Black Basta Ransomware Victim: Bernd Hösele Group
Black Basta Ransomware NOTE: No files or stolen information are by RedPacket Security. Any legal issues relating to the content...
Don’t panic! “Unpatchable” Mac vulnerability discovered
Researchers at MIT’s Computer Science & Artificial Intelligence Lab (CSAIL) found an attack surface in a hardware-level security mechanism utilized...
NocoDB security bypass | CVE-2022-2064
NAME NocoDB security bypass Platforms Affected:NocoDB NocoDB 0.91.8Risk Level:9.1Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION NocoDB could allow a remote authenticated attacker to bypass...
Sourcecodester Money Transfer Management System | CVE-2021-44582
NAME Sourcecodester Money Transfer Management System Platforms Affected:Sourcecodester Money Transfer Management System 1.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION Sourcecodester Money Transfer Management...
Apache Hadoop buffer overflow | CVE-2021-37404
NAME Apache Hadoop buffer overflow Platforms Affected:Apache Hadoop 2.9.0 Apache Hadoop 3.0.0 Apache Hadoop 3.2.0 Apache Hadoop 2.10.1 Apache Hadoop...
Biscuit security bypass | CVE-2022-31053
NAME Biscuit security bypass Platforms Affected:Biscuit Biscuit 1.0.0 Biscuit Biscuit 1.1.0Risk Level:9.8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION Biscuit could allow a remote attacker...
NocoDB privilege escalation | CVE-2022-2063
NAME NocoDB privilege escalation Platforms Affected:NocoDB NocoDB 0.91.7Risk Level:9Exploitability:Proof of ConceptConsequences:Gain Privileges DESCRIPTION NocoDB could allow a remote authenticated attacker...
Powertek PDU Firmware information disclosure | CVE-2022-33174
NAME Powertek PDU Firmware information disclosure Platforms Affected:Powertek PDU firmware 3.30.17Risk Level:8.8Exploitability:UnprovenConsequences:Obtain Information DESCRIPTION Powertek PDU Firmware could allow a...
Dell SupportAssist Client Consumer and Dell SupportAssist Client Commercial cross-site scripting | CVE-2022-29095
NAME Dell SupportAssist Client Consumer and Dell SupportAssist Client Commercial cross-site scripting Platforms Affected:Dell SupportAssist Client Consumer 3.8 Dell SupportAssist...
Powertek PDU Firmware security bypass | CVE-2022-33175
NAME Powertek PDU Firmware security bypass Platforms Affected:Powertek PDU firmware 3.30.17Risk Level:9.8Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION Powertek PDU Firmware could allow a...
NocoDB server-side request forgery | CVE-2022-2062
NAME NocoDB server-side request forgery Platforms Affected:NocoDB NocoDB 0.91.7Risk Level:9.1Exploitability:Proof of ConceptConsequences:Gain Access DESCRIPTION NocoDB is vulnerable to server-side request...
Envoy denial of service | CVE-2022-29226
NAME Envoy denial of service Platforms Affected:Envoy Envoy 1.22.0Risk Level:10Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION Envoy could allow a remote attacker to bypass...
Dolibarr ERP/CRM cross-site scripting | CVE-2022-2060
NAME Dolibarr ERP/CRM cross-site scripting Platforms Affected:Dolibarr Dolibarr ERP/CRM 3.0.0 Dolibarr Dolibarr ERP/CRM 3.3.1 Dolibarr Dolibarr ERP/CRM 3.5.3 Dolibarr Dolibarr...
Couchbase Sync Gateway privilege escalation | CVE-2022-32563
NAME Couchbase Sync Gateway privilege escalation Platforms Affected:Couchbase Sync Gateway 3.0.1Risk Level:8.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION Couchbase Sync Gateway could allow a...
Lepin EP-KP001 security bypass | CVE-2022-29948
NAME Lepin EP-KP001 security bypass Platforms Affected:Lepin EP-KP001 KP001_V19Risk Level:8.2Exploitability:UnprovenConsequences:Bypass Security DESCRIPTION Lepin EP-KP001 could allow a remote attacker to...
ITarian platform (SAAS / on-premise) code execution | CVE-2022-25152
NAME ITarian platform (SAAS / on-premise) code execution Platforms Affected:ITarian platform (SAAS / on-premise)Risk Level:9.9Exploitability:UnprovenConsequences:Gain Access DESCRIPTION ITarian platform (SAAS...
