MISP unspecified | CVE-2023-48655
NAME__________MISP unspecifiedPlatforms Affected:MISP MISP 2.4.167 MISP MISP 2.4.168 MISP MISP 2.4.169 MISP MISP 2.4.171 MISP MISP 2.4.172 MISP MISP 2.4.174...
Year: 2023
OpenNDS Captive Portal weak security | CVE-2023-38324
NAME__________OpenNDS Captive Portal weak securityPlatforms Affected:OpenNDS Captive Portal 10.1.1 OpenNDS Captive Portal 10.1.0 OpenNDS Captive Portal 9.10.0Risk Level:6.5Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________OpenNDS...
Code Projects Inventory Management SQL injection | CVE-2023-46581
NAME__________Code Projects Inventory Management SQL injectionPlatforms Affected:Code Projects Inventory Management 1.0Risk Level:5.4Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Code Projects Inventory Management is vulnerable to...
OpenNDS Captive Portal denial of service | CVE-2023-38320
NAME__________OpenNDS Captive Portal denial of servicePlatforms Affected:OpenNDS Captive Portal 10.1.1 OpenNDS Captive Portal 10.1.0 OpenNDS Captive Portal 9.10.0Risk Level:5.3Exploitability:UnprovenConsequences:Denial of...
NEC CLUSTERPRO X, NEC EXPRESSCLUSTER X, NEC CLUSTERPRO X SingleServerSafe, and NEC EXPRESSCLUSTER X SingleServerSafe file upload | CVE-2023-39548
NAME__________NEC CLUSTERPRO X, NEC EXPRESSCLUSTER X, NEC CLUSTERPRO X SingleServerSafe, and NEC EXPRESSCLUSTER X SingleServerSafe file uploadPlatforms Affected:NEC CLUSTERPRO X...
OpenNDS Captive Portal denial of service | CVE-2023-38314
NAME__________OpenNDS Captive Portal denial of servicePlatforms Affected:OpenNDS Captive Portal 10.1.1 OpenNDS Captive Portal 10.1.0 OpenNDS Captive Portal 9.10.0Risk Level:5.3Exploitability:UnprovenConsequences:Denial of...
Dreamer CMS cross-site request forgery | CVE-2023-48020
NAME__________Dreamer CMS cross-site request forgeryPlatforms Affected:I Teach You Dreamer CMS 4.1.3Risk Level:4.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Dreamer CMS is vulnerable to cross-site request...
NEC CLUSTERPRO X, NEC EXPRESSCLUSTER X, NEC CLUSTERPRO X SingleServerSafe, and NEC EXPRESSCLUSTER X SingleServerSafe command execution | CVE-2023-39545
NAME__________NEC CLUSTERPRO X, NEC EXPRESSCLUSTER X, NEC CLUSTERPRO X SingleServerSafe, and NEC EXPRESSCLUSTER X SingleServerSafe command executionPlatforms Affected:NEC CLUSTERPRO X...
OpenNDS Captive Portal denial of service | CVE-2023-38313
NAME__________OpenNDS Captive Portal denial of servicePlatforms Affected:OpenNDS Captive Portal 10.1.1 OpenNDS Captive Portal 10.1.0 OpenNDS Captive Portal 9.10.0Risk Level:3.7Exploitability:UnprovenConsequences:Denial of...
Code Projects Inventory Management SQL injection | CVE-2023-46582
NAME__________Code Projects Inventory Management SQL injectionPlatforms Affected:Code Projects Inventory Management 1.0Risk Level:3.8Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Code Projects Inventory Management is vulnerable to...
NEC CLUSTERPRO X, NEC EXPRESSCLUSTER X, NEC CLUSTERPRO X SingleServerSafe, and NEC EXPRESSCLUSTER X SingleServerSafe command execution | CVE-2023-39546
NAME__________NEC CLUSTERPRO X, NEC EXPRESSCLUSTER X, NEC CLUSTERPRO X SingleServerSafe, and NEC EXPRESSCLUSTER X SingleServerSafe command executionPlatforms Affected:NEC CLUSTERPRO X...
MISP unspecified | CVE-2023-48657
NAME__________MISP unspecifiedPlatforms Affected:MISP MISP 2.4.167 MISP MISP 2.4.168 MISP MISP 2.4.169 MISP MISP 2.4.171 MISP MISP 2.4.172 MISP MISP 2.4.174...
MISP unspecified | CVE-2023-48659
NAME__________MISP unspecifiedPlatforms Affected:MISP MISP 2.4.167 MISP MISP 2.4.168 MISP MISP 2.4.169 MISP MISP 2.4.171 MISP MISP 2.4.172 MISP MISP 2.4.174...
Russian Cyber Espionage Group Deploys LitterDrifter USB Worm in Targeted Attacks
Russian cyber espionage actors affiliated with the Federal Security Service (FSB) have been observed using a USB propagating worm called...
An RFC on IoCs – playing our part in international standards
An RFC on IoCs – playing our part in international standards In August 2023, the IETF published the document Indicators...
British Library: Ongoing outage caused by ransomware attack
The British Library confirmed that a ransomware attack is behind a major outage that is still affecting services across several...
Google: Hackers exploited Zimbra zero-day in attacks on govt orgs
Google's Threat Analysis Group (TAG) has discovered that threat actors exploited a zero-day vulnerability in Zimbra Collaboration email server to steal sensitive...
Bloomberg Crypto X account snafu leads to Discord phishing attack
Image: Bloomberg Crypto The official Twitter account for Bloomberg Crypto was used earlier today to redirect users to a deceptive...
The Week in Ransomware – November 17th 2023 – Citrix in the Crosshairs
Ransomware gangs target exposed Citrix Netscaler devices using a publicly available exploit to breach large organizations, steal data, and encrypt...
CISA warns of actively exploited Windows, Sophos, and Oracle bugs
The U.S. Cybersecurity & Infrastructure Security Agency has added to its catalog of known exploited vulnerabilities (KEV) three security issues...
Yamaha Motor confirms ransomware attack on Philippines subsidiary
Yamaha Motor's Philippines motorcycle manufacturing subsidiary was hit by a ransomware attack last month, resulting in the theft and leak...
FBI Lifts the Lid on Notorious Scattered Spider Group
The FBI and the Cybersecurity and Infrastructure Security Agency (CISA) have released a detailed cybersecurity advisory on the sophisticated Scattered...
British Library: Ransomware Recovery Could Take Months
One of the world’s largest libraries has confirmed it was hit by a ransomware attack on October 28, and that...
Royal Mail to Spend £10m on Ransomware Remediation
Royal Mail has revealed a multimillion-pound cost attached to a serious ransomware breach it suffered earlier this year.The British postal...
