CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
Year: 2023
CISA: Mozilla Releases Security Updates for Firefox and Thunderbird
Mozilla Releases Security Updates for Firefox and Thunderbird Mozilla has released security updates to address vulnerabilities in Firefox and Thunderbird....
US-CERT Vulnerability Summary for the Week of November 13, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infocheckpoint -- endpoint_securityLocal attacker can escalate privileges on affected installations of Check...
Iac-Scan-Runner – Service That Scans Your Infrastructure As Code For Common Vulnerabilities
Service that scans your Infrastructure as Code for common vulnerabilities. Aspect Information Tool name IaC Scan Runner Docker image xscanner/runner...
Cybercriminals Using Telekopye Telegram Bot to Craft Phishing Scams on a Grand Scale
More details have emerged about a malicious Telegram bot called Telekopye that's used by threat actors to pull off large-scale...
Hamas-Linked Cyberattacks Using Rust-Powered SysJoker Backdoor Against Israel
Cybersecurity researchers have shed light on a Rust version of a cross-platform backdoor called SysJoker, which is assessed to have...
Tell Me Your Secrets Without Telling Me Your Secrets
The title of this article probably sounds like the caption to a meme. Instead, this is an actual problem GitGuardian's...
Akira Ransomware Victim: Custom Engineering & Fabrication, Inc[.]
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Akira Ransomware Victim: IQ Supply Solutions
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Akira Ransomware Victim: Alspec
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
LockBit 3.0 Ransomware Victim: des-ae[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: unidesign-jewel[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Headwind MDM Web panel cross-site scripting | CVE-2023-47314
NAME__________Headwind MDM Web panel cross-site scriptingPlatforms Affected:Headwind MDM Web panel 5.22.1Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Headwind MDM Web panel is vulnerable to...
OpenHarmony security bypass | CVE-2023-3116
NAME__________OpenHarmony security bypassPlatforms Affected:Risk Level:7.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________OpenHarmony could allow a local attacker to bypass security restrictions, caused by an incorrect...
M-Files server security bypass | CVE-2023-6189
NAME__________M-Files server security bypassPlatforms Affected:M-Files M-Files ServerRisk Level:4.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________M-Files server could allow a remote authenticated attacker to bypass security...
M-Files server denial of service | CVE-2023-6117
NAME__________M-Files server denial of servicePlatforms Affected:M-Files M-Files ServerRisk Level:5.7Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________M-Files server is vulnerable to a denial of service,...
PubyDoc Plugin for WordPress cross-site scripting | CVE-2023-4970
NAME__________PubyDoc Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress PubyDoc Plugin for WordPress 2.0.6Risk Level:4.8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________PubyDoc Plugin for WordPress is vulnerable...
Botanik Software Pharmacy Automation information disclosure | CVE-2023-5983
NAME__________Botanik Software Pharmacy Automation information disclosurePlatforms Affected:Botanik Software Pharmacy AutomationRisk Level:7.2Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Botanik Software Pharmacy Automation could allow a remote...
OpenReplay cross-site scripting | CVE-2023-48226
NAME__________OpenReplay cross-site scriptingPlatforms Affected:Risk Level:4.3Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________OpenReplay is vulnerable to cross-site scripting, caused by improper validation of user-supplied input. A...
Headwind MDM Web panel security bypass | CVE-2023-47312
NAME__________Headwind MDM Web panel security bypassPlatforms Affected:Headwind MDM Web panel 5.22.1Risk Level:4.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Headwind MDM Web panel could allow a...
Headwind MDM Web panel default account | CVE-2023-47315
NAME__________Headwind MDM Web panel default accountPlatforms Affected:Headwind MDM Web panel 5.22.1Risk Level:7.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Headwind MDM Web panel contains default hardcoded...
DECE Software Geodi cross-site scripting | CVE-2023-6011
NAME__________DECE Software Geodi cross-site scriptingPlatforms Affected:DECE Software GeodiRisk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________DECE Software Geodi is vulnerable to cross-site scripting, caused by...
Apache Storm information disclosure | CVE-2023-43123
NAME__________Apache Storm information disclosurePlatforms Affected:Risk Level:5.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Apache Storm could allow a local authenticated attacker to obtain sensitive information, caused...
Headwind MDM Web panel information disclosure | CVE-2023-47316
NAME__________Headwind MDM Web panel information disclosurePlatforms Affected:Headwind MDM Web panel 5.22.1Risk Level:4.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Headwind MDM Web panel could allow a...
