CVE Alert: CVE-2024-50459
Vulnerability Summary: CVE-2024-50459 Missing Authorization vulnerability in HM Plugin WordPress Stripe Donation and Payment Plugin allows Exploiting Incorrectly Configured Access...
Month: October 2024
CVE Alert: CVE-2024-9990
Vulnerability Summary: CVE-2024-9990 The Crypto plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including,...
CVE Alert: CVE-2024-9989
Vulnerability Summary: CVE-2024-9989 The Crypto plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.15....
CVE Alert: CVE-2024-9988
Vulnerability Summary: CVE-2024-9988 The Crypto plugin for WordPress is vulnerable to authentication bypass in versions up to, and including, 2.15....
CVE Alert: CVE-2024-8587
Vulnerability Summary: CVE-2024-8587 A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a Heap Based...
CVE Alert: CVE-2024-50456
Vulnerability Summary: CVE-2024-50456 Missing Authorization vulnerability in The SEO Guys at SEOPress SEOPress allows Exploiting Incorrectly Configured Access Control Security...
CVE Alert: CVE-2024-50455
Vulnerability Summary: CVE-2024-50455 Missing Authorization vulnerability in The SEO Guys at SEOPress SEOPress allows Exploiting Incorrectly Configured Access Control Security...
CVE Alert: CVE-2024-50425
Vulnerability Summary: CVE-2024-50425 Exposure of Sensitive System Information to an Unauthorized Control Sphere vulnerability in Veribo, Roland Murg WP Booking...
CVE Alert: CVE-2024-50424
Vulnerability Summary: CVE-2024-50424 Missing Authorization vulnerability in Templately allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Templately: from...
CVE Alert: CVE-2024-10228
Vulnerability Summary: CVE-2024-10228 The Vagrant VMWare Utility Windows installer targeted a custom location with a non-protected path that could be...
[PLAYBOY] – Ransomware Victim: PlayBoy
Ransomware Group: PLAYBOY VICTIM NAME: PlayBoy NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
HackerOne Bug Bounty Disclosure: bypassing-hackerone-fa-due-to-race-condition-akashhamal-x
Company Name: HackerOne Company HackerOne URL: https://hackerone.com/security Submitted By:akashhamal0x01Link to Submitters Profile:https://hackerone.com/akashhamal0x01 Report Title:Bypassing HackerOne 2FA due to race conditionReport...
HackerOne Bug Bounty Disclosure: redos-vulnerability-in-http-accept-headers-parsing-dwisiswant
Company Name: Internet Bug Bounty Company HackerOne URL: https://hackerone.com/ibb Submitted By:dwisiswant0Link to Submitters Profile:https://hackerone.com/dwisiswant0 Report Title:ReDoS Vulnerability in HTTP Accept...
CISA: Fortinet Updates Guidance and Indicators of Compromise following FortiManager Vulnerability Exploitation
Fortinet Updates Guidance and Indicators of Compromise following FortiManager Vulnerability Exploitation Fortinet has updated their security advisory addressing a critical...
[FOG] – Ransomware Victim: Jillamy (jillamy[.]com)
Ransomware Group: FOG VICTIM NAME: Jillamy (jillamycom) NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
Opera Browser Fixes Big Security Hole That Could Have Exposed Your Information
A now-patched security flaw in the Opera web browser could have enabled a malicious extension to gain unauthorized, full access...
North Korean Group Collaborates with Play Ransomware in Significant Cyber Attack
Threat actors in North Korea have been implicated in a recent incident that deployed a known ransomware family called Play,...
Malvertising Campaign Hijacks Facebook Accounts to Spread SYS01stealer Malware
Cybersecurity researchers have uncovered an ongoing malvertising campaign that abuses Meta's advertising platform and hijacked Facebook accounts to distribute information...
[FOG] – Ransomware Victim: SmartSource (smartsource-inc[.]com)
Ransomware Group: FOG VICTIM NAME: SmartSource (smartsource-inccom) NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
[HANDALA] – Ransomware Victim: IM Cannabis
Ransomware Group: HANDALA VICTIM NAME: IM Cannabis NOTE: No files or stolen information are by RedPacket Security. Any legal issues...
CVE Alert: CVE-2024-50423
Vulnerability Summary: CVE-2024-50423 Missing Authorization vulnerability in Templately allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Templately: from...
CVE Alert: CVE-2024-50422
Vulnerability Summary: CVE-2024-50422 Missing Authorization vulnerability in Cloudways Breeze allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Breeze:...
CVE Alert: CVE-2024-7992
Vulnerability Summary: CVE-2024-7992 A maliciously crafted DWG file, when parsed through Autodesk AutoCAD and certain AutoCAD-based products, can force a...
CVE Alert: CVE-2024-8588
Vulnerability Summary: CVE-2024-8588 A maliciously crafted SLDPRT file when parsed in odxsw_dll.dll through Autodesk AutoCAD can force a Out-of-Bounds Read...
