7 Uses for Generative AI to Enhance Security Operations
Welcome to a world where Generative AI revolutionizes the field of cybersecurity. Generative AI refers to the use of artificial...
Month: November 2023
This Free Solution Provides Essential Third-Party Risk Management for SaaS
Wing Security recently announced that basic third-party risk assessment is now available as a free product. But it raises the...
Akira Ransomware Victim: Lydall, Inc[.]
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Mattermost Server security bypass | CVE-2023-47865
NAME__________Mattermost Server security bypassPlatforms Affected:Mattermost Mattermost Server 7.8.12 Mattermost Mattermost Server 8.1.3Risk Level:4.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Mattermost Server could allow a remote...
VMware Tanzu Spring Framework denial of service | CVE-2023-34053
NAME__________VMware Tanzu Spring Framework denial of servicePlatforms Affected:VMware Tanzu Spring Framework 6.0.0 VMware Tanzu Spring Framework 6.0.13Risk Level:5.3Exploitability:UnprovenConsequences:Denial of Service...
Meta Incubator Katran information disclosure | CVE-2023-49062
NAME__________Meta Incubator Katran information disclosurePlatforms Affected:Meta Incubator KatranRisk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Meta Incubator Katran could allow a remote attacker to obtain...
VMware Tanzu Reactor Netty denial of service | CVE-2023-34054
NAME__________VMware Tanzu Reactor Netty denial of servicePlatforms Affected:Tanzu VMware Reactor Netty 1.0.0 Tanzu VMware Reactor Netty 1.0.38 Tanzu VMware Reactor...
M-Files Server security bypass | CVE-2023-6239
NAME__________M-Files Server security bypassPlatforms Affected:M-Files M-Files Server 23.9 M-Files M-Files Server 23.10 M-Files M-Files Server 23.11Risk Level:5.4Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________M-Files Server...
QOS.ch Sarl Logback denial of service | CVE-2023-6378
NAME__________QOS.ch Sarl Logback denial of servicePlatforms Affected:QOS.ch Sarl Logback 1.4.11Risk Level:5.3Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________QOS.ch Sarl Logback is vulnerable to a...
Raptor-Web cross-site scripting | CVE-2023-49078
NAME__________Raptor-Web cross-site scriptingPlatforms Affected:Raptor-Web Raptor-Web 0.4.4Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Raptor-Web is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
Mattermost Server security bypass | CVE-2023-47865
NAME__________Mattermost Server security bypassPlatforms Affected:Mattermost Mattermost Server 7.8.12 Mattermost Mattermost Server 8.1.3Risk Level:4.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Mattermost Server could allow a remote...
VMware Tanzu Spring Boot denial of service | CVE-2023-34055
NAME__________VMware Tanzu Spring Boot denial of servicePlatforms Affected:VMware Tanzu Spring Boot 2.7.0 VMware Tanzu Spring Boot 3.0.0 Tanzu VMware Spring...
Mattermost open redirect | CVE-2023-47168
NAME__________Mattermost open redirectPlatforms Affected:Mattermost Mattermost Server 7.8.12 Mattermost Mattermost Server 8.1.3 Mattermost Mattermost Server 9.0.1 Mattermost Mattermost Server 9.1.0Risk Level:4.3Exploitability:UnprovenConsequences:Other...
Jenkins NeuVector Vulnerability Scanner Plugin security bypass | CVE-2023-49674
NAME__________Jenkins NeuVector Vulnerability Scanner Plugin security bypassPlatforms Affected:Jenkins NeuVector Vulnerability Scanner Plugin 1.22Risk Level:4.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Jenkins NeuVector Vulnerability Scanner Plugin...
Alumne LMS cross-site scripting | CVE-2023-6359
NAME__________Alumne LMS cross-site scriptingPlatforms Affected:Alumne LMS Alumne LMS 4.0.0.1.08Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Alumne LMS is vulnerable to cross-site scripting, caused by...
ESKOM Computer e-municipality module information disclosure | CVE-2023-6151
NAME__________ESKOM Computer e-municipality module information disclosurePlatforms Affected:ESKOM Computer e-municipality module 104Risk Level:7.2Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________ESKOM Computer e-municipality module could allow a...
Jenkins Google Compute Engine Plugin information disclosure | CVE-2023-49652
NAME__________Jenkins Google Compute Engine Plugin information disclosurePlatforms Affected:Jenkins Google Compute Engine Plugin 4.550.vb_327fca_3db_11Risk Level:4.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Jenkins Google Compute Engine Plugin...
Jenkins MATLAB Plugin cross-site request forgery | CVE-2023-49655
NAME__________Jenkins MATLAB Plugin cross-site request forgeryPlatforms Affected:Jenkins MATLAB Plugin 2.11.0Risk Level:7.1Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Jenkins MATLAB Plugin is vulnerable to cross-site request...
Jenkins MATLAB Plugin information disclosure | CVE-2023-49656
NAME__________Jenkins MATLAB Plugin information disclosurePlatforms Affected:Jenkins MATLAB Plugin 2.11.0Risk Level:7.1Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Jenkins MATLAB Plugin could allow a remote authenticated attacker...
Trellix Enterprise Security Manager (ESM) server-side request forgery | CVE-2023-6070
NAME__________Trellix Enterprise Security Manager (ESM) server-side request forgeryPlatforms Affected:Trellix Enterprise Security Manager 11.6.3 Trellix Enterprise Security Manager 11.6.2 Trellix Enterprise...
Jenkins NeuVector Vulnerability Scanner Plugin cross-site request forgery | CVE-2023-49673
NAME__________Jenkins NeuVector Vulnerability Scanner Plugin cross-site request forgeryPlatforms Affected:Jenkins NeuVector Vulnerability Scanner Plugin 1.22Risk Level:4.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Jenkins NeuVector Vulnerability Scanner...
Jenkins MATLAB Plugin security bypass | CVE-2023-49654
NAME__________Jenkins MATLAB Plugin security bypassPlatforms Affected:Jenkins MATLAB Plugin 2.11.0Risk Level:7.1Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Jenkins MATLAB Plugin could allow a remote authenticated attacker...
Jenkins Jira Plugin information disclosure | CVE-2023-49653
NAME__________Jenkins Jira Plugin information disclosurePlatforms Affected:Jenkins Jira Plugin 3.11Risk Level:4.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Jenkins Jira Plugin could allow a remote authenticated attacker...
Microsoft Edge Multiple Vulnerabilities
Multiple vulnerabilities were identified in Microsoft Edge. A remote attacker could exploit some of these vulnerabilities to trigger security restriction bypass,...
