LockBit 3.0 Ransomware Victim: sogebank[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Year: 2023
LockBit 3.0 Ransomware Victim: suncoast-chc[.]org
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Milesight routers information disclosure | CVE-2023-43261
NAME__________Milesight routers information disclosurePlatforms Affected:Milesight UR32L 32.3.0.5 Milesight UR5X 35.3.0.6 Milesight UR32 35.3.0.6 Milesight UR35 35.3.0.6 Milesight UR41 35.3.0.6Risk Level:7.5Exploitability:Proof...
Personal Management System file upload | CVE-2023-43838
NAME__________Personal Management System file uploadPlatforms Affected:Volmarg Personal Management System 1.4.64Risk Level:5.3Exploitability:UnprovenConsequences:File Manipulation DESCRIPTION__________Personal Management System could allow a remote attacker...
IBM Robotic Process Automation privilege escalation | CVE-2023-43058
NAME__________IBM Robotic Process Automation privilege escalationPlatforms Affected:IBM Robotic Process Automation 23.0.9Risk Level:5.3Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________IBM Robotic Process Automation 23.0.9 is vulnerable...
D-Link DIR-846 code execution | CVE-2023-43284
NAME__________D-Link DIR-846 code executionPlatforms Affected:D-Link DIR-846 100A53DBR-RetailRisk Level:6.3Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________D-Link DIR-846 could allow a remote authenticated attacker to...
Swifty Bar, sticky bar by WPGens plugin for WordPress cross-site scripting | CVE-2023-41737
NAME__________Swifty Bar, sticky bar by WPGens plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Swifty Bar sticky bar by WPGens Plugin for...
WideStand cross-site scripting | CVE-2023-4090
NAME__________WideStand cross-site scriptingPlatforms Affected:Acilia WideStand 5.3.5 Acilia WideStand 5.3.4Risk Level:5.4Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________WideStand is vulnerable to cross-site scripting, caused by improper...
MuseScore buffer overflow | CVE-2023-44428
NAME__________MuseScore buffer overflowPlatforms Affected:MuseScore MuseScoreRisk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________MuseScore is vulnerable to a heap-based buffer overflow, caused by improper bounds checking...
Ministry of Health, Labour and Welfare FD Application XML external entity injection | CVE-2023-42132
NAME__________Ministry of Health, Labour and Welfare FD Application XML external entity injectionPlatforms Affected:Ministry of Health Labour and Welfare FD Application...
IBM Security Directory Suite information disclosure | CVE-2022-33160
NAME__________IBM Security Directory Suite information disclosurePlatforms Affected:IBM Security Directory Suite 8.0.1Risk Level:3.7Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________IBM Security Directory Suite 8.0.1 uses weaker...
IBM Jazz Foundation information disclosure | CVE-2022-34355
NAME__________IBM Jazz Foundation information disclosurePlatforms Affected:IBM Engineering Lifecycle Management Base 7.0 IBM Engineering Lifecycle Management Base 7.0.1 IBM Engineering Lifecycle...
Milesight routers cross-site scripting | CVE-2023-43260
NAME__________Milesight routers cross-site scriptingPlatforms Affected:Milesight UR32L 32.3.0.5 Milesight UR5X 35.3.0.6 Milesight UR32 35.3.0.6 Milesight UR35 35.3.0.6 Milesight UR41 35.3.0.6Risk Level:6.1Exploitability:UnprovenConsequences:Cross-Site...
Dell EMC SmartFabric software packages command execution | CVE-2023-43069
NAME__________Dell EMC SmartFabric software packages command executionPlatforms Affected:Dell EMC SmartFabric Storage Software Debian package for ESXi or Linux KVM 1.4.0...
Pigcms file upload | CVE-2023-43269
NAME__________Pigcms file uploadPlatforms Affected:Pigcms Pigcms 7.0 Pigcms Pigcms 6.9Risk Level:7.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Pigcms could allow a remote attacker to upload arbitrary...
Dell EMC SmartFabric software packages command execution | CVE-2023-43068
NAME__________Dell EMC SmartFabric software packages command executionPlatforms Affected:Dell EMC SmartFabric Storage Software Debian package for ESXi or Linux KVM 1.4.0...
Dell EMC SmartFabric software packages directory traversal | CVE-2023-43070
NAME__________Dell EMC SmartFabric software packages directory traversalPlatforms Affected:Dell EMC SmartFabric Storage Software Debian package for ESXi or Linux KVM 1.4.0...
Dell EMC SmartFabric software packages security bypass | CVE-2023-43073
NAME__________Dell EMC SmartFabric software packages security bypassPlatforms Affected:Dell EMC SmartFabric Storage Software Debian package for ESXi or Linux KVM 1.4.0...
Dell EMC SmartFabric software packages HTML injection | CVE-2023-43071
NAME__________Dell EMC SmartFabric software packages HTML injectionPlatforms Affected:Dell EMC SmartFabric Storage Software Debian package for ESXi or Linux KVM 1.4.0...
HP Enterprise LaserJet, LaserJet Managed printers cross-site scripting | CVE-2023-5113
NAME__________HP Enterprise LaserJet, LaserJet Managed printers cross-site scriptingPlatforms Affected:HP Color LaserJet Enterprise MFP M577 HP Color LaserJet Enterprise Flow MFP...
Dell EMC SmartFabric software packages command execution | CVE-2023-43072
NAME__________Dell EMC SmartFabric software packages command executionPlatforms Affected:Dell EMC SmartFabric Storage Software Debian package for ESXi or Linux KVM 1.4.0...
FTC warns of ‘staggering’ losses to social media scams since 2021
The Federal Trade Commission says Americans have lost at least $2.7 billion to social media scams since 2021, with the...
Genetics firm 23andMe says user data stolen in credential stuffing attack
23andMe has confirmed to BleepingComputer that it is aware of user data from its platform circulating on hacker forums and attributes...
MGM Resorts ransomware attack led to $100 million loss, data theft
MGM Resorts reveals that last month's cyberattack cost the company $100 million and allowed the hackers to steal customers' personal...
