Specially crafted emails could crash Cisco ESA devices
Cisco warns of a DoS issue affecting its Email Security Appliance (ESA) product that could be exploited using specially crafted...
European Data Protection Supervisor call for bans on surveillance spyware like Pegasus
The European Data Protection Supervisor authority called for a ban on the development and the use of Pegasus-like commercial spyware....
Snaffler – A Tool For Pentesters To Help Find Delicious Candy
Snaffler is a tool for pentesters to help find delicious candy needles (creds mostly, but it's flexible) in a bunch...
Cobalt Stike Beacon Detected – 114[.]29[.]255[.]45:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
Cobalt Stike Beacon Detected – 185[.]233[.]39[.]195:443
The Information provided at the time of posting was detected as "Cobalt Strike". Depending on when you are viewing this...
New Kraken botnet is allowing operators to earn USD 3,000 every month
Researchers spotted a new Golang-based botnet called Kraken that is under active development and supports a lot of backdoor capabilities. Kraken is...
Vicidial cross-site scripting | CVE-2021-46557
NAME Vicidial cross-site scripting Platforms Affected:Vicidial Vicidial 2.14-783aRisk Level:7.2Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Vicidial is vulnerable to multiple cross-site scripting, caused by...
crossbeam-utils code execution | CVE-2022-23639
NAME crossbeam-utils code execution Platforms Affected:crossbeam-utils crossbeam-utils 0.8.6Risk Level:9.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION crossbeam-utils could allow a remote attacker to execute arbitrary...
Jenkins Team Views Plugin cross-site scripting | CVE-2022-25203
NAME Jenkins Team Views Plugin cross-site scripting Platforms Affected:Jenkins Team Views Plugin 0.9.0Risk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Jenkins Team Views Plugin...
Jenkins Pipeline: Shared Groovy Libraries Plugin code execution | CVE-2022-25182
NAME Jenkins Pipeline: Shared Groovy Libraries Plugin code execution Platforms Affected:Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION...
Jenkins Generic Webhook Trigger Plugin cross-site scripting | CVE-2022-25185
NAME Jenkins Generic Webhook Trigger Plugin cross-site scripting Platforms Affected:Jenkins Generic Webhook Trigger Plugin 1.81Risk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Jenkins Generic...
Flatpress cross-site scripting | CVE-2022-24588
NAME Flatpress cross-site scripting Platforms Affected:Flatpress Flatpress 1.2.1Risk Level:7.2Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Flatpress is vulnerable to multiple cross-site scripting, caused by...
Jenkins Pipeline: Groovy Plugin code execution | CVE-2022-25183
NAME Jenkins Pipeline: Groovy Plugin code execution Platforms Affected:Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Jenkins Pipeline:...
Jenkins Pipeline: Shared Groovy Libraries Plugin code execution | CVE-2022-25181
NAME Jenkins Pipeline: Shared Groovy Libraries Plugin code execution Platforms Affected:Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION...
Jenkins Pipeline: Shared Groovy Libraries Plugin command execution | CVE-2022-25174
NAME Jenkins Pipeline: Shared Groovy Libraries Plugin command execution Platforms Affected:Jenkins Pipeline: Shared Groovy Libraries Plugin 552.vd9cc05b8a2e1Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION...
VMware NSX Data Center for vSphere code execution | CVE-2022-22945
NAME VMware NSX Data Center for vSphere code execution Platforms Affected:VMware NSX Data Center for vSphereRisk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION VMware...
Western Digital MyCloud PR4100 code execution |
NAME Western Digital MyCloud PR4100 code execution Platforms Affected:Western Digital My Cloud PR4100Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Western Digital MyCloud PR4100...
Jenkins Agent Server Parameter Plugin cross-site scripting | CVE-2022-25191
NAME Jenkins Agent Server Parameter Plugin cross-site scripting Platforms Affected:Jenkins Agent Server Parameter Plugin 1.0Risk Level:8Exploitability:HighConsequences:Cross-Site Scripting DESCRIPTION Jenkins Agent...
Mozilla Thunderbird code execution | CVE-2022-0566
NAME Mozilla Thunderbird code execution Platforms Affected:Mozilla Thunderbird 91.6.0Risk Level:8.8Exploitability:UnprovenConsequences:Gain Access DESCRIPTION Mozilla Thunderbird could allow a remote attacker to...
VMware ESXi, Workstation and Fusion code execution | CVE-2021-22041
NAME VMware ESXi, Workstation and Fusion code execution Platforms Affected:VMware ESXi 6.5 VMware ESXi 6.7 VMware ESXi 7.0 VMware Cloud...
VMware ESXi privilege escalation | CVE-2021-22043
NAME VMware ESXi privilege escalation Platforms Affected:VMware ESXi 6.5 VMware ESXi 6.7 VMware ESXi 7.0 VMware Cloud Foundation (ESXi) 3.0...
VMware ESXi unauthorized access | CVE-2021-22042
NAME VMware ESXi unauthorized access Platforms Affected:VMware ESXi 6.5 VMware ESXi 6.7 VMware ESXi 7.0 VMware Cloud Foundation (ESXi) 3.0...
TIBCO AuditSafe privilege escalation | CVE-2022-22770
NAME TIBCO AuditSafe privilege escalation Platforms Affected:TIBCO AuditSafe 1.0.0Risk Level:9.8Exploitability:UnprovenConsequences:Gain Privileges DESCRIPTION TIBCO AuditSafe could allow a remote attacker to...
Kitodo.Presentation extension for TYPO3 server-side request forgery | CVE-2022-24980
NAME Kitodo.Presentation extension for TYPO3 server-side request forgery Platforms Affected:TYPO3 Kitodo.Presentation Extension for TYPO3 3.3.0 TYPO3 Kitodo.Presentation Extension for TYPO3...
