Lazarus Subgroup Targeting Apple Devices with New RustBucket macOS Malware
A financially-motivated North Korean threat actor is suspected to be behind a new Apple macOS malware strain called RustBucket. "...
Year: 2023
Modernizing Vulnerability Management: The Move Toward Exposure Management
Managing vulnerabilities in the constantly evolving technological landscape is a difficult task. Although vulnerabilities emerge regularly, not all vulnerabilities present...
Google Cloud Introduces Security AI Workbench for Faster Threat Detection and Analysis
Google's cloud division is following in the footsteps of Microsoft with the launch of Security AI Workbench that leverages generative...
LockBit 3.0 Ransomware Victim: nagase[.]co[.]jp
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: ultimateimageprinting[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: abro[.]se
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: goforcloud[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
LockBit 3.0 Ransomware Victim: gruponutresa[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Piwigo SQL injection | CVE-2023-26876
NAME__________Piwigo SQL injectionPlatforms Affected:Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Piwigo is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements...
NVIDIA ConnectX-5 and ConnectX6-DX adapters denial of service | CVE-2023-0204
NAME__________NVIDIA ConnectX-5 and ConnectX6-DX adapters denial of servicePlatforms Affected:Risk Level:6.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________NVIDIA ConnectX-5 and ConnectX6-DX adapters is vulnerable to...
Repetier Server directory traversal | CVE-2023-31059
NAME__________Repetier Server directory traversalPlatforms Affected:Repetier Server Repetier Server 1.4.10Risk Level:7.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Repetier Server could allow a remote attacker to traverse...
NVIDIA DGX-1 code execution | CVE-2023-25507
NAME__________NVIDIA DGX-1 code executionPlatforms Affected:Risk Level:7.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________NVIDIA DGX-1 BMC could allow a remote authenticated attacker to execute arbitrary code...
NVIDIA DGX A100 code execution | CVE-2023-0202
NAME__________NVIDIA DGX A100 code executionPlatforms Affected:Risk Level:7.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________NVIDIA DGX A100 could allow a local authenticated attacker to execute arbitrary...
Progress Flowmon OS directory traversal | CVE-2023-26101
NAME__________Progress Flowmon OS directory traversalPlatforms Affected:Progress Flowmon OS 12.1.1Risk Level:7.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Progress Flowmon OS could allow a remote attacker to...
Progress Flowmon OS cross-site scripting | CVE-2023-26100
NAME__________Progress Flowmon OS cross-site scriptingPlatforms Affected:Progress Flowmon OS 12.1.1Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Progress Flowmon OS is vulnerable to cross-site scripting, caused...
NVIDIA ConnectX-5 and ConnectX6-DX adapters denial of service | CVE-2023-0203
NAME__________NVIDIA ConnectX-5 and ConnectX6-DX adapters denial of servicePlatforms Affected:Risk Level:5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________NVIDIA ConnectX-5 and ConnectX6-DX adapters is vulnerable to...
NVIDIA ConnectX-5 and ConnectX6-DX adapters denial of service | CVE-2023-0205
NAME__________NVIDIA ConnectX-5 and ConnectX6-DX adapters denial of servicePlatforms Affected:Risk Level:5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________NVIDIA ConnectX-5 and ConnectX6-DX adapters is vulnerable to...
NVIDIA DGX-1 code execution | CVE-2023-25509
NAME__________NVIDIA DGX-1 code executionPlatforms Affected:Risk Level:6Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________NVIDIA DGX-1 could allow a local authenticated attacker to execute arbitrary code on...
NVIDIA DGX-2 denial of service | CVE-2023-0207
NAME__________NVIDIA DGX-2 denial of servicePlatforms Affected:Risk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________NVIDIA DGX-2 is vulnerable to a denial of service, caused by...
NVIDIA DGX-1 file upload | CVE-2023-25508
NAME__________NVIDIA DGX-1 file uploadPlatforms Affected:Risk Level:6.7Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________NVIDIA DGX-1 could allow a remote attacker to upload arbitrary files, caused by...
NVIDIA DGX-1 buffer overflow | CVE-2023-25506
NAME__________NVIDIA DGX-1 buffer overflowPlatforms Affected:Risk Level:7.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________NVIDIA DGX-1 is vulnerable to a heap-based buffer overflow, caused by improper bounds...
NVIDIA DGX A100 privilege escalation | CVE-2023-0206
NAME__________NVIDIA DGX A100 privilege escalationPlatforms Affected:Risk Level:7.5Exploitability:UnprovenConsequences:Gain Privilege DESCRIPTION__________NVIDIA DGX A100 could allow a local authenticated attacker to gain elevated...
Mozilla Nunjucks cross-site scripting | CVE-2023-2142
NAME__________Mozilla Nunjucks cross-site scriptingPlatforms Affected:Mozilla Nunjucks 3.2.3Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Mozilla Nunjucks is vulnerable to cross-site scripting, caused by improper validation...
NVIDIA DGX-2 code execution | CVE-2023-0200
NAME__________NVIDIA DGX-2 code executionPlatforms Affected:Risk Level:7.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________NVIDIA DGX-2 could allow a local authenticated attacker to execute arbitrary code on...
