Month: January 2024

PHPGurukul Company Visitor Management System cross-site scripting | CVE-2024-0652

January 22, 2024

NAME__________PHPGurukul Company Visitor Management System cross-site scriptingPlatforms Affected:PHPGurukul Company Visitor Management System 1.0Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________PHPGurukul Company Visitor Management System...

TianoCore EDK II information disclosure | US-CERT VU#132380

January 22, 2024

NAME__________TianoCore EDK II information disclosurePlatforms Affected:Risk Level:5.8Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________TianoCore EDK II could allow a remote attacker to obtain sensitive information,...

Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition unspecified | CVE-2024-20918

January 22, 2024

NAME__________Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition unspecifiedPlatforms Affected:Oracle GraalVM Enterprise Edition 22.3.2 Oracle GraalVM Enterprise...

Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition unspecified | CVE-2024-20926

January 22, 2024

NAME__________Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition unspecifiedPlatforms Affected:Oracle GraalVM Enterprise Edition 22.3.2 Oracle GraalVM Enterprise...

ZhiHuiYun server-side request forgery | CVE-2024-0649

January 22, 2024

NAME__________ZhiHuiYun server-side request forgeryPlatforms Affected:ZhiHuiYun ZhiHuiYun 4.4.13Risk Level:7.2Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________ZhiHuiYun is vulnerable to server-side request forgery, caused by a flaw...

Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition unspecified | CVE-2024-20932

January 22, 2024

NAME__________Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition unspecifiedPlatforms Affected:Oracle GraalVM Enterprise Edition 22.3.2 Oracle GraalVM Enterprise...

Sparksuite SimpleMDE cross-site scripting | CVE-2024-0647

January 22, 2024

NAME__________Sparksuite SimpleMDE cross-site scriptingPlatforms Affected:Sparksuite SimpleMDE 1.11.2Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Sparksuite SimpleMDE is vulnerable to cross-site scripting, caused by improper validation...

Plone CMS cross-frame scripting | CVE-2024-0669

January 22, 2024

NAME__________Plone CMS cross-frame scriptingPlatforms Affected:Plone Plone CMS 6.0.6Risk Level:6.3Exploitability:HighConsequences:Obtain Information DESCRIPTION__________Plone CMS is vulnerable to cross-frame scripting, caused by improper...

AtroCore AtroPIM cross-site scripting | CVE-2024-0696

January 22, 2024

NAME__________AtroCore AtroPIM cross-site scriptingPlatforms Affected:AtroCore AtroPIM 1.8.4Risk Level:6.1Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________AtroCore AtroPIM is vulnerable to cross-site scripting, caused by improper validation...

DeepFaceLab code execution | CVE-2024-0654

January 22, 2024

NAME__________DeepFaceLab code executionPlatforms Affected:DeepFaceLab DeepFaceLab pretrained DeepFaceLab DeepFaceLab DF.wf.288res.384.92.72.22Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________DeepFaceLab could allow a remote attacker to execute arbitrary...

Swftools denial of service | CVE-2024-22914

January 22, 2024

NAME__________Swftools denial of servicePlatforms Affected:SWFTools SWFTools 0.9.2Risk Level:4Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Swftools is vulnerable to a denial of service, caused by...

Swftools denial of service | CVE-2024-22919

January 22, 2024

Swftools denial of service | CVE-2024-22957

January 22, 2024

Swftools denial of service | CVE-2023-37644

January 22, 2024

Swftools denial of service | CVE-2024-22956

January 22, 2024

Swftools denial of service | CVE-2024-22920

January 22, 2024

Swftools denial of service | CVE-2024-22562

January 22, 2024

Swftools denial of service | CVE-2024-22911

January 22, 2024

Swftools denial of service | CVE-2024-22955

January 22, 2024

VMware vCenter Server Multiple Vulnerabilities

January 22, 2024

Multiple vulnerabilities were identified in VMware vCenter Server. A remote attacker could exploit some of these vulnerabilities to trigger sensitive information...

BianLian Ransomware Victim: Martinaire Aviation

January 22, 2024

BianLian Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...

Brave To End Strict Fingerprinting Protection As It Breaks Websites

January 22, 2024

Brave Software has announced plans to deprecate the 'Strict' fingerprinting protection mode in its privacy-focused Brave Browser because it causes...

Watch Out For I Cant Believe He Is Gone Facebook Phishing Posts

January 22, 2024

A widespread Facebook phishing campaign stating, "I can't believe he is gone. I'm gonna miss him so much," leads unsuspecting...

fc1a3fc81648ca92f2b53da06d972ea97fdef211081880dd43174db7584f5b74

Tietoevry Ransomware Attack Causes Outages For Swedish Firms Cities

January 22, 2024

Finnish IT services and enterprise cloud hosting provider Tietoevry has suffered a ransomware attack impacting cloud hosting customers in one...

Month: January 2024

PHPGurukul Company Visitor Management System cross-site scripting | CVE-2024-0652

TianoCore EDK II information disclosure | US-CERT VU#132380

Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition unspecified | CVE-2024-20918

Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition unspecified | CVE-2024-20926

ZhiHuiYun server-side request forgery | CVE-2024-0649

Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition unspecified | CVE-2024-20932

Sparksuite SimpleMDE cross-site scripting | CVE-2024-0647

Plone CMS cross-frame scripting | CVE-2024-0669

AtroCore AtroPIM cross-site scripting | CVE-2024-0696

DeepFaceLab code execution | CVE-2024-0654

Swftools denial of service | CVE-2024-22914

Swftools denial of service | CVE-2024-22919

Swftools denial of service | CVE-2024-22957

Swftools denial of service | CVE-2023-37644

Swftools denial of service | CVE-2024-22956

Swftools denial of service | CVE-2024-22920

Swftools denial of service | CVE-2024-22562

Swftools denial of service | CVE-2024-22911

Swftools denial of service | CVE-2024-22955

VMware vCenter Server Multiple Vulnerabilities

BianLian Ransomware Victim: Martinaire Aviation

Brave To End Strict Fingerprinting Protection As It Breaks Websites

Watch Out For I Cant Believe He Is Gone Facebook Phishing Posts

Tietoevry Ransomware Attack Causes Outages For Swedish Firms Cities

[LOCKBIT3] – Ransomware Victim: 9fsfalcons[.]org

[HUNTERS] – Ransomware Victim: SmartLynx Airlines SIA

[APT73] – Ransomware Victim: linebank[.]co[.]id

[CACTUS] – Ransomware Victim: galatachemicals[.]com

[FUNKSEC] – Ransomware Victim: kfar-yona[.]muni[.]il

You may have missed