Vulnerabilities

Microsoft Windows TCP/IP denial of service | CVE-2023-38149

September 15, 2023

NAME__________Microsoft Windows TCP/IP denial of servicePlatforms Affected:Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows 10 x32 Microsoft...

Blackberry AtHoc Server SQL injection | CVE-2023-21521

September 15, 2023

NAME__________Blackberry AtHoc Server SQL injectionPlatforms Affected:BlackBerry AtHoc Server 7.15Risk Level:7.3Exploitability:UnprovenConsequences:Data Manipulation DESCRIPTION__________Blackberry AtHoc Server is vulnerable to SQL injection. A...

SAP S/4HANA denial of service | CVE-2023-41369

September 15, 2023

NAME__________SAP S/4HANA denial of servicePlatforms Affected:SAP S/4HANA 100 SAP S/4HANA 101 SAP S/4HANA 102 SAP S/4HANA 103 SAP S/4HANA 104...

Blackberry AtHoc Server information disclosure | CVE-2023-21520

September 15, 2023

NAME__________Blackberry AtHoc Server information disclosurePlatforms Affected:BlackBerry AtHoc Server 7.15Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Blackberry AtHoc Server could allow a remote attacker to...

Microsoft Windows TCP/IP information disclosure | CVE-2023-38160

September 15, 2023

NAME__________Microsoft Windows TCP/IP information disclosurePlatforms Affected:Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows 10 x32 Microsoft Windows...

Lenovo XClarity Controller (XCC) security bypass | CVE-2023-4606

September 15, 2023

NAME__________Lenovo XClarity Controller (XCC) security bypassPlatforms Affected:Lenovo XClarity Controller (XCC)Risk Level:7.5Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Lenovo XClarity Controller (XCC) could allow a remote...

Awesome Weather Widget Plugin for WordPress cross-site scripting | CVE-2023-4944

September 15, 2023

NAME__________Awesome Weather Widget Plugin for WordPress cross-site scriptingPlatforms Affected:WordPress Awesome Weather Widget plugin for WordPress 3.0.2Risk Level:6.4Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION__________Awesome Weather...

Lenovo XClarity Controller (XCC) privilege escalation | CVE-2023-4607

September 15, 2023

NAME__________Lenovo XClarity Controller (XCC) privilege escalationPlatforms Affected:Lenovo XClarity Controller (XCC)Risk Level:7.5Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Lenovo XClarity Controller (XCC) could allow a remote...

SAP S/4HANA open redirect | CVE-2023-40306

September 15, 2023

NAME__________SAP S/4HANA open redirectPlatforms Affected:SAP S/4HANA S4CORE 103 SAP S/4HANA S4CORE 104 SAP S/4HANA S4CORE 105 SAP S/4HANA S4CORE 106Risk...

Palo Alto Networks Cortex XDR Agent denial of service | CVE-2023-3280

September 15, 2023

NAME__________Palo Alto Networks Cortex XDR Agent denial of servicePlatforms Affected:Palo Alto Networks Cortex XDR Agent 5.0 Palo Alto Networks Cortex...

Proofpoint Insider Threat Management cross-site scripting | CVE-2023-4802

September 15, 2023

NAME__________Proofpoint Insider Threat Management cross-site scriptingPlatforms Affected:Proofpoint Insider Threat Management Server 7.11.0 Proofpoint Insider Threat Management Server 7.10.2 Proofpoint Insider...

Fortinet FortiManager and FortiAnalyzer information disclosure | CVE-2023-36638

September 15, 2023

NAME__________Fortinet FortiManager and FortiAnalyzer information disclosurePlatforms Affected:Fortinet FortiManager VM 6.2.0 Fortinet FortiManager 7.0.0 Fortinet FortiManager 6.4.0 Fortinet FortiManager 7.2.0 Fortinet...

Trellix Data Loss Prevention for Windows privilege escalation | CVE-2023-4814

September 15, 2023

NAME__________Trellix Data Loss Prevention for Windows privilege escalationPlatforms Affected:Trellix Data Loss Prevention for Windows 11.10Risk Level:7.1Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Trellix Data Loss...

Fortinet FortiWeb code execution | CVE-2023-34984

September 15, 2023

NAME__________Fortinet FortiWeb code executionPlatforms Affected:Fortinet FortiWeb 7.0.0 Fortinet FortiWeb 6.4 Fortinet FortiWeb 7.0.6 Fortinet FortiWeb 7.2.0 Fortinet FortiWeb 7.2.1 Fortinet...

Fortinet FortiPresence information disclosure | CVE-2023-27998

September 15, 2023

NAME__________Fortinet FortiPresence information disclosurePlatforms Affected:Fortinet FortiPresence 1.1 Fortinet FortiPresence 1.0 Fortinet FortiPresence 1.2.0 Fortinet FortiPresence 1.2.1Risk Level:5.3Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Fortinet FortiPresence...

SolarWinds Platform command execution | CVE-2023-23845

September 15, 2023

NAME__________SolarWinds Platform command executionPlatforms Affected:SolarWinds SolarWinds Platform 2023.3Risk Level:6.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________SolarWinds Platform could allow a remote authenticated attacker to execute...

Vulnerabilities

Microsoft Windows TCP/IP denial of service | CVE-2023-38149

Blackberry AtHoc Server SQL injection | CVE-2023-21521

SAP S/4HANA denial of service | CVE-2023-41369

Blackberry AtHoc Server information disclosure | CVE-2023-21520

Microsoft Windows TCP/IP information disclosure | CVE-2023-38160

Lenovo XClarity Controller (XCC) security bypass | CVE-2023-4606

Awesome Weather Widget Plugin for WordPress cross-site scripting | CVE-2023-4944

Lenovo XClarity Controller (XCC) privilege escalation | CVE-2023-4607

SAP S/4HANA open redirect | CVE-2023-40306

Palo Alto Networks Cortex XDR Agent denial of service | CVE-2023-3280

Proofpoint Insider Threat Management cross-site scripting | CVE-2023-4802

Fortinet FortiManager and FortiAnalyzer information disclosure | CVE-2023-36638

Trellix Data Loss Prevention for Windows privilege escalation | CVE-2023-4814

Fortinet FortiWeb code execution | CVE-2023-34984

Fortinet FortiPresence information disclosure | CVE-2023-27998

SolarWinds Platform command execution | CVE-2023-23845

PaperCut NG security bypass | CVE-2023-4568

Fortinet FortiTester command execution | CVE-2023-36642

Fortinet FortiTester information disclosure | CVE-2023-40717

Cecil directory traversal | CVE-2023-4914

Apache Commons Compress denial of service | CVE-2023-42503

Proofpoint Insider Threat Management Agent for MacOS man-in-the-middle | CVE-2023-4801

Fortinet FortiADC command execution | CVE-2022-35849

SolarWinds Platform command execution | CVE-2023-23840

CVE Alert: CVE-2025-0967

CVE Alert: CVE-2025-0970

CVE Alert: CVE-2024-0131

Unveiling the Shadows: Mastering Threat Hunting

[SPACEBEARS] – Ransomware Victim: Pineland community service board

You may have missed