NIST National Vulnerability Database Disruption Sees CVE Enrichment on Hold
Something mysterious is happening at the US National Institute of Standards and Technology (NIST) that could make many organizations vulnerable...
Month: March 2024
HSE Misconfiguration Exposed Over a Million Irish Citizens’ Vaccine Status
Protected health information and personal details of over a million Irish citizens were accidently exposed by the Ireland’s Health Service...
Sliver C2 Detected – 161[.]97[.]170[.]120:31337
The Information provided at the time of posting was detected as "Sliver C2". Depending on when you are viewing this...
Sliver C2 Detected – 159[.]100[.]22[.]133:31337
The Information provided at the time of posting was detected as "Sliver C2". Depending on when you are viewing this...
Sliver C2 Detected – 84[.]247[.]146[.]56:31337
The Information provided at the time of posting was detected as "Sliver C2". Depending on when you are viewing this...
CISA: Apple Released Security Updates for Multiple Products
Apple Released Security Updates for Multiple Products Apple released security updates to address vulnerabilities in Safari, macOS, watchOS, tvOS, and visionOS....
CISA: Microsoft Releases Security Updates for Multiple Products
Microsoft Releases Security Updates for Multiple Products Microsoft has released security updates to address vulnerabilities in multiple products. A cyber...
CISA: CISA Adds One Known Exploited JetBrains Vulnerability, CVE-2024-27198, to Catalog
CISA Adds One Known Exploited JetBrains Vulnerability, CVE-2024-27198, to Catalog CISA has added one new vulnerability to its Known Exploited Vulnerabilities...
CISA: Cisco Releases Security Updates for Secure Client
Cisco Releases Security Updates for Secure Client Cisco released security updates to address vulnerabilities in Cisco Secure Client and Secure...
CISA: CISA Publishes SCuBA Hybrid Identity Solutions Guidance
CISA Publishes SCuBA Hybrid Identity Solutions Guidance CISA has published Secure Cloud Business Applications (SCuBA) Hybrid Identity Solutions Guidance (HISG)...
CISA: Adobe Releases Security Updates for Multiple Products
Adobe Releases Security Updates for Multiple Products Adobe released security updates to address multiple vulnerabilities in Adobe software. A cyber...
CISA: CISA Releases One Industrial Control Systems Advisory
CISA Releases One Industrial Control Systems Advisory CISA released one Industrial Control Systems (ICS) advisory on March 12, 2024. These...
CISA: Fortinet Releases Security Updates for Multiple Products
Fortinet Releases Security Updates for Multiple Products Fortinet released security updates to address vulnerabilities in multiple Fortinet products. A cyber...
CISA: Cisco Releases Security Updates for IOS XR Software
Cisco Releases Security Updates for IOS XR Software Cisco released security updates to address vulnerabilities in Cisco IOS XR software....
CISA: CISA Releases Fifteen Industrial Control Systems Advisories
CISA Releases Fifteen Industrial Control Systems Advisories CISA released fifteen Industrial Control Systems (ICS) advisories on March 14, 2024. These...
HackerOne Bug Bounty Disclosure: github-app-link-takeover-listed-on-hxxps-docs-doppler-com-docs-github-actions-page-w-shi
Company Name: Doppler Company HackerOne URL: https://hackerone.com/doppler Submitted By:w3shiLink to Submitters Profile:https://hackerone.com/w3shi Report Title:Github app(link) Takeover Listed on "hXXps://docsdopplercom/docs/github-actions" pageReport...
Sliver C2 Detected – 162[.]120[.]71[.]48:31337
The Information provided at the time of posting was detected as "Sliver C2". Depending on when you are viewing this...
Critical Vulnerability in QNAP Products
QNAP has released security updates to address a critical vulnerability (CVE-2024-21899) affecting their QTS, QuTS hero, QuTScloud, and myQNAPcloud products....
Palo Alto Networks GlobalProtect app on Windows privilege escalation | CVE-2024-2432
NAME__________Palo Alto Networks GlobalProtect app on Windows privilege escalationPlatforms Affected:Palo Alto Networks GlobalProtect App on Windows 6.2 Palo Alto Networks...
Siemens SENTRON 7KM PAC3x20 information disclosure | CVE-2024-21483
NAME__________Siemens SENTRON 7KM PAC3x20 information disclosurePlatforms Affected:Siemens SENTRON 7KM PAC3120 AC/DC (7KM3120-0BA01-1DA0) 3.2.3 Siemens SENTRON 7KM PAC3120 DC (7KM3120-1BA01-1EA0) 3.2.3...
YourSpotify clickjacking | CVE-2024-28196
NAME__________YourSpotify clickjackingPlatforms Affected:YourSpotify YourSpotify 1.8.9 YourSpotify YourSpotify 1.8.8Risk Level:6.5Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________YourSpotify could allow a remote attacker to hijack the clicking...
IBM Integration Bus for z/OS cross-site request forgery | CVE-2024-27265
NAME__________IBM Integration Bus for z/OS cross-site request forgeryPlatforms Affected:IBM Integration Bus for z/OS 10.1 IBM Integration Bus for z/OS 10.1.0.3Risk...
Gacjie Server file upload | CVE-2024-2406
NAME__________Gacjie Server file uploadPlatforms Affected:Gacjie Server Gacjie Server 1.0 Gacjie Server Gacjie Server 0.9Risk Level:5.4Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Gacjie Server could allow...
YourSpotify information disclosure | CVE-2024-28193
NAME__________YourSpotify information disclosurePlatforms Affected:YourSpotify YourSpotify 1.7.9 YourSpotify YourSpotify 1.7.8Risk Level:6.5Exploitability:Proof of ConceptConsequences:Obtain Information DESCRIPTION__________YourSpotify could allow a remote authenticated attacker...
