Node.js tbgo7 module code execution |
NAME Node.js tbgo7 module code execution Platforms Affected:Node.js tbgo7Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js tbgo7 module could allow a remote attacker...
Node.js sync-snippet-action module code execution |
NAME Node.js sync-snippet-action module code execution Platforms Affected:Node.js sync-snippet-actionRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js sync-snippet-action module could allow a remote attacker...
Doctor’s Appointment System cross-site scripting | CVE-2022-36203
NAME Doctor's Appointment System cross-site scripting Platforms Affected:Sourcecodester Doctor's Appointment System 1.0Risk Level:9.6Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Doctor's Appointment System is vulnerable...
Google Chrome Browser Creation code execution | CVE-2022-2998
NAME Google Chrome Browser Creation code execution Platforms Affected:Google Chrome LTS 96Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Google Chrome could allow a...
Node.js tolbichgo module code execution |
NAME Node.js tolbichgo module code execution Platforms Affected:Node.js tolbichgoRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js tolbichgo module could allow a remote attacker...
Node.js st6 module code execution |
NAME Node.js st6 module code execution Platforms Affected:Node.js st6Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js st6 module could allow a remote attacker...
FLEXLAN FX3000 series and FLEXLAN FX2000 series command execution | CVE-2022-36158
NAME FLEXLAN FX3000 series and FLEXLAN FX2000 series command execution Platforms Affected:Contec FLEXLAN FX2000 1.38.00 Contec FLEXLAN FX3000 1.15.00Risk Level:8Exploitability:UnprovenConsequences:Gain...
FLEXLAN FX3000 series and FLEXLAN FX2000 series default account | CVE-2022-36159
NAME FLEXLAN FX3000 series and FLEXLAN FX2000 series default account Platforms Affected:Contec FLEXLAN FX2000 1.38.00 Contec FLEXLAN FX3000 1.15.00Risk Level:8.8Exploitability:UnprovenConsequences:Gain...
Node.js axelar-signing-relayer module code execution |
NAME Node.js axelar-signing-relayer module code execution Platforms Affected:Node.js pratikyadavpackRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js axelar-signing-relayer module could allow a remote attacker...
Node.js sync-snippet-action module code execution |
NAME Node.js sync-snippet-action module code execution Platforms Affected:Node.js uasdkRisk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js sync-snippet-action module could allow a remote attacker...
Node.js st7 module code execution |
NAME Node.js st7 module code execution Platforms Affected:Node.js st7Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Node.js st7 module could allow a remote attacker...
Attack infrastructure used in Cisco hack linked to Evil Corp affiliate
Researchers discovered that the infrastructure used in Cisco hack was the same used to target a Workforce Management Solution firm....
Daily Vulnerability Trends: Fri Sep 02 2022
Daily Vulnerability Trends (sourced from VulnMon) CVE NAMECVE DescriptionCVE-2022-2544The Ninja Job Board WordPress plugin before 1.3.3 does not protect the...
Researchers analyzed a new JavaScript skimmer used by Magecart threat actors
Researchers from Cyble analyzed a new, highly evasive JavaScript skimmer used by Magecart threat actors. Cyble Research & Intelligence Labs...
Metaverse Broadband Infrastructure Security
The metaverse is coming—but what does that mean for network infrastructure? We explore expected changes, network challenges, and tips for...
HIVE Ransomware Victim: NCG Medical
HIVE Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content of...
HackerOne Bug Bounty Disclosure: api-key-reported-in-#1465145-not-rotated-and-thus-is-still-valid-and-can-be-used-by-anyonebyaneeeketh
Programme HackerOne Adobe Adobe Submitted by aneeeketh aneeeketh Report API Key reported in #1465145 not rotated and thus is still...
HackerOne Bug Bounty Disclosure: any-expired-reset-password-link-can-still-be-used-to-reset-the-passwordbymrccrqr
Programme HackerOne Acronis Acronis Submitted by mrccrqr mrccrqr Report Any expired reset password link can still be used to reset...
CISA: CISA releases two Industrial Control Systems Advisories
CISA releases two Industrial Control Systems Advisories CISA has released two Industrial Control Systems (ICS) advisories on September 01, 2022....
Ragnar Locker ransomware gang claims to have stolen data from TAP Air Portugal
The Ragnar Locker ransomware gang claims to have hacked the Portuguese state-owned flag carrier airline TAP Air Portugal and stolen...
1,859 Android and iOS apps were containing hard-coded Amazon AWS credentials
Researchers discovered 1,859 Android and iOS apps containing hard-coded Amazon Web Services (AWS) credentials. Researchers from Broadcom Symantec’s Threat Hunter...
Autodeauth – A Tool Built To Automatically Deauth Local Networks
A tool built to automatically deauth local networks Tested on Raspberry Pi OS and Kali Linux Setup $ chmod +x...
Cobalt Stike Beacon Detected – 54[.]221[.]105[.]212:2221
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 175[.]178[.]86[.]45:8443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
