RedPacket Security - InfoSec News & Tutorials

Cobalt Strike Beacon Detected – 47[.]90[.]142[.]15:5432

December 20, 2024

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

CVE Alert: CVE-2024-52361

December 19, 2024

Vulnerability Summary: CVE-2024-52361 IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9 stores user credentials in plain text which can...

CVE Alert: CVE-2024-47810

December 19, 2024

Vulnerability Summary: CVE-2024-47810 A use-after-free vulnerability exists in the way Foxit Reader 2024.3.0.26795 handles a 3D page object. A specially...

CVE Alert: CVE-2024-45082

December 19, 2024

Vulnerability Summary: CVE-2024-45082 IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.3 could allow a remote attacker to conduct...

CVE Alert: CVE-2024-49576

December 19, 2024

Vulnerability Summary: CVE-2024-49576 A use-after-free vulnerability exists in the way Foxit Reader 2024.3.0.26795 handles a checkbox CBF_Widget object. A specially...

CVE Alert: CVE-2024-47119

December 19, 2024

Vulnerability Summary: CVE-2024-47119 IBM Storage Defender - Resiliency Service 2.0.0 through 2.0.9 does not properly validate a certificate which could...

CVE Alert: CVE-2024-55086

December 19, 2024

Vulnerability Summary: CVE-2024-55086 In the GetSimple CMS CE 3.3.19 management page, Server-Side Request Forgery (SSRF) can be achieved in the...

CVE Alert: CVE-2024-41752

December 19, 2024

Vulnerability Summary: CVE-2024-41752 IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.3 is vulnerable to HTML injection. A remote...

CVE Alert: CVE-2024-25042

December 19, 2024

Vulnerability Summary: CVE-2024-25042 IBM Cognos Analytics 11.2.0 through 11.2.4 and 12.0.0 through 12.0.3 is potentially vulnerable to Cross Site Scripting...

CVE Alert: CVE-2024-55492

December 19, 2024

Vulnerability Summary: CVE-2024-55492 Winmail Server 4.4 is vulnerable to f_user=%22%3E%3Csvg%20onload Cross Site Scripting (XSS). Affected Endpoints: No affected endpoints listed....

CVE Alert: CVE-2024-54383

December 19, 2024

Vulnerability Summary: CVE-2024-54383 Incorrect Privilege Assignment vulnerability in wpweb WooCommerce PDF Vouchers allows Privilege Escalation.This issue affects WooCommerce PDF Vouchers:...

HackerOne Bug Bounty Disclosure: bypass-of-this-fixed-inadequate-protocol-restriction-enforcement-in-curl-hackeriron

December 19, 2024

Company Name: curl Company HackerOne URL: https://hackerone.com/curl Submitted By:hackeriron1Link to Submitters Profile:https://hackerone.com/hackeriron1 Report Title:bypass of this Fixed #2437131 Report Link:https://hackerone.com/reports/2905552Date...

CVE Alert: CVE-2024-56052

December 19, 2024

Vulnerability Summary: CVE-2024-56052 Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS allows Upload a Web Shell to...

CVE Alert: CVE-2024-54381

December 19, 2024

Vulnerability Summary: CVE-2024-54381 Missing Authorization vulnerability in theDotstore Advance Menu Manager.This issue affects Advance Menu Manager: from n/a through 3.1.1....

CVE Alert: CVE-2024-56051

December 19, 2024

Vulnerability Summary: CVE-2024-56051 Improper Control of Generation of Code ('Code Injection') vulnerability in VibeThemes WPLMS allows Code Injection.This issue affects...

CVE Alert: CVE-2024-56049

December 19, 2024

Vulnerability Summary: CVE-2024-56049 Path Traversal: '.../...//' vulnerability in VibeThemes WPLMS allows Path Traversal.This issue affects WPLMS: from n/a before 1.9.9.5.2....

CVE Alert: CVE-2024-56050

December 19, 2024

Vulnerability Summary: CVE-2024-56050 Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS allows Upload a Web Shell to...

CVE Alert: CVE-2024-56048

December 19, 2024

Vulnerability Summary: CVE-2024-56048 Missing Authorization vulnerability in VibeThemes WPLMS allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects WPLMS:...

CVE Alert: CVE-2024-56055

December 19, 2024

Vulnerability Summary: CVE-2024-56055 Path Traversal: '.../...//' vulnerability in VibeThemes WPLMS allows Path Traversal.This issue affects WPLMS: from n/a before 1.9.9.5.2....

CVE Alert: CVE-2024-56057

December 19, 2024

Vulnerability Summary: CVE-2024-56057 Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS allows Upload a Web Shell to...

CVE Alert: CVE-2024-56047

December 19, 2024

Vulnerability Summary: CVE-2024-56047 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in VibeThemes WPLMS allows...

CVE Alert: CVE-2024-56054

December 19, 2024

Vulnerability Summary: CVE-2024-56054 Unrestricted Upload of File with Dangerous Type vulnerability in VibeThemes WPLMS allows Upload a Web Shell to...

Cobalt Strike Beacon Detected – 124[.]222[.]164[.]43:6667

December 19, 2024

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Cobalt Strike Beacon Detected – 92[.]118[.]170[.]81:54322

December 19, 2024

The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...

Main Story

Editor’s Picks

Trending Story

Featured Story

You may have missed