Vulnerabilities

Jenkins External Monitor Job Type Plugin information disclosure | CVE-2023-37942

July 13, 2023

NAME__________Jenkins External Monitor Job Type Plugin information disclosurePlatforms Affected:Jenkins External Monitor Job Type Plugin 206.v9a_94ff0b_4a_10Risk Level:7.1Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Jenkins External Monitor...

Juniper Networks Junos OS denial of service | CVE-2023-36832

July 13, 2023

NAME__________Juniper Networks Junos OS denial of servicePlatforms Affected:Juniper Networks Junos OSRisk Level:7.5Exploitability:UnprovenConsequences:Denial of Service DESCRIPTION__________Juniper Networks Junos OS is vulnerable...

Jenkins Test Results Aggregator Plugin cross-site request forgery | CVE-2023-37955

July 13, 2023

NAME__________Jenkins Test Results Aggregator Plugin cross-site request forgeryPlatforms Affected:Jenkins Test Results Aggregator Plugin 1.2.13Risk Level:4.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Jenkins Test Results Aggregator...

Apache Airflow Hive Provider command execution | CVE-2023-37415

July 13, 2023

NAME__________Apache Airflow Hive Provider command executionPlatforms Affected:Apache Airflow Hive Provider 6.1.1Risk Level:6.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Apache Airflow Hive Provider could allow a...

Jenkins Oracle Cloud Infrastructure Compute Plugin man-in-the-middle | CVE-2023-37948

July 13, 2023

NAME__________Jenkins Oracle Cloud Infrastructure Compute Plugin man-in-the-middlePlatforms Affected:Jenkins Oracle Cloud Infrastructure Compute Plugin 1.0.16Risk Level:4.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Jenkins Oracle Cloud Infrastructure...

Dassault Systemes SolidWorks buffer overflow |

July 13, 2023

NAME__________Dassault Systemes SolidWorks buffer overflowPlatforms Affected:Dassault Systemes SolidWorksRisk Level:7.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Dassault Systemes SolidWorks is vulnerable to a heap-based buffer overflow,...

Jenkins ElasticBox CI Plugin security bypass | CVE-2023-37965

July 13, 2023

NAME__________Jenkins ElasticBox CI Plugin security bypassPlatforms Affected:Jenkins ElasticBox CI Plugin 5.0.1Risk Level:4.3Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION__________Jenkins ElasticBox CI Plugin could allow a...

Jenkins Rebuilder Plugin cross-site request forgery | CVE-2023-37954

July 13, 2023

NAME__________Jenkins Rebuilder Plugin cross-site request forgeryPlatforms Affected:Jenkins Rebuilder Plugin 320.v5a_0933a_e7d61Risk Level:4.3Exploitability:UnprovenConsequences:Gain Access DESCRIPTION__________Jenkins Rebuilder Plugin is vulnerable to cross-site request...

Juniper Networks Junos OS denial of service | CVE-2023-36831

July 13, 2023

NAME__________Juniper Networks Junos OS denial of servicePlatforms Affected:Juniper Networks Junos OS Juniper Networks Junos OS 22.2 Juniper Networks Junos OS...

Dassault Systemes SolidWorks buffer overflow | CVE-2023-2763

July 13, 2023

Juniper Networks Junos OS and Junos OS Evolved denial of service | CVE-2023-36836

July 13, 2023

NAME__________Juniper Networks Junos OS and Junos OS Evolved denial of servicePlatforms Affected:Juniper Networks Junos OS Evolved Juniper Networks Junos OS...

Adobe InDesign information disclosure | CVE-2023-29315

July 12, 2023

NAME__________Adobe InDesign information disclosurePlatforms Affected:Adobe InDesign ID18.3 Adobe InDesign ID17.4.1Risk Level:5.5Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION__________Adobe InDesign could allow a remote attacker to...

Microsoft Defender privilege escalation | CVE-2023-33156

July 12, 2023

NAME__________Microsoft Defender privilege escalationPlatforms Affected:Microsoft Malware Protection EngineRisk Level:6.3Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Microsoft Defender could allow a local authenticated attacker to gain...

Zoom Rooms privilege escalation | CVE-2023-34118

July 12, 2023

NAME__________Zoom Rooms privilege escalationPlatforms Affected:Zoom Zoom Rooms 5.14.4Risk Level:7.3Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION__________Zoom Rooms could allow a local authenticated attacker to gain...

