Akira Ransomware Victim: Inventum Øst
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Month: November 2023
IBM CICS TX cross-site request forgery | CVE-2023-42027
NAME__________IBM CICS TX cross-site request forgeryPlatforms Affected:IBM TXSeries for Multiplatforms 8.1 IBM TXSeries for Multiplatforms 8.2 IBM TXSeries for Multiplatforms...
Hitachi Energy MACH System Software directory traversal | CVE-2023-2622
NAME__________Hitachi Energy MACH System Software directory traversalPlatforms Affected:Hitachi Energy MACH System Software 7.10.0.0 Hitachi Energy MACH System Software 7.18.0.0Risk Level:2.7Exploitability:UnprovenConsequences:Obtain...
IBM CICS TX privilege escalation | CVE-2023-43018
NAME__________IBM CICS TX privilege escalationPlatforms Affected:IBM CICS TX Standard 11.1 IBM CICS TX Advanced 11.1 IBM CICS TX Advanced 10.1Risk...
FOG Project FOG directory traversal | CVE-2023-46237
NAME__________FOG Project FOG directory traversalPlatforms Affected:FOGProject FOGProject 1.5.9Risk Level:5.8Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________FOG Project FOG could allow a remote attacker to traverse...
Carousel, Recent Post Slider and Banner Slider plugin for WordPress cross-site scripting | CVE-2023-5362
NAME__________Carousel, Recent Post Slider and Banner Slider plugin for WordPress cross-site scriptingPlatforms Affected:Spicethemes Carousel Recent Post Slider and Banner Slider...
PX4-Autopilot buffer overflow | CVE-2023-46256
NAME__________PX4-Autopilot buffer overflowPlatforms Affected:PX4 PX4-Autopilot 1.14.0-rc1Risk Level:4.4Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________PX4-Autopilot is vulnerable to a heap-based buffer overflow, caused by improper bounds...
IBM CICS TX cross-site scripting | CVE-2023-42029
NAME__________IBM CICS TX cross-site scriptingPlatforms Affected:IBM TXSeries for Multiplatforms 8.1 IBM TXSeries for Multiplatforms 8.2 IBM TXSeries for Multiplatforms 9.1...
MOXA NPort 6000 Series information disclosure | CVE-2023-5627
NAME__________MOXA NPort 6000 Series information disclosurePlatforms Affected:MOXA NPort 6000 Series 1.21Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________MOXA NPort 6000 Series could allow a...
Hitachi Energy MACH System Software directory traversal |
NAME__________Hitachi Energy MACH System Software directory traversalPlatforms Affected:Hitachi Energy MACH System Software 5 Hitachi Energy MACH System Software 6 Hitachi...
Pimcore Admin Classic Bundle cross-site scripting | CVE-2023-46722
NAME__________Pimcore Admin Classic Bundle cross-site scriptingPlatforms Affected:Pimcore Admin Classic Bundle 1.1.4 Pimcore Admin Classic Bundle 1.1.3 Pimcore Admin Classic Bundle...
UNISOC mobile phone chipsets for Android denial of service | CVE-2023-42750
NAME__________UNISOC mobile phone chipsets for Android denial of servicePlatforms Affected:Unisoc SC9863A Unisoc SC9832E Unisoc SC7731E Unisoc T610 Unisoc T606 Unisoc...
Bitrix24 information disclosure | CVE-2023-1719
NAME__________Bitrix24 information disclosurePlatforms Affected:Bitrix24 Bitrix24 22.0.300Risk Level:7.5Exploitability:Proof of ConceptConsequences:Obtain Information DESCRIPTION__________Bitrix24 could allow a remote attacker to obtain sensitive information,...
FUJIFILM and Xerox MFPs information disclosure | CVE-2023-46327
NAME__________FUJIFILM and Xerox MFPs information disclosurePlatforms Affected:https://securitydocs.business.xerox.com/wp-content/uploads/2023/11/XRX23-015_Security-Bulletin-for-Primelink-Versalink-and-WorkCentre-CVE-023-46327.pdfRisk Level:5.4Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________FUJIFILM Business Innovation Corp. and Xerox Corporation multifunction printers (MFPs) could...
IBM MQ Appliance privilege escalation | CVE-2023-46176
NAME__________IBM MQ Appliance privilege escalationPlatforms Affected:IBM MQ Appliance 9.3.CDRisk Level:6.7Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________IBM MQ Appliance 9.3 CD could allow a local...
Paragraphs admin module for Drupal security bypass |
NAME__________Paragraphs admin module for Drupal security bypassPlatforms Affected:Drupal Paragraphs admin module for Drupal 8.x-1.4Risk Level:5.8Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Paragraphs admin module for...
Insyde InsydeH2O buffer overflow | CVE-2023-39281
NAME__________Insyde InsydeH2O buffer overflowPlatforms Affected:Insyde InsydeH2O 5.0Risk Level:4.1Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Insyde InsydeH2O is vulnerable to a stack-based buffer overflow, caused by...
GPAC heap-based buffer overflow | CVE-2023-46931
NAME__________GPAC heap-based buffer overflowPlatforms Affected:GPAC GPAC 2.3-DEV-rev605-gfc9e29089-masterRisk Level:5.3Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________GPAC is vulnerable to a heap-based buffer overflow, caused...
Bitrix24 denial of service | CVE-2023-1718
NAME__________Bitrix24 denial of servicePlatforms Affected:Bitrix24 Bitrix24 22.0.300Risk Level:7.5Exploitability:Proof of ConceptConsequences:Denial of Service DESCRIPTION__________Bitrix24 is vulnerable to a denial of service,...
IBM Content Navigator server-side request forgery | CVE-2023-35896
NAME__________IBM Content Navigator server-side request forgeryPlatforms Affected:IBM Content Navigator 3.0.13Risk Level:5.4Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________IBM Content Navigator 3.0.13 is vulnerable to server-side...
Mattermost Desktop information disclosure | CVE-2023-5875
NAME__________Mattermost Desktop information disclosurePlatforms Affected:Mattermost Mattermost Desktop 5.5.0Risk Level:3.7Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Mattermost Desktop could allow a remote attacker to obtain sensitive...
Online Examination System open redirect | CVE-2023-45202
NAME__________Online Examination System open redirectPlatforms Affected:Risk Level:6.1Exploitability:Proof of ConceptConsequences:Other DESCRIPTION__________Online Examination System could allow a remote attacker to conduct phishing...
Devolutions Server information disclosure | CVE-2023-5358
NAME__________Devolutions Server information disclosurePlatforms Affected:Devolutions Devolutions Server 2023.2.10.0Risk Level:4.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Devolutions Server could allow a remote authenticated attacker to obtain...
Devolutions Remote Desktop Manager Windows security bypass | CVE-2023-5765
NAME__________Devolutions Remote Desktop Manager Windows security bypassPlatforms Affected:Devolutions Remote Desktop Manager Windows 2023.2.33Risk Level:4.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Devolutions Remote Desktop Manager Windows...
