins AWS CodeCommit Trigger Plugin cross-site request forgeryPlatforms Affected:Jenkins AWS CodeCommit Trigger Plugin 3.0.12Risk Level:5.4Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Jenkins AWS CodeCommit Trigger...

Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers buffer overflow | CVE-2023-20250

September 8, 2023

NAME__________Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers buffer overflowPlatforms Affected:Cisco RV110W Wireless-N VPN Firewall Cisco RV130W Wireless-N Multifunction...

Duplicate Post Page Menu & Custom Post Type plugin for WordPress security bypass | CVE-2023-4792

September 8, 2023

NAME__________Duplicate Post Page Menu & Custom Post Type plugin for WordPress security bypassPlatforms Affected:Inqsys Technology Duplicate Post Page Menu &...

Apple macOS Ventura information disclosure | CVE-2023-40392

September 8, 2023

NAME__________Apple macOS Ventura information disclosurePlatforms Affected:Apple macOS Ventura 13.4Risk Level:3.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Apple macOS Ventura could allow a remote attacker to...

Jenkins AWS CodeCommit Trigger Plugin security bypass | CVE-2023-41943

September 8, 2023

NAME__________Jenkins AWS CodeCommit Trigger Plugin security bypassPlatforms Affected:Jenkins AWS CodeCommit Trigger Plugin 3.0.12Risk Level:5.4Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Jenkins AWS CodeCommit Trigger Plugin...

WordPress Social Login plugin for WordPress cross-site scripting | CVE-2023-4773

September 8, 2023

NAME__________WordPress Social Login plugin for WordPress cross-site scriptingPlatforms Affected:Miled WordPress Social Login plugin for WordPress 3.0.4Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________WordPress Social...

Apple macOS Ventura cross-site scripting | CVE-2023-40397

September 8, 2023

NAME__________Apple macOS Ventura cross-site scriptingPlatforms Affected:Apple macOS Ventura 13.4Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Apple macOS Ventura is vulnerable to cross-site scripting, caused...

Jenkins Qualys Container Scanning Connector Plugin security bypass |

September 8, 2023

NAME__________Jenkins Qualys Container Scanning Connector Plugin security bypassPlatforms Affected:Jenkins Qualys Container Scanning Connector Plugin 1.6.2.6Risk Level:7.1Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Jenkins Qualys Container...

Bolo solo file upload | CVE-2023-41009

September 8, 2023

NAME__________Bolo solo file uploadPlatforms Affected:bolo-solo bolo-solo 2.6Risk Level:5.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Bolo solo could allow a remote attacker to upload arbitrary files,...

Newsletter plugin for WordPress cross-site scripting | CVE-2023-4772

September 8, 2023

NAME__________Newsletter plugin for WordPress cross-site scriptingPlatforms Affected:The Newsletter Team Newsletter plugin for WordPress 7.8.9Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Newsletter plugin for WordPress...

Jenkins Google Login Plugin information disclosure | CVE-2023-41936

September 8, 2023

NAME__________Jenkins Google Login Plugin information disclosurePlatforms Affected:Jenkins Google Login Plugin 1.7Risk Level:3.7Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Jenkins Google Login Plugin could allow a...

Jenkins Ivy Plugin cross-site request forgery | CVE-2023-41938

September 8, 2023

NAME__________Jenkins Ivy Plugin cross-site request forgeryPlatforms Affected:Jenkins Ivy Plugin 2.5Risk Level:4.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Jenkins Ivy Plugin is vulnerable to cross-site request...

Jenkins SSH2 Easy Plugin security bypass | CVE-2023-41939

September 8, 2023

NAME__________Jenkins SSH2 Easy Plugin security bypassPlatforms Affected:Jenkins SSH2 Easy Plugin 1.4Risk Level:6.8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Jenkins SSH2 Easy Plugin could allow a...

Dover Fueling Solutions MAGLINK LX directory traversal | CVE-2023-38256

September 8, 2023

NAME__________Dover Fueling Solutions MAGLINK LX directory traversalPlatforms Affected:Dover Fueling Solutions MAGLINK LX 2.5.1 Dover Fueling Solutions MAGLINK LX 2.5.2 Dover...

Apple macOS Ventura code execution | CVE-2023-38616

September 8, 2023

NAME__________Apple macOS Ventura code executionPlatforms Affected:Apple macOS Ventura 13.4Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Apple macOS Ventura could allow a remote attacker to...

D-Link DAP-1325 routers information disclosure | CVE-2023-41186

September 8, 2023

NAME__________D-Link DAP-1325 routers information disclosurePlatforms Affected:D-Link DAP-1325 1.07b01Risk Level:6.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________D-Link DAP-1325 routers could allow a remote attacker to obtain...

Month: September 2023

Jenkins Azure AD Plugin information disclosure | CVE-2023-41935

Jenkins AWS CodeCommit Trigger Plugin cross-site request forgery | CVE-2023-41942

Cisco Small Business RV110W, RV130, RV130W, and RV215W Routers buffer overflow | CVE-2023-20250

Duplicate Post Page Menu & Custom Post Type plugin for WordPress security bypass | CVE-2023-4792

Apple macOS Ventura information disclosure | CVE-2023-40392

Jenkins AWS CodeCommit Trigger Plugin security bypass | CVE-2023-41943

WordPress Social Login plugin for WordPress cross-site scripting | CVE-2023-4773

Apple macOS Ventura cross-site scripting | CVE-2023-40397

Jenkins Qualys Container Scanning Connector Plugin security bypass |

Bolo solo file upload | CVE-2023-41009

Newsletter plugin for WordPress cross-site scripting | CVE-2023-4772

Jenkins Google Login Plugin information disclosure | CVE-2023-41936

Jenkins Ivy Plugin cross-site request forgery | CVE-2023-41938

Jenkins SSH2 Easy Plugin security bypass | CVE-2023-41939

Dover Fueling Solutions MAGLINK LX directory traversal | CVE-2023-38256

Apple macOS Ventura code execution | CVE-2023-38616

D-Link DAP-1325 routers information disclosure | CVE-2023-41186

D-Link DIR-3040 buffer overflow | CVE-2023-41225

NOESCAPE Ransomware Victim: Omniatel

8 Base Ransomware Victim: Conselho Superior da Justiça do Trabalho

The Initial Access Broker Economy: A Deep Dive into Dark Web Hacking Forums

Google: State hackers attack security researchers with new zero-day

Johnson & Johnson discloses IBM data breach impacting patients

Windows cryptomining attacks target graphic designer’s high-powered GPUs

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

CISA: Oracle Releases Quarterly Critical Patch Update Advisory for October 2024

CISA: CISA Adds One Known Exploited Vulnerability to Catalog

CISA: CISA Releases One Industrial Control Systems Advisory

You may have missed