Year: 2023

Linux Kernel denial of service | CVE-2023-3338

June 27, 2023

NAME__________Linux Kernel denial of servicePlatforms Affected:Linux Kernel 4.14 Linux Kernel 4.19 Linux Kernel 5.4 Linux Kernel 5.10 Linux Kernel 5.15Risk...

Game Result Matrix System SQL injection | CVE-2023-3383

June 27, 2023

NAME__________Game Result Matrix System SQL injectionPlatforms Affected:Sourcecodester Game Result Matrix System 1.0Risk Level:6.3Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Game Result Matrix System is vulnerable...

User Management components for Atlassian products cross-site scripting | CVE-2023-36662

June 27, 2023

NAME__________User Management components for Atlassian products cross-site scriptingPlatforms Affected:Atlassian User Management for Jira 2.0.0 Atlassian User Management for Confluence 2.0.0...

NVIDIA Jetson code execution | CVE-2023-25515

June 27, 2023

NAME__________NVIDIA Jetson code executionPlatforms Affected:NVIDIA Jetson Xavier NX NVIDIA Jetson AGX Xavier seriesRisk Level:7.1Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________NVIDIA Jetson could allow a...

JCVI command execution | CVE-2023-35932

June 27, 2023

NAME__________JCVI command executionPlatforms Affected:JCVI JCVI 1.3.4Risk Level:7.1Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________JCVI could allow a remote authenticated attacker to execute arbitrary commands on...

Shescape information disclosure | CVE-2023-35931

June 27, 2023

NAME__________Shescape information disclosurePlatforms Affected:Shescape Shescape 1.7.0Risk Level:3.1Exploitability:Proof of ConceptConsequences:Obtain Information DESCRIPTION__________Shescape could allow a remote authenticated attacker to obtain sensitive...

Game Result Matrix System cross-site scripting | CVE-2023-3382

June 27, 2023

NAME__________Game Result Matrix System cross-site scriptingPlatforms Affected:Sourcecodester Game Result Matrix System 1.0Risk Level:4.6Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Game Result Matrix System is vulnerable...

WAGO devices denial of service | CVE-2023-1619

June 27, 2023

NAME__________WAGO devices denial of servicePlatforms Affected:WAGO 750-8202 FW 22 WAGO 750-8203 FW 22 WAGO 750-8204 FW 22 WAGO 750-8206 FW...

Retro Cellphone Online Store SQL injection | CVE-2023-3396

June 27, 2023

NAME__________Retro Cellphone Online Store SQL injectionPlatforms Affected:CampCodes Retro Cellphone Online Store 1.0Risk Level:6.3Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________Retro Cellphone Online Store is vulnerable...

WAGO devices denial of service | CVE-2023-1150

June 27, 2023

NAME__________WAGO devices denial of servicePlatforms Affected:WAGO 750-823 FW 10 WAGO 750-332 FW 10 WAGO 750-862 FW 10 WAGO 750-890 FW...

Coupon Affiliates Plugin for WordPress cross-site scripting | CVE-2023-28992

June 27, 2023

NAME__________Coupon Affiliates Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Coupon Affiliates Plugin for WordPress 5.4.3Risk Level:7.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Coupon Affiliates Plugin for...

Optin Forms Plugin for WordPress cross-site scripting | CVE-2023-29434

June 27, 2023

NAME__________Optin Forms Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Optin Forms Plugin for WordPress 1.3.1Risk Level:5.9Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Optin Forms Plugin for...

TheRoof Theme for WordPress cross-site scripting | CVE-2023-29430

June 27, 2023

NAME__________TheRoof Theme for WordPress cross-site scriptingPlatforms Affected:WordPress TheRoof Theme for WordPress 1.0.3Risk Level:7.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________TheRoof Theme for WordPress is vulnerable...

Frame Shortcode Plugin for WordPress cross-site scripting | CVE-2023-29436

June 27, 2023

NAME__________Frame Shortcode Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Frame Shortcode Plugin for WordPress 1.0.5Risk Level:6.5Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Frame Shortcode Plugin for...

Cancel order request WooCommerce Plugin for WordPress cross-site scripting | CVE-2023-29423

June 27, 2023

NAME__________Cancel order request WooCommerce Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Cancel order request WooCommerce for WordPress 1.3.2Risk Level:5.9Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Cancel...

Apache Airflow ODBC Provider and MSSQL Provider information disclosure | CVE-2023-35798

June 27, 2023

NAME__________Apache Airflow ODBC Provider and MSSQL Provider information disclosurePlatforms Affected:Apache Airflow ODBC Provider 3.3.0 Apache Airflow MSSQL Provider 3.4.0Risk Level:4.3Exploitability:UnprovenConsequences:Obtain...

Conditional extra fees for woocommerce Plugin for WordPress cross-site scripting | CVE-2023-29093

June 27, 2023

NAME__________Conditional extra fees for woocommerce Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Conditional extra fees for woocommerce Plugin for WordPress 1.0.96Risk...

Apache Airflow ODBC Provider privilege escalation | CVE-2023-34395

June 27, 2023

NAME__________Apache Airflow ODBC Provider privilege escalationPlatforms Affected:Apache Airflow ODBC Provider 3.3.0Risk Level:7.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Apache Airflow ODBC Provider could allow a...

ShiftController Employee Shift Scheduling Plugin for WordPress cross-site scripting | CVE-2023-29424

June 27, 2023

NAME__________ShiftController Employee Shift Scheduling Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress ShiftController Employee Shift Scheduling Plugin for WordPress 4.9.23Risk Level:7.1Exploitability:HighConsequences:Cross-Site Scripting...

Year: 2023

Linux Kernel denial of service | CVE-2023-3338

Game Result Matrix System SQL injection | CVE-2023-3383

User Management components for Atlassian products cross-site scripting | CVE-2023-36662

NVIDIA Jetson code execution | CVE-2023-25515

JCVI command execution | CVE-2023-35932

Shescape information disclosure | CVE-2023-35931

Game Result Matrix System cross-site scripting | CVE-2023-3382

WAGO devices denial of service | CVE-2023-1619

Retro Cellphone Online Store SQL injection | CVE-2023-3396

WAGO devices denial of service | CVE-2023-1150

Coupon Affiliates Plugin for WordPress cross-site scripting | CVE-2023-28992

Optin Forms Plugin for WordPress cross-site scripting | CVE-2023-29434

TheRoof Theme for WordPress cross-site scripting | CVE-2023-29430

Frame Shortcode Plugin for WordPress cross-site scripting | CVE-2023-29436

Cancel order request WooCommerce Plugin for WordPress cross-site scripting | CVE-2023-29423

Apache Airflow ODBC Provider and MSSQL Provider information disclosure | CVE-2023-35798

Conditional extra fees for woocommerce Plugin for WordPress cross-site scripting | CVE-2023-29093

Apache Airflow ODBC Provider privilege escalation | CVE-2023-34395

ShiftController Employee Shift Scheduling Plugin for WordPress cross-site scripting | CVE-2023-29424

New Fortinet’s FortiNAC Vulnerability Exposes Networks to Code Execution Attacks

NOESCAPE Ransomware Victim: Cyril Johnston Hire

NOESCAPE Ransomware Victim: Promotion Fulfillment Center

NOESCAPE Ransomware Victim: Credit Team

BianLian Ransomware Victim: Hiberus Tecnología

Cobalt Strike Beacon Detected – 4[.]227[.]107[.]145:443

Cobalt Strike Beacon Detected – 67[.]205[.]131[.]83:443

Cobalt Strike Beacon Detected – 18[.]130[.]208[.]155:443

Cobalt Strike Beacon Detected – 154[.]9[.]254[.]157:444

CISA: CISA and US and International Partners Publish Guidance on Priority Considerations in Product Selection for OT Owners and Operators

You may have missed