Apache OFBiz code execution | CVE-2022-29063
NAME Apache OFBiz code execution Platforms Affected:Apache OFBiz 18.12.05Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Apache OFBiz could allow a remote attacker to...
Node.js pqc.js module code execution |
NAME Node.js pqc.js module code execution Platforms Affected:Node.js pqc.jsRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js pqc.js module could allow a remote attacker...
Node.js s3-state-action module code execution |
NAME Node.js s3-state-action module code execution Platforms Affected:Node.js s3-state-actionRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js s3-state-action module could allow a remote attacker...
Node.js nsmalkasm module code execution |
NAME Node.js nsmalkasm module code execution Platforms Affected:Node.js nsmalkasmRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js nsmalkasm module could allow a remote attacker...
Node.js node-network-listener module code execution |
NAME Node.js node-network-listener module code execution Platforms Affected:Node.js node-network-listenerRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js node-network-listener module could allow a remote attacker...
Apache OFBiz directory traversal | CVE-2022-25371
NAME Apache OFBiz directory traversal Platforms Affected:Apache OFBiz 18.12.05Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Apache OFBiz could allow a remote attacker to...
Node.js outsystems-maps module code execution |
NAME Node.js outsystems-maps module code execution Platforms Affected:Node.js outsystems-mapsRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js outsystems-maps module could allow a remote attacker...
Node.js shda module code execution |
NAME Node.js shda module code execution Platforms Affected:Node.js shdaRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js shda module could allow a remote attacker...
Node.js shutterstock-cli module code execution |
NAME Node.js shutterstock-cli module code execution Platforms Affected:Node.js shutterstock-cliRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js shutterstock-cli module could allow a remote attacker...
Open-Xchange OX App Suite code execution | CVE-2022-29851
NAME Open-Xchange OX App Suite code execution Platforms Affected:Open-Xchange OX App Suite 7.10.5 Open-Xchange OX App Suite 7.10.6Risk Level:8.2Exploitability:UnprovenConsequences:Gain Access...
Node.js nativessss module code execution |
NAME Node.js nativessss module code execution Platforms Affected:Node.js nativessssRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js nativessss module could allow a remote attacker...
Daily Vulnerability Trends: Sat Sep 03 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-36804Multiple API endpoints in Atlassian Bitbucket Server and Data Center 7.0.0 before...
Samsung discloses a second data breach this year
Electronics giant Samsung has confirmed a new data breach after some of its US systems were compromised in July. After...
HIVE Ransomware Victim: Eurocell
HIVE Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
Buzzing in the Background: BumbleBee, a New Modular Backdoor Evolved From BookWorm
In March 2021, we investigated a backdoor with a unique modular architecture and called it BumbleBee due to a string...
The Prynt Stealer malware contains a secret backdoor. Crooks steal data from other cybercriminals
The information-stealing malware Prynt Stealer contains a backdoor that allows stealing the data it has infiltrated from victims. Zscaler researchers...
LockBit 3.0 Ransomware Victim: peakinternational[.]com
LockBit 3.0 Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
HackerOne Bug Bounty Disclosure: wordpress-users-disclosure-from-json-and-xml-filebydrak3hft7
Programme HackerOne MTN Group MTN Group Submitted by drak3hft7 drak3hft7 Report Wordpress users disclosure from json and xml file Full...
CISA: Mozilla Releases Security Update for Thunderbird
Mozilla Releases Security Update for Thunderbird Mozilla has released security update to address a vulnerability in Thunderbird. An attacker could...
CISA: CISA, NSA, and ODNI Release Part One of Guidance on Securing the Software Supply Chain
CISA, NSA, and ODNI Release Part One of Guidance on Securing the Software Supply Chain CISA, the National Security Agency...
Another Ransomware For Linux Likely In Development
Uptycs researchers recently spotted a new Linux ransomware that appears to be under active development. The Uptycs Threat Research team...
Experts link Raspberry Robin Malware to Evil Corp cybercrime gang
Researchers attribute the Raspberry Robin malware to the Russian cybercrime group known as Evil Corp group. IBM Security X-Force researchers...
Aced – Tool to parse and resolve a single targeted Active Directory principal’s DACL
Aced is a tool to parse and resolve a single targeted Active Directory principal's DACL. Aced will identify interesting inbound...
Google Chrome issue allows overwriting the clipboard content
A security issue in the Google Chrome browser could allow malicious web pages to automatically overwrite clipboard content. A vulnerability...
