CISA: CISA Adds Three Known Exploited Vulnerabilities to Catalog
CISA Adds Three Known Exploited Vulnerabilities to Catalog CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based...
Month: March 2024
CISA: CISA Adds One Known Exploited Vulnerability to Catalog
CISA Adds One Known Exploited Vulnerability to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities Catalog, based...
HackerOne Bug Bounty Disclosure: cve-quic-certificate-check-bypass-with-wolfssl-fullmetal
Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:fullmetal5Link to Submitters Profile:https://hackerone.com/fullmetal5 Report Title:CVE-2024-2379: QUIC certificate check bypass with wolfSSLReport...
HackerOne Bug Bounty Disclosure: xss-in-gocd-analytics-plugin-redyetihacks
Company Name: GoCD Company HackerOne URL: https://hackerone.com/gocd Submitted By:redyetihacksLink to Submitters Profile:https://hackerone.com/redyetihacks Report Title:XSS in GOCD Analytics PluginReport Link:https://hackerone.com/reports/2433634Date Submitted:27...
HackerOne Bug Bounty Disclosure: cve-tls-certificate-check-bypass-with-mbedtls-frankyueh
Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:frankyuehLink to Submitters Profile:https://hackerone.com/frankyueh Report Title:CVE-2024-2466: TLS certificate check bypass with mbedTLSReport...
HackerOne Bug Bounty Disclosure: cve-http-push-headers-memory-leak-w-x
Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:w0x42Link to Submitters Profile:https://hackerone.com/w0x42 Report Title:CVE-2024-2398: HTTP/2 push headers memory-leakReport Link:https://hackerone.com/reports/2402845Date Submitted:27...
HackerOne Bug Bounty Disclosure: http-push-promise-dos-w-x
Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:w0x42Link to Submitters Profile:https://hackerone.com/w0x42 Report Title:HTTP/2 PUSH_PROMISE DoSReport Link:https://hackerone.com/reports/2402853Date Submitted:27 March 2024...
HackerOne Bug Bounty Disclosure: cve-ocsp-verification-bypass-with-tls-session-reuse-kurohiro
Company Name: Internet Bug Bounty Company HackerOne URL: https://hackerone.com/ibb Submitted By:kurohiroLink to Submitters Profile:https://hackerone.com/kurohiro Report Title:CVE-2024-0853: OCSP verification bypass with...
HackerOne Bug Bounty Disclosure: cve-usage-of-disabled-protocol-dfandrich
Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:dfandrichLink to Submitters Profile:https://hackerone.com/dfandrich Report Title:CVE-2024-2004: Usage of disabled protocolReport Link:https://hackerone.com/reports/2384833Date Submitted:27...
CISA: Apple Released Security Updates for Safari and macOS
Apple Released Security Updates for Safari and macOS Apple released security updates to address a vulnerability (CVE-2024-1580) in Safari and macOS....
Play Ransomware Victim: Tbr Kowalczyk
Play News Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Play Ransomware Victim: Festspielhaus Baden-Baden
Play News Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Play Ransomware Victim: JM Thompson
Play News Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Play Ransomware Victim: West Monroe
Play News Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Play Ransomware Victim: Weld Plus
Play News Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Play Ransomware Victim: Frawner
Play News Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Play Ransomware Victim: Quality Enclosures
Play News Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Play Ransomware Victim: Lambda Energy Resources
Play News Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Play Ransomware Victim: Hartz
Play News Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Play Ransomware Victim: Alber Law Group
Play News Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Play Ransomware Victim: Lawrence Semiconductor Research Laboratory
Play News Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Akira Ransomware Victim: Tanis Brush
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Akira Ransomware Victim: Koi Design
NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of the files...
Twenty server-side request forgery | CVE-2024-28435
NAME__________Twenty server-side request forgeryPlatforms Affected:Twenty PBC Twenty 0.3.0Risk Level:7.3Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION__________Twenty is vulnerable to server-side request forgery, caused...
