CISA: Mozilla Releases Security Updates for Firefox and Thunderbird
Mozilla Releases Security Updates for Firefox and Thunderbird Mozilla released security updates to address vulnerabilities in Firefox, Firefox ESR, and...
Month: February 2024
CISA: CISA Adds Two Known Exploited Vulnerabilities to Catalog
CISA Adds Two Known Exploited Vulnerabilities to Catalog CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
BlackCat/ALPHV Ransomware Victim: Austen Consultants
BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
BlackCat/ALPHV Ransomware Victim: KHSS (You have 3 days)
BlackCat / ALPHV Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the...
CISA: CISA, EPA, and FBI Release Top Cyber Actions for Securing Water Systems
CISA, EPA, and FBI Release Top Cyber Actions for Securing Water Systems Today, CISA, the Environmental Protection Agency (EPA), and...
Black Basta Ransomware Victim: dasteam[.]ch
Black Basta Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
CISA: Mozilla Releases Security Updates for Firefox and Thunderbird
Mozilla Releases Security Updates for Firefox and Thunderbird Mozilla released security updates to address vulnerabilities in Firefox, Firefox ESR, and...
TOTOLINK X5000R denial of service | CVE-2024-25468
NAME__________TOTOLINK X5000R denial of servicePlatforms Affected:TOTOLINK X5000R 9.1.0u.6369_B20230113Risk Level:5.3Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________TOTOLINK X5000R is vulnerable to a denial of service....
alf.io weak security | CVE-2024-25628
NAME__________alf.io weak securityPlatforms Affected:Alf.io alf.io 2.0-M4-2304Risk Level:7.6Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________alf.io could provide weaker than expected security, caused by insufficient session expiration....
Tongda OA delete.php SQL injection | CVE-2024-25320
NAME__________Tongda OA delete.php SQL injectionPlatforms Affected:Tongda OA 11.9 Tongda OA 2017Risk Level:6.5Exploitability:HighConsequences:Data Manipulation DESCRIPTION__________Tongda OA is vulnerable to SQL injection....
Honeywell Niagara Framework on Windows, Linux and QNX denial of service | CVE-2024-1309
NAME__________Honeywell Niagara Framework on Windows, Linux and QNX denial of servicePlatforms Affected:Honeywell Niagara Framework 3.8 Honeywell Niagara Framework 4.0Risk Level:7.5Exploitability:UnprovenConsequences:Denial...
REDAXO code execution | CVE-2024-25298
NAME__________REDAXO code executionPlatforms Affected:REDAXO REDAXO 5.15.1Risk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________REDAXO could allow a remote authenticated attacker to execute arbitrary code on...
alf.io security bypass | CVE-2024-25634
NAME__________alf.io security bypassPlatforms Affected:Alf.io alf.io 2.0-M4-2304Risk Level:7.2Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________alf.io could allow a remote authenticated attacker to bypass security restrictions, caused...
alf.io cross-site scripting | CVE-2024-25627
NAME__________alf.io cross-site scriptingPlatforms Affected:Alf.io alf.io 2.0-M4-2304Risk Level:3.5Exploitability:UnprovenConsequences:Cross-Site Scripting DESCRIPTION__________alf.io is vulnerable to cross-site scripting, caused by improper validation of user-supplied...
Bludit CMS edit-content.php cross-site scripting | CVE-2024-25297
NAME__________Bludit CMS edit-content.php cross-site scriptingPlatforms Affected:Bludit Bludit CMS 3.15Risk Level:4.6Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Bludit CMS is vulnerable to cross-site scripting, caused by...
Open-MSS directory traversal | CVE-2024-25123
NAME__________Open-MSS directory traversalPlatforms Affected:Open-MSS MSS 8.3.2 Open-MSS MSS 5.0.0Risk Level:7.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Open-MSS could allow a remote attacker to traverse directories...
Moodle denial of service | CVE-2024-25978
NAME__________Moodle denial of servicePlatforms Affected:Moodle Moodle 4.1 Moodle Moodle 4.2 Moodle Moodle 4.3 Moodle Moodle 4.1.8 Moodle Moodle 4.2.5 Moodle...
Moodle security bypass | CVE-2024-25983
NAME__________Moodle security bypassPlatforms Affected:Moodle Moodle 4.1 Moodle Moodle 4.2 Moodle Moodle 4.3 Moodle Moodle 4.1.8 Moodle Moodle 4.2.5 Moodle Moodle...
Huawei HarmonyOS and EMUI denial of service | CVE-2023-52367
NAME__________Huawei HarmonyOS and EMUI denial of servicePlatforms Affected:Huawei EMUI 12.0.0 Huawei EMUI 13.0.0 Huawei HarmonyOS 2.0.0 Huawei HarmonyOS 2.1.0 Huawei...
Misskey file upload | CVE-2024-25636
NAME__________Misskey file uploadPlatforms Affected:Misskey Misskey 2023.12.2 Misskey Misskey 2024.1Risk Level:7.1Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Misskey could allow a remote authenticated attacker to upload...
PrestaShop directory traversal | CVE-2024-26129
NAME__________PrestaShop directory traversalPlatforms Affected:PrestaShop PrestaShop 8.1.0 PrestaShop PrestaShop 8.1.1 PrestaShop PrestaShop 8.1.2 PrestaShop PrestaShop 8.1.3Risk Level:5.8Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________PrestaShop could allow...
Moodle weak security | CVE-2024-25979
NAME__________Moodle weak securityPlatforms Affected:Moodle Moodle 4.1 Moodle Moodle 4.2 Moodle Moodle 4.3 Moodle Moodle 4.1.8 Moodle Moodle 4.2.5 Moodle Moodle...
Moodle cross-site request forgery | CVE-2024-25982
NAME__________Moodle cross-site request forgeryPlatforms Affected:Moodle Moodle 4.1 Moodle Moodle 4.2 Moodle Moodle 4.3 Moodle Moodle 4.1.8 Moodle Moodle 4.2.5 Moodle...
Moodle information disclosure | CVE-2024-25980
NAME__________Moodle information disclosurePlatforms Affected:Moodle Moodle 4.1 Moodle Moodle 4.2 Moodle Moodle 4.3 Moodle Moodle 4.1.8 Moodle Moodle 4.2.5 Moodle Moodle...
