LockBit 3.0 Ransomware Victim: scmh[.]org[.]tw
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Year: 2023
Beauty Salon Management System cross-site scripting | CVE-2023-3886
NAME__________Beauty Salon Management System cross-site scriptingPlatforms Affected:CampCodes Beauty Salon Management System 1.0Risk Level:3.5Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Beauty Salon Management System is vulnerable...
Certifi unspecified | CVE-2023-37920
NAME__________Certifi unspecifiedPlatforms Affected:Certifi Certifi 2023.05.07Risk Level:7.5Exploitability:UnprovenConsequences:Unknown DESCRIPTION__________An unspecified error with the removal of e-Tugra root certificate in Certifi has an...
copyparty cross-site scripting | CVE-2023-38501
NAME__________copyparty cross-site scriptingPlatforms Affected:copyparty copyparty 1.8.6Risk Level:6.3Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________copyparty is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
DataEase cross-site scripting | CVE-2023-37257
NAME__________DataEase cross-site scriptingPlatforms Affected:DataEase DataEase 1.18.6 DataEase DataEase 1.18.7 DataEase DataEase 1.18.8Risk Level:5.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________DataEase is vulnerable to cross-site scripting,...
Apptainer security bypass | CVE-2023-38496
NAME__________Apptainer security bypassPlatforms Affected:Apptainer Apptainer 1.2.0-rc.2 Apptainer Apptainer 1.2.0Risk Level:6.1Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Apptainer could allow a remote attacker to bypass security...
Gallagher Command Centre Server security bypass | CVE-2023-22428
NAME__________Gallagher Command Centre Server security bypassPlatforms Affected:Gallagher Command Centre Server 8.50 Gallagher Command Centre Server 8.40 Gallagher Command Centre Server...
AMD Ryzen, Gen AMD EPYC Processors information disclosure | CVE-2023-20593
NAME__________AMD Ryzen, Gen AMD EPYC Processors information disclosurePlatforms Affected:AMD 2nd Generation EPYC AMD Ryzen 3000 series Desktop processors AMD Ryzen...
Gallagher Command Centre Server security bypass | CVE-2023-23568
NAME__________Gallagher Command Centre Server security bypassPlatforms Affected:Gallagher Command Centre Server 8.50 Gallagher Command Centre Server 8.40 Gallagher Command Centre Server...
Nokia NetAct cross-site scripting | CVE-2022-28867
NAME__________Nokia NetAct cross-site scriptingPlatforms Affected:Nokia NetAct 22.0.0.62Risk Level:5.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Nokia NetAct is vulnerable to cross-site scripting, caused by improper validation...
Nokia NetAct cross-site scripting | CVE-2022-28865
NAME__________Nokia NetAct cross-site scriptingPlatforms Affected:Nokia NetAct 22.0.0.62Risk Level:5.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Nokia NetAct is vulnerable to cross-site scripting, caused by improper validation...
Gallagher Command Centre Server denial of service | CVE-2023-22363
NAME__________Gallagher Command Centre Server denial of servicePlatforms Affected:Gallagher Command Centre Server 8.80Risk Level:6.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Gallagher Command Centre Server is...
Nokia NetAct file upload | CVE-2022-28863
NAME__________Nokia NetAct file uploadPlatforms Affected:Nokia NetAct 22.0.0.62Risk Level:7.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Nokia NetAct could allow a remote authenticated attacker to upload arbitrary...
Apple macOS, iOS and iPadOS security bypass | CVE-2023-38606
NAME__________Apple macOS, iOS and iPadOS security bypassPlatforms Affected:Apple iOS 16.5.1 Apple iPadOS 16.5.1 Apple macOS Ventura 13.4.1 Apple iOS 15.7.7...
Cryptomator privilege escalation | CVE-2023-37907
NAME__________Cryptomator privilege escalationPlatforms Affected:Cryptomator Cryptomator 1.9.1Risk Level:7Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Cryptomator could allow a local authenticated attacker to gain elevated privileges on...
Gallagher Command Centre Server security bypass | CVE-2023-25074
NAME__________Gallagher Command Centre Server security bypassPlatforms Affected:Gallagher Command Centre Server 8.50 Gallagher Command Centre Server 8.40 Gallagher Command Centre Server...
JetBrains TeamCity privilege escalation | CVE-2023-39173
NAME__________JetBrains TeamCity privilege escalationPlatforms Affected:JetBrains TeamCity 2018.2.1 JetBrains TeamCity 2018.2.2 JetBrains TeamCity 2019.1.1 JetBrains TeamCity 2018.2.4 JetBrains TeamCity 2023.05Risk Level:5.4Exploitability:UnprovenConsequences:Gain...
JetBrains TeamCity denial of service | CVE-2023-39174
NAME__________JetBrains TeamCity denial of servicePlatforms Affected:JetBrains TeamCity 2018.2.1 JetBrains TeamCity 2018.2.2 JetBrains TeamCity 2019.1.1 JetBrains TeamCity 2018.2.4 JetBrains TeamCity 2023.05Risk...
JetBrains TeamCity cross-site scripting | CVE-2023-39175
NAME__________JetBrains TeamCity cross-site scriptingPlatforms Affected:JetBrains TeamCity 2018.2.1 JetBrains TeamCity 2018.2.2 JetBrains TeamCity 2019.1.1 JetBrains TeamCity 2018.2.4 JetBrains TeamCity 2023.05Risk Level:4.6Exploitability:UnprovenConsequences:Cross-Site...
TYPO3 CORE information disclosure | CVE-2023-38499
NAME__________TYPO3 CORE information disclosurePlatforms Affected:TYPO3 TYPO3 12.4.3 TYPO3 TYPO3 11.5.29 TYPO3 TYPO3 10.4.38 TYPO3 TYPO3 9.5.41Risk Level:3.7Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________TYPO3 CORE...
Dell ECS Streamer information disclosure | CVE-2023-32468
NAME__________Dell ECS Streamer information disclosurePlatforms Affected:Dell ECS Streamer 2.0.7 Dell ECS Streamer 2.0.6Risk Level:5.8Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Dell ECS Streamer could allow...
Sentry information disclosure | CVE-2023-36826
NAME__________Sentry information disclosurePlatforms Affected:Sentry Sentry 23.5.1 Sentry Sentry 23.5.0Risk Level:7.7Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Sentry could allow a remote authenticated attacker to obtain...
Nokia NetAct code execution | CVE-2022-28864
NAME__________Nokia NetAct code executionPlatforms Affected:Nokia NetAct 22.0.0.62Risk Level:7.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Nokia NetAct could allow a remote authenticated attacker to execute arbitrary...
Lawyer cross-site scripting | CVE-2023-3945
NAME__________Lawyer cross-site scriptingPlatforms Affected:phpscriptpoint Lawyer 1.6Risk Level:3.5Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________Lawyer is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
