Microsoft Warns of Nation-State Hackers Exploiting Critical Atlassian Confluence Vulnerability
Microsoft has linked the exploitation of a recently disclosed critical flaw in Atlassian Confluence Data Center and Server to a...
Month: October 2023
US-CERT Vulnerability Summary for the Week of October 2, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoacronis -- agentLocal privilege escalation due to improper soft link handling. The...
Spoofy – Program That Checks If A List Of Domains Can Be Spoofed Based On SPF And DMARC Records
Spoofy is a program that checks if a list of domains can be spoofed based on SPF and DMARC records....
HackerOne Bug Bounty Disclosure: b-uaf-on-jsethereumprovider-b-nick-ve
Company Name: b'Brave Software' Company HackerOne URL: https://hackerone.com/brave Submitted By:b'nick0ve'Link to Submitters Profile:https://hackerone.com/b'nick0ve' Report Title:b'UAF on JSEthereumProvider'Report Link:https://hackerone.com/reports/1977252Date Submitted:11 October...
HackerOne Bug Bounty Disclosure: b-cve-cookie-injection-with-none-file-b-w-x
Company Name: b'curl' Company HackerOne URL: https://hackerone.com/curl Submitted By:b'w0x42'Link to Submitters Profile:https://hackerone.com/b'w0x42' Report Title:b'CVE-2023-38546: cookie injection with none file'Report Link:https://hackerone.com/reports/2148242Date...
HackerOne Bug Bounty Disclosure: b-cve-socks-heap-buffer-overflow-b-raysatiro
Company Name: b'curl' Company HackerOne URL: https://hackerone.com/curl Submitted By:b'raysatiro'Link to Submitters Profile:https://hackerone.com/b'raysatiro' Report Title:b'CVE-2023-38545: socks5 heap buffer overflow'Report Link:https://hackerone.com/reports/2187833Date Submitted:11...
Black Basta Ransomware Victim: HAEFFNER-ASP
Black Basta Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Black Basta Ransomware Victim: GREGAGG
Black Basta Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Black Basta Ransomware Victim: STANTONWILLIAMS
Black Basta Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Black Basta Ransomware Victim: REH
Black Basta Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: foremostgroups[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Microsoft Windows Mark of the Web security bypass | CVE-2023-36584
NAME__________Microsoft Windows Mark of the Web security bypassPlatforms Affected:Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows 10...
Lenovo Desktop products privilege escalation | CVE-2023-43574
NAME__________Lenovo Desktop products privilege escalationPlatforms Affected:Lenovo DesktopRisk Level:7.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Lenovo Desktop products could allow a local authenticated attacker to gain...
Microsoft Windows Runtime C++ Template Library privilege escalation | CVE-2023-36711
NAME__________Microsoft Windows Runtime C++ Template Library privilege escalationPlatforms Affected:Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows 10...
Google Chrome security bypass | CVE-2023-5486
NAME__________Google Chrome security bypassPlatforms Affected:Google Chrome 118.0Risk Level:4.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Google Chrome could allow a remote attacker to bypass security restrictions,...
Microsoft Windows Message Queuing code execution | CVE-2023-36593
NAME__________Microsoft Windows Message Queuing code executionPlatforms Affected:Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows 10 x32 Microsoft...
Unisoc Chipsets information disclosure | CVE-2023-40641
NAME__________Unisoc Chipsets information disclosurePlatforms Affected:Unisoc SC9863ARisk Level:4Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Unisoc Chipsets could allow a local authenticated attacker to obtain sensitive information,...
Google Chrome security bypass | CVE-2023-5485
NAME__________Google Chrome security bypassPlatforms Affected:Google Chrome 118.0Risk Level:4.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Google Chrome could allow a remote attacker to bypass security restrictions,...
Unisoc Chipsets information disclosure | CVE-2023-40646
NAME__________Unisoc Chipsets information disclosurePlatforms Affected:Unisoc SC9863ARisk Level:4Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Unisoc Chipsets could allow a local authenticated attacker to obtain sensitive information,...
Lenovo System Update privilege escalation | CVE-2023-4632
NAME__________Lenovo System Update privilege escalationPlatforms Affected:Lenovo System UpdateRisk Level:7.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Lenovo System Update could allow a local authenticated attacker to...
Lenovo Desktop, Smart Edge and ThinkStation products privilege escalation | CVE-2023-45078
NAME__________Lenovo Desktop, Smart Edge and ThinkStation products privilege escalationPlatforms Affected:Lenovo ThinkStation Lenovo Desktop Lenovo Smart EdgeRisk Level:7.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Lenovo Desktop,...
Google Chrome security bypass | CVE-2023-5475
NAME__________Google Chrome security bypassPlatforms Affected:Google Chrome 118.0Risk Level:4.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Google Chrome could allow a remote attacker to bypass security restrictions,...
Microsoft SQL OLE DB code execution | CVE-2023-36417
NAME__________Microsoft SQL OLE DB code executionPlatforms Affected:Microsoft SQL Server 2019 for X64-based systems (GDR) x64 Microsoft SQL Server 2022 for...
Google Chrome security bypass | CVE-2023-5477
NAME__________Google Chrome security bypassPlatforms Affected:Google Chrome 118.0Risk Level:4.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Google Chrome could allow a remote attacker to bypass security restrictions,...