Microsoft Windows Kernel privilege escalation | CVE-2023-35356

July 12, 2023

NAME__________Microsoft Windows Kernel privilege escalationPlatforms Affected:Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows 10 1809 for x64-based Systems...

Sensormatic Electronics iSTAR security bypass | CVE-2023-3127

July 12, 2023

NAME__________Sensormatic Electronics iSTAR security bypassPlatforms Affected:Sensormatic Electronics iSTAR Ultra and iSTAR Ultra LT Sensormatic Electronics iSTAR Ultra G2 and iSTAR...

Microsoft Windows Common Log File System Driver privilege escalation | CVE-2023-35299

July 12, 2023

NAME__________Microsoft Windows Common Log File System Driver privilege escalationPlatforms Affected:Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows...

Adobe InDesign information disclosure | CVE-2023-29313

July 12, 2023

Microsoft Windows MSHTML Platform privilege escalation | CVE-2023-32046

July 12, 2023

NAME__________Microsoft Windows MSHTML Platform privilege escalationPlatforms Affected:Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows 10 x32 Microsoft...

Microsoft Windows Installer privilege escalation | CVE-2023-32050

July 12, 2023

NAME__________Microsoft Windows Installer privilege escalationPlatforms Affected:Microsoft Windows Server for X64-based systems 2008 R2 SP1 Microsoft Windows Server for X64-based systems...

Adobe InDesign information disclosure | CVE-2023-29317

July 12, 2023

Microsoft Windows OLE code execution | CVE-2023-35323

July 12, 2023

NAME__________Microsoft Windows OLE code executionPlatforms Affected:Microsoft Windows Server 2022 Microsoft Windows Server (Server Core installation) 2022 Microsoft Windows 11 21H2...

Microsoft Outlook code execution | CVE-2023-33153

July 12, 2023

NAME__________Microsoft Outlook code executionPlatforms Affected:Microsoft Outlook 2013 x32 Microsoft Outlook 2013 x64 Microsoft Outlook 2016 x32 Microsoft Outlook 2016 x64...

Microsoft Windows Failover Cluster information disclosure | CVE-2023-32083

July 12, 2023

NAME__________Microsoft Windows Failover Cluster information disclosurePlatforms Affected:Microsoft Windows Server 2016 Microsoft Windows Server 2019 Microsoft Windows Server (Server Core installation)...

Vulnerabilities

Jenkins External Monitor Job Type Plugin information disclosure | CVE-2023-37942

Juniper Networks Junos OS denial of service | CVE-2023-36832

Jenkins Test Results Aggregator Plugin cross-site request forgery | CVE-2023-37955

Apache Airflow Hive Provider command execution | CVE-2023-37415

Jenkins Oracle Cloud Infrastructure Compute Plugin man-in-the-middle | CVE-2023-37948

Dassault Systemes SolidWorks buffer overflow |

Jenkins ElasticBox CI Plugin security bypass | CVE-2023-37965

Jenkins Rebuilder Plugin cross-site request forgery | CVE-2023-37954

Juniper Networks Junos OS denial of service | CVE-2023-36831

Dassault Systemes SolidWorks buffer overflow | CVE-2023-2763

Juniper Networks Junos OS and Junos OS Evolved denial of service | CVE-2023-36836

Adobe InDesign information disclosure | CVE-2023-29315

Microsoft Defender privilege escalation | CVE-2023-33156

Zoom Rooms privilege escalation | CVE-2023-34118

Microsoft Windows Kernel privilege escalation | CVE-2023-35356

Sensormatic Electronics iSTAR security bypass | CVE-2023-3127

Microsoft Windows Common Log File System Driver privilege escalation | CVE-2023-35299

Adobe InDesign information disclosure | CVE-2023-29313

Microsoft Windows MSHTML Platform privilege escalation | CVE-2023-32046

Microsoft Windows Installer privilege escalation | CVE-2023-32050

Adobe InDesign information disclosure | CVE-2023-29317

Microsoft Windows OLE code execution | CVE-2023-35323

Microsoft Outlook code execution | CVE-2023-33153

Microsoft Windows Failover Cluster information disclosure | CVE-2023-32083

[LOCKBIT3] – Ransomware Victim: gruppozaccaria[.]it

[FOG] – Ransomware Victim: Karadeniz Holding (karadenizholding[.]com)

[RANSOMHUB] – Ransomware Victim: www[.]origene[.]com

[RANSOMHUB] – Ransomware Victim: www[.]wongfleming[.]com

[FUNKSEC] – Ransomware Victim: fasttrackcargo[.]com

You may have missed