CISA: 2023 CWE Top 25 Most Dangerous Software Weaknesses
2023 CWE Top 25 Most Dangerous Software Weaknesses The Homeland Security Systems Engineering and Development Institute, sponsored by the Department...
Year: 2023
CISA: CISA Releases Three Industrial Control Systems Advisories
CISA Releases Three Industrial Control Systems Advisories CISA has released three Industrial Control Systems (ICS) advisories on July 6, 2023....
CISA: Progress Software Releases Service Pack for MOVEit Transfer Vulnerabilities
Progress Software Releases Service Pack for MOVEit Transfer Vulnerabilities Progress Software has released a Service Pack to address three newly...
CISA: Mozilla Releases Security Advisories for Thunderbird, Firefox, and Firefox ESR
Mozilla Releases Security Advisories for Thunderbird, Firefox, and Firefox ESR Mozilla has released security advisories to address vulnerabilities in Thunderbird,...
CISA: CISA and Partners Release Joint Cybersecurity Advisory on Newly Identified Truebot Malware Variants
CISA and Partners Release Joint Cybersecurity Advisory on Newly Identified Truebot Malware Variants Today, the Cybersecurity and Infrastructure Security Agency...
CISA: CISA Adds One Known Vulnerability to Catalog
CISA Adds One Known Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
US-CERT Vulnerability Summary for the Week of June 26, 2023
High VulnerabilitiesPrimary Vendor -- ProductDescriptionPublishedCVSS ScoreSource & Patch Infoapple -- mac_os_xA use after free issue was addressed with improved memory...
Blacklist3r – Accumulate Secret Keys / Secret Materials Related To Various Web Frameworks
The goal of this project is to accumulate the secret keys / secret materials related to various web frameworks, that...
Akira Ransomware Victim: 4LEAF, Inc
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Mediatek Android denial of service | CVE-2023-20690
NAME__________Mediatek Android denial of servicePlatforms Affected:MediaTek AndroidRisk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Mediatek Android is vulnerable to a denial of service, caused...
Mediatek Android privilege escalation | CVE-2023-20753
NAME__________Mediatek Android privilege escalationPlatforms Affected:MediaTek AndroidRisk Level:6.7Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Mediatek Android could allow a local authenticated attacker to gain elevated privileges...
Mediatek Android privilege escalation | CVE-2023-20755
NAME__________Mediatek Android privilege escalationPlatforms Affected:MediaTek AndroidRisk Level:6.7Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Mediatek Android could allow a local authenticated attacker to gain elevated privileges...
Mediatek Android privilege escalation | CVE-2023-20754
NAME__________Mediatek Android privilege escalationPlatforms Affected:MediaTek AndroidRisk Level:6.7Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Mediatek Android could allow a local authenticated attacker to gain elevated privileges...
Mediatek Android denial of service | CVE-2023-20693
NAME__________Mediatek Android denial of servicePlatforms Affected:MediaTek AndroidRisk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Mediatek Android is vulnerable to a denial of service, caused...
Node.js @fastify/oauth2 cross-site request forgery | CVE-2023-35935
NAME__________Node.js @fastify/oauth2 cross-site request forgeryPlatforms Affected:Node.js @fastify/oauth2 2.6.9 Node.js @fastify/oauth2 2.6.8Risk Level:7.4Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Node.js @fastify/oauth2 is vulnerable to cross-site request...
Milesight UR32L zebra vlan_name functionality command execution | CVE-2023-25582
NAME__________Milesight UR32L zebra vlan_name functionality command executionPlatforms Affected:Milesight UR32L 32.3.0.5Risk Level:7.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Milesight UR32L could allow a remote authenticated attacker...
Mediatek Android denial of service | CVE-2023-20692
NAME__________Mediatek Android denial of servicePlatforms Affected:MediaTek AndroidRisk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Mediatek Android is vulnerable to a denial of service, caused...
Mediatek Android privilege escalation | CVE-2023-20756
NAME__________Mediatek Android privilege escalationPlatforms Affected:MediaTek AndroidRisk Level:6.7Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Mediatek Android could allow a local authenticated attacker to gain elevated privileges...
Mediatek Android denial of service | CVE-2023-20691
NAME__________Mediatek Android denial of servicePlatforms Affected:MediaTek AndroidRisk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Mediatek Android is vulnerable to a denial of service, caused...
Mediatek Android privilege escalation | CVE-2023-20757
NAME__________Mediatek Android privilege escalationPlatforms Affected:MediaTek AndroidRisk Level:6.7Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Mediatek Android could allow a local authenticated attacker to gain elevated privileges...
Mediatek Android denial of service | CVE-2023-20758
NAME__________Mediatek Android denial of servicePlatforms Affected:MediaTek AndroidRisk Level:4.4Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Mediatek Android is vulnerable to a denial of service, caused...
Milesight UR32L libzebra.so bridge_group functionality command execution | CVE-2023-22306
NAME__________Milesight UR32L libzebra.so bridge_group functionality command executionPlatforms Affected:Milesight UR32L 32.3.0.5Risk Level:7.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Milesight UR32L could allow a remote authenticated attacker...
Milesight UR32L libzebra.so change_hostname command execution | CVE-2023-22659
NAME__________Milesight UR32L libzebra.so change_hostname command executionPlatforms Affected:Milesight UR32L 32.3.0.5Risk Level:7.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Milesight UR32L could allow a remote authenticated attacker to...
Mastodon denial of service | CVE-2023-36461
NAME__________Mastodon denial of servicePlatforms Affected:Mastodon Mastodon 4.1.2 Mastodon Mastodon 4.0.4 Mastodon Mastodon 3.5.8Risk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Mastodon is vulnerable to...
