Akira Ransomware Victim: SmartWave Technologi es
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Month: December 2023
SIEGEDSEC Ransomware Victim:
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
QNAP QTS and QuTS hero buffer overflow | CVE-2023-32968
NAME__________QNAP QTS and QuTS hero buffer overflowPlatforms Affected:QNAP QTS QNAP QuTS heroRisk Level:4.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________QNAP QTS and QuTS hero is...
Welcart e-Commerce plugin for WordPress directory traversal | CVE-2023-6120
NAME__________Welcart e-Commerce plugin for WordPress directory traversalPlatforms Affected:WordPress Welcart e-Commerce plugin for WordPress 2.8.21 WordPress Welcart e-Commerce plugin for WordPress...
Simple Student Attendance System SQL injection | CVE-2023-6619
NAME__________Simple Student Attendance System SQL injectionPlatforms Affected:Sourcecodester Simple Student Attendance System 1.0Risk Level:5.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Simple Student Attendance System is vulnerable...
Supermicro BMC IPMI directory traversal | CVE-2023-33411
NAME__________Supermicro BMC IPMI directory traversalPlatforms Affected:Supermicro BMC IPMIRisk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Supermicro BMC IPMI could allow a remote attacker to traverse...
linkding cross-site scripting | CVE-2023-6646
NAME__________linkding cross-site scriptingPlatforms Affected:linkding linkding 1.23.0Risk Level:3.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________linkding is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
Linux Kernel denial of service | CVE-2023-6679
NAME__________Linux Kernel denial of servicePlatforms Affected:Linux KernelRisk Level:4.4Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Linux Kernel is vulnerable to a denial of service, caused...
SAP Fiori Launchpad information disclosure | CVE-2023-49584
NAME__________SAP Fiori Launchpad information disclosurePlatforms Affected:SAP Fiori Launchpad SAP_UI 750 SAP Fiori Launchpad SAP_UI 754 SAP Fiori Launchpad SAP_UI 755...
SAP NetWeaver AS ABAP and ABAP Platform SQL injection | CVE-2023-49581
NAME__________SAP NetWeaver AS ABAP and ABAP Platform SQL injectionPlatforms Affected:SAP NetWeaver AS ABAP SAP_BASIS 731 SAP NetWeaver AS ABAP SAP_BASIS...
SAP Master Data Governance directory traversal | CVE-2023-49058
NAME__________SAP Master Data Governance directory traversalPlatforms Affected:SAP Master Data Governance 748 SAP Master Data Governance 749 SAP Master Data Governance...
SAP Cloud Connector denial of service | CVE-2023-49578
NAME__________SAP Cloud Connector denial of servicePlatforms Affected:SAP Cloud Connector 2.0Risk Level:3.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________SAP Cloud Connector is vulnerable to a...
VMware Workspace ONE Launcher privilege escalation | CVE-2023-34064
NAME__________VMware Workspace ONE Launcher privilege escalationPlatforms Affected:VMware Workspace ONE Launcher 22.0 VMware Workspace ONE Launcher 23.0Risk Level:6.3Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________VMware Workspace...
Lenovo Universal Device Client (UDC) privilege escalation | CVE-2023-6338
NAME__________Lenovo Universal Device Client (UDC) privilege escalationPlatforms Affected:Lenovo Universal Device Client 23.9Risk Level:7.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Lenovo Universal Device Client (UDC) could...
SAP BusinessObjects Web Intelligence cross-site scripting | CVE-2023-42476
NAME__________SAP BusinessObjects Web Intelligence cross-site scriptingPlatforms Affected:SAP Business Objects Web Intelligence 420Risk Level:6.8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________SAP BusinessObjects Web Intelligence is vulnerable...
SAP GUI for Windows and GUI for Java information disclosure | CVE-2023-49580
NAME__________SAP GUI for Windows and GUI for Java information disclosurePlatforms Affected:SAP GUI for Windows SAP_BASIS 755 SAP GUI for Windows...
SAP Emarsys SDK for Android security bypass | CVE-2023-6542
NAME__________SAP Emarsys SDK for Android security bypassPlatforms Affected:SAP Emarsys SDK for Android 3.6.2Risk Level:7.1Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________SAP Emarsys SDK for Android...
SAP Biller Direct cross-site scripting | CVE-2023-42479
NAME__________SAP Biller Direct cross-site scriptingPlatforms Affected:SAP Biller Direct 635 SAP Biller Direct 750Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________SAP Biller Direct is vulnerable...
SAP HCM cross-site scripting | CVE-2023-49577
NAME__________SAP HCM cross-site scriptingPlatforms Affected:SAP HCM S4HCMCIE 100 SAP HCM SAP_HRCIE 600 SAP HCM SAP_HRCIE 604 SAP HCM SAP_HRCIE 608Risk...
Zoom Mobile App for iOS and SDKs for iOS information disclosure | CVE-2023-43585
NAME__________Zoom Mobile App for iOS and SDKs for iOS information disclosurePlatforms Affected:Zoom Zoom Meeting SDK for Android Zoom Mobile App...
Zoom Desktop Client for Windows, Zoom VDI Client for Windows and Zoom SDKs for Windows privilege escalation | CVE-2023-43586
NAME__________Zoom Desktop Client for Windows, Zoom VDI Client for Windows and Zoom SDKs for Windows privilege escalationPlatforms Affected:Zoom VDI Client...
Mattermost Server security bypass | CVE-2023-6547
NAME__________Mattermost Server security bypassPlatforms Affected:Mattermost Mattermost Server 8.1.5 Mattermost Mattermost Server 9.2.1Risk Level:3.7Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Mattermost Server could allow a remote...
Microsoft Windows USBHUB 3.0 Device Driver code execution | CVE-2023-35629
NAME__________Microsoft Windows USBHUB 3.0 Device Driver code executionPlatforms Affected:Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows 10...
Microsoft Edge (Chromium-based) information disclosure | CVE-2023-38174
NAME__________Microsoft Edge (Chromium-based) information disclosurePlatforms Affected:Microsoft Edge (Chromium-based)Risk Level:4.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Microsoft Edge (Chromium-based) could allow a remote attacker to obtain...
