CISA: CISA Releases Three Industrial Control Systems Advisories
CISA Releases Three Industrial Control Systems Advisories CISA released three Industrial Control Systems (ICS) advisories on October 3, 2024. These...
[RANSOMHUB] – Ransomware Victim: canstarrestorations[.]com
Ransomware Group: RANSOMHUB VICTIM NAME: canstarrestorationscom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
[RANSOMHUB] – Ransomware Victim: www[.]ravencm[.]com
Ransomware Group: RANSOMHUB VICTIM NAME: wwwravencmcom NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
CVE Alert: CVE-2024-9375
Vulnerability Summary: CVE-2024-9375 The WordPress Captcha Plugin by Captcha Bank plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due...
CVE Alert: CVE-2024-9372
Vulnerability Summary: CVE-2024-9372 The WP Blocks Hub plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads...
CVE Alert: CVE-2024-9445
Vulnerability Summary: CVE-2024-9445 The Display Medium Posts plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's display_medium_posts...
CVE Alert: CVE-2024-9368
Vulnerability Summary: CVE-2024-9368 The Aggregator Advanced Settings plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads...
CVE Alert: CVE-2024-9353
Vulnerability Summary: CVE-2024-9353 The Popularis Extra plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of...
CVE Alert: CVE-2024-6442
Vulnerability Summary: CVE-2024-6442 In ascs_cp_rsp_add in /subsys/bluetooth/audio/ascs.c, an unchecked tailroom could lead to a global buffer overflow. Affected Endpoints: No...
CVE Alert: CVE-2024-9242
Vulnerability Summary: CVE-2024-9242 The Memberful – Membership Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's...
CVE Alert: CVE-2024-47854
Vulnerability Summary: CVE-2024-47854 A vulnerability was discovered in Veritas Data Insight before 7.1. It allows a remote attacker to inject...
CVE Alert: CVE-2024-9421
Vulnerability Summary: CVE-2024-9421 The Login Logout Shortcode plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'class' parameter...
CVE Alert: CVE-2024-8804
Vulnerability Summary: CVE-2024-8804 The Code Embed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's script embed...
HackerOne Bug Bounty Disclosure: idor-at-mtnmobad-mtnbusiness-com-ng-leads-to-pii-leakage-hazemhussien
Company Name: MTN Group Company HackerOne URL: https://hackerone.com/mtn_group Submitted By:hazemhussien99Link to Submitters Profile:https://hackerone.com/hazemhussien99 Report Title:IDOR at mtnmobadmtnbusinesscomng leads to PII...
HackerOne Bug Bounty Disclosure: reflected-xss-in-hxxps-nin-mtn-ng-nin-success-message-lol-nin-vulnerable-hazemhussien
Company Name: MTN Group Company HackerOne URL: https://hackerone.com/mtn_group Submitted By:hazemhussien99Link to Submitters Profile:https://hackerone.com/hazemhussien99 Report Title:Reflected XSS in hXXps://ninmtnng/nin/success?message=lol&nin=Report Link:https://hackerone.com/reports/2039384Date Submitted:05...
[HUNTERS] – Ransomware Victim: Ibermutuamur
Ransomware Group: HUNTERS VICTIM NAME: Ibermutuamur NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating...
CVE Alert: CVE-2024-9071
Vulnerability Summary: CVE-2024-9071 The Easy Demo Importer – A Modern One-Click Demo Import Solution plugin for WordPress is vulnerable to...
CVE Alert: CVE-2024-9435
Vulnerability Summary: CVE-2024-9435 The ShiftController Employee Shift Scheduling plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via URL keys...
CVE Alert: CVE-2024-6444
Vulnerability Summary: CVE-2024-6444 No proper validation of the length of user input in olcp_ind_handler in zephyr/subsys/bluetooth/services/ots/ots_client.c. Affected Endpoints: No affected...
CVE Alert: CVE-2024-6443
Vulnerability Summary: CVE-2024-6443 In utf8_trunc in zephyr/lib/utils/utf8.c, last_byte_p can point to one byte before the string pointer if the string...
CVE Alert: CVE-2024-9306
Vulnerability Summary: CVE-2024-9306 The WP Booking Calendar plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in...
CVE Alert: CVE-2024-9481
Vulnerability Summary: CVE-2024-9481 An out-of-bounds write in the engine module in AVG/Avast Antivirus signature
CVE Alert: CVE-2024-8499
Vulnerability Summary: CVE-2024-8499 The Checkout Field Editor (Checkout Manager) for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting...
CVE Alert: CVE-2024-9271
Vulnerability Summary: CVE-2024-9271 The Re:WP plugin for WordPress is vulnerable to Stored Cross-Site Scripting via SVG File uploads in all...