Month: November 2023

Auth.js next-auth information disclosure | CVE-2023-48309

November 22, 2023

NAME__________Auth.js next-auth information disclosurePlatforms Affected:Auth.js next-auth 4.24.4Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Auth.js next-auth could allow a remote attacker to obtain sensitive information,...

Mozilla Firefox for iOS HTML injection | CVE-2023-49061

November 22, 2023

NAME__________Mozilla Firefox for iOS HTML injectionPlatforms Affected:Mozilla Firefox for iOS 119Risk Level:5.4Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Mozilla Firefox for iOS is vulnerable to...

NearForm fast-jwt security bypass | CVE-2023-48223

November 22, 2023

NAME__________NearForm fast-jwt security bypassPlatforms Affected:NearForm fast-jwt 3.3.1Risk Level:5.9Exploitability:Proof of ConceptConsequences:Bypass Security DESCRIPTION__________NearForm fast-jwt could allow a remote attacker to bypass...

Mozilla Firefox clickjacking | CVE-2023-6211

November 22, 2023

NAME__________Mozilla Firefox clickjackingPlatforms Affected:Mozilla Firefox 119Risk Level:6.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Mozilla Firefox could allow a remote attacker to conduct a clickjacking attack....

Mozilla Firefox clickjacking | CVE-2023-6206

November 22, 2023

NAME__________Mozilla Firefox clickjackingPlatforms Affected:Mozilla Firefox 119 Mozilla Firefox ESR 115.4 Mozilla Thunderbird 115.4Risk Level:6.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Mozilla Firefox could allow a...

Mozilla Firefox security bypass | CVE-2023-6208

November 22, 2023

NAME__________Mozilla Firefox security bypassPlatforms Affected:Mozilla Firefox 119 Mozilla Firefox ESR 115.4 Mozilla Thunderbird 115.4Risk Level:6.5Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Mozilla Firefox could allow...

Mozilla Firefox security bypass | CVE-2023-6210

November 22, 2023

NAME__________Mozilla Firefox security bypassPlatforms Affected:Mozilla Firefox 119Risk Level:6.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Mozilla Firefox could allow a remote attacker to bypass security restrictions,...

Mitsubishi Electric GX Works2 denial of service | CVE-2023-5275

November 22, 2023

NAME__________Mitsubishi Electric GX Works2 denial of servicePlatforms Affected:Mitsubishi Electric GX Works2Risk Level:2.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Mitsubishi Electric GX Works2 is vulnerable...

Mozilla Firefox directory traversal | CVE-2023-6209

November 22, 2023

NAME__________Mozilla Firefox directory traversalPlatforms Affected:Mozilla Firefox 119 Mozilla Firefox ESR 115.4 Mozilla Thunderbird 115.4Risk Level:6.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Mozilla Firefox could allow...

Mozilla Firefox information disclosure | CVE-2023-6204

November 22, 2023

NAME__________Mozilla Firefox information disclosurePlatforms Affected:Mozilla Firefox 119 Mozilla Firefox ESR 115.4 Mozilla Thunderbird 115.4Risk Level:6.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Mozilla Firefox could allow...

Fuji Electric Tellus Lite V-Simulator code execution | CVE-2023-40152

November 22, 2023

NAME__________Fuji Electric Tellus Lite V-Simulator code executionPlatforms Affected:Fuji Electric Tellus Lite V-Simulator 4.0.18.0Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Fuji Electric Tellus Lite V-Simulator...

Fuji Electric Tellus Lite V-Simulator security bypass | CVE-2023-5299

November 22, 2023

NAME__________Fuji Electric Tellus Lite V-Simulator security bypassPlatforms Affected:Fuji Electric Tellus Lite V-Simulator 4.0.18.0Risk Level:7.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Fuji Electric Tellus Lite V-Simulator...

AXIS OS security bypass | CVE-2023-5553

November 22, 2023

NAME__________AXIS OS security bypassPlatforms Affected:AXIS OS 10.8 AXIS OS 11.6Risk Level:7.6Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________AXIS OS could allow a physical attacker to...

Mitsubishi Electric GX Works2 denial of service | CVE-2023-5274

November 22, 2023

Duet Display code execution | CVE-2023-6235

November 22, 2023

NAME__________Duet Display code executionPlatforms Affected:Duet Duet Display 2.5.9.1Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Duet Display could allow a remote attacker to execute arbitrary...

Fuji Electric Tellus Lite V-Simulator buffer overflow | CVE-2023-35127

November 22, 2023

NAME__________Fuji Electric Tellus Lite V-Simulator buffer overflowPlatforms Affected:Fuji Electric Tellus Lite V-Simulator 4.0.18.0Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Fuji Electric Tellus Lite V-Simulator...

Month: November 2023

Auth.js next-auth information disclosure | CVE-2023-48309

Mozilla Firefox for iOS HTML injection | CVE-2023-49061

NearForm fast-jwt security bypass | CVE-2023-48223

Mozilla Firefox clickjacking | CVE-2023-6211

Mozilla Firefox clickjacking | CVE-2023-6206

Mozilla Firefox security bypass | CVE-2023-6208

Mozilla Firefox security bypass | CVE-2023-6210

Mitsubishi Electric GX Works2 denial of service | CVE-2023-5275

Mozilla Firefox directory traversal | CVE-2023-6209

Mozilla Firefox information disclosure | CVE-2023-6204

Fuji Electric Tellus Lite V-Simulator code execution | CVE-2023-40152

Fuji Electric Tellus Lite V-Simulator security bypass | CVE-2023-5299

AXIS OS security bypass | CVE-2023-5553

Mitsubishi Electric GX Works2 denial of service | CVE-2023-5274

Duet Display code execution | CVE-2023-6235

Fuji Electric Tellus Lite V-Simulator buffer overflow | CVE-2023-35127

Mozilla Firefox denial of service | CVE-2023-6205

ClearFake Campaign Expands to Deliver Atomic Stealer on Mac Systems

LockBit Ransomware Exploiting Critical Citrix Bleed Vulnerability to Break In

Black Friday deal: Get 50% off Malwarebytes Premium + Privacy VPN

Criminal IP Becomes VirusTotal IP and URL Scan Contributor

DarkGate and Pikabot malware emerge as Qakbot’s successors

Hacktivists breach U.S. nuclear research lab, steal employee data

Lumma malware can allegedly restore expired Google auth cookies

[HUNTERS] – Ransomware Victim: Dorner Law & Title Services

[AKIRA] – Ransomware Victim: H2OBX Waterpark

[AKIRA] – Ransomware Victim: HUTTER ACUSTIX

[AKIRA] – Ransomware Victim: Hager Group

[AKIRA] – Ransomware Victim: Travis Pruitt & Associates

You may have missed