Month: November 2023

CISA

CISA: CISA Adds Six Known Exploited Vulnerabilities to Catalog

November 14, 2023

CISA Adds Six Known Exploited Vulnerabilities to Catalog CISA has added six new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...

CISA

CISA: CISA Releases Four Industrial Control Systems Advisories

November 14, 2023

CISA Releases Four Industrial Control Systems Advisories CISA released four Industrial Control Systems (ICS) advisories on November 9, 2023. These...

CISA

CISA: CISA, NSA, and Partners Release New Guidance on Securing the Software Supply Chain

November 14, 2023

CISA, NSA, and Partners Release New Guidance on Securing the Software Supply Chain Today, CISA, the National Security Agency (NSA),...

CISA

CISA: CISA Releases Update to Royal Ransomware Advisory

November 14, 2023

CISA Releases Update to Royal Ransomware Advisory Today, the Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security...

CISA

CISA: ACSC and CISA Release Business Continuity in a Box

November 14, 2023

ACSC and CISA Release Business Continuity in a Box Today, the Australian Signals Directorate’s Australian Cyber Security Centre (ASD's ACSC)...

Helix Core denial of service | CVE-2023-5759

November 14, 2023

NAME__________Helix Core denial of servicePlatforms Affected:Helix Helix CoreRisk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Helix Core is vulnerable to a denial of service,...

Helix Core denial of service | CVE-2023-45319

November 14, 2023

Helix Core denial of service | CVE-2023-35767

November 14, 2023

Palo Alto Networks Cortex XSOAR privilege escalation | CVE-2023-3282

November 14, 2023

NAME__________Palo Alto Networks Cortex XSOAR privilege escalationPlatforms Affected:Palo Alto Networks Cortex XSOAR 6.10Risk Level:6.4Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Palo Alto Networks Cortex XSOAR...

Advanced iFrame plugin for WordPress cross-site scripting | CVE-2023-4775

November 14, 2023

NAME__________Advanced iFrame plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Advanced iFrame Plugin for WordPress 2023.8Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Advanced iFrame plugin for...

Telit products information disclosure | CVE-2023-47616

November 14, 2023

NAME__________Telit products information disclosurePlatforms Affected:Telit Cinterion BGS5 Telit Cinterion EHS5 Telit Cinterion EHS6 Telit Cinterion ELS61 Telit Cinterion PLS62 Telit...

Ivanti Secure Access Client privilege escalation | CVE-2023-35080

November 14, 2023

NAME__________Ivanti Secure Access Client privilege escalationPlatforms Affected:Ivanti Secure Access Client 22.6Risk Level:7.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Ivanti Secure Access Client could allow a...

Telit products information disclosure | CVE-2023-47615

November 14, 2023

NAME__________Telit products information disclosurePlatforms Affected:Telit Cinterion BGS5 Telit Cinterion EHS5 Telit Cinterion EHS6 Telit Cinterion ELS61 Telit Cinterion PLS62 Telit...

Telit products security bypass | CVE-2023-47612

November 14, 2023

NAME__________Telit products security bypassPlatforms Affected:Telit Cinterion BGS5 Telit Cinterion EHS5 Telit Cinterion EHS6 Telit Cinterion ELS61 Telit Cinterion PLS62 Telit...

AsyncSSH security bypass | CVE-2023-46445

November 14, 2023

NAME__________AsyncSSH security bypassPlatforms Affected:AsyncSSH AsyncSSH 2.14.0Risk Level:5.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________AsyncSSH could allow a remote attacker to bypass security restrictions, caused by...

Month: November 2023

CISA: CISA Adds Six Known Exploited Vulnerabilities to Catalog

CISA: CISA Releases Four Industrial Control Systems Advisories

CISA: CISA, NSA, and Partners Release New Guidance on Securing the Software Supply Chain

CISA: CISA Releases Update to Royal Ransomware Advisory

CISA: ACSC and CISA Release Business Continuity in a Box

Helix Core denial of service | CVE-2023-5759

Helix Core denial of service | CVE-2023-45319

Helix Core denial of service | CVE-2023-35767

Palo Alto Networks Cortex XSOAR privilege escalation | CVE-2023-3282

Advanced iFrame plugin for WordPress cross-site scripting | CVE-2023-4775

Telit products information disclosure | CVE-2023-47616

Ivanti Secure Access Client privilege escalation | CVE-2023-35080

Telit products information disclosure | CVE-2023-47615

Telit products security bypass | CVE-2023-47612

AsyncSSH security bypass | CVE-2023-46445

Ivanti Secure Access Client security bypass | CVE-2023-38544

Telit products directory traversal |

Top 10 Plugin Plugin for WordPress cross-site request forgery | CVE-2023-47238

WP Google My Business Auto Publish plugin for WordPress cross-site request forgery | CVE-2023-47237

Ivanti Secure Access Client privilege escalation | CVE-2023-41718

Fuji Electric V-Server and V-Server Lite code execution |

Ivanti Secure Access Client denial of service | CVE-2023-38043

EnBw SENEC legacy storage box security bypass | CVE-2023-39171

Ivanti Secure Access Client denial of service | CVE-2023-38543

UK Shoppers Warned: Over £11.5m Lost to Scammers Last Christmas

FTC Reports 50% Decline in Scam and Nuisance Calls Since 2021

BeaverTail Phishing Campaign: The Threat of North Korean IT Workers

Phishing Scam Alert: Fake Donald Trump Assassination Story Circulating

Increase in DocuSign Phishing Attacks Targeting US State Contractors

You may have missed